urlscan.io logo urlscan.io
SecurityTrails logo

www.krem.com Open in urlscan Pro
23.66.203.93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.krem.com/
Effective URL: https://www.krem.com/
Submission: On September 12 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 138 IPs in 14 countries across 139 domains to perform 1171 HTTP transactions. The main IP is 23.66.203.93, located in Edison, United States and belongs to AKAMAI-AS, US. The main domain is www.krem.com. The Cisco Umbrella rank of the primary domain is 303831.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 18th 2021. Valid for: a year.
This is the only time www.krem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 57 23.66.203.93 16625 (AKAMAI-AS)
8 2606:4700::68... 13335 (CLOUDFLAR...)
19 2607:f8b0:400... 15169 (GOOGLE)
30 23.66.228.147 16625 (AKAMAI-AS)
9 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 2606:4700:440... 13335 (CLOUDFLAR...)
10 2607:f8b0:400... 15169 (GOOGLE)
2 20.62.59.39 8075 (MICROSOFT...)
2 23.208.216.220 16625 (AKAMAI-AS)
4 104.117.182.178 20940 (AKAMAI-ASN1)
17 2607:f8b0:400... 15169 (GOOGLE)
1 13.225.214.104 16509 (AMAZON-02)
1 40 151.101.193.44 54113 (FASTLY)
16 54.230.160.93 16509 (AMAZON-02)
12 23.200.168.205 16625 (AKAMAI-AS)
20 2607:f8b0:400... 15169 (GOOGLE)
1 13.226.39.98 16509 (AMAZON-02)
2 6 108.139.47.108 16509 (AMAZON-02)
7 23.55.166.107 20940 (AKAMAI-ASN1)
37 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 99.84.119.113 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 4 35.156.34.146 16509 (AMAZON-02)
37 168 142.251.40.162 15169 (GOOGLE)
10 11 169.60.66.35 36351 (SOFTLAYER)
1 141.95.98.70 16276 (OVH)
1 2607:f8b0:400... 15169 (GOOGLE)
1 52.85.61.52 16509 (AMAZON-02)
13 18.158.221.162 16509 (AMAZON-02)
10 104.36.115.111 62713 (AS-PUBMATIC)
11 33 104.18.19.126 13335 (CLOUDFLAR...)
10 74.119.119.129 19750 (AS-CRITEO)
10 44.196.67.133 14618 (AMAZON-AES)
10 108.139.29.89 16509 (AMAZON-02)
62 159.89.246.130 14061 (DIGITALOC...)
10 3.221.20.69 14618 (AMAZON-AES)
9 34.206.27.177 14618 (AMAZON-AES)
16 19 141.95.33.111 16276 (OVH)
2 12 141.226.224.48 200478 (TABOOLA-AS)
10 32 52.223.22.214 16509 (AMAZON-02)
8 52.85.61.99 16509 (AMAZON-02)
3 104.17.119.107 13335 (CLOUDFLAR...)
3 23.200.168.248 16625 (AKAMAI-AS)
3 2600:9000:216... 16509 (AMAZON-02)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
3 14 34.201.85.55 14618 (AMAZON-AES)
6 6 3.230.10.142 14618 (AMAZON-AES)
1 7 104.36.115.109 62713 (AS-PUBMATIC)
3 3 132.226.41.106 31898 (ORACLE-BM...)
18 18 35.211.178.172 15169 (GOOGLE)
1 1 23.235.251.213 19437 (SS-ASH)
3 3 135.148.35.200 16276 (OVH)
17 19 52.45.33.138 14618 (AMAZON-AES)
2 2 2600:9000:220... 16509 (AMAZON-02)
1 1 67.202.105.23 32748 (STEADFAST)
1 2 199.187.193.179 47043 (SMARTADSE...)
1 30 209.54.182.161 16509 (AMAZON-02)
18 22 68.67.160.186 29990 (ASN-APPNEX)
10 10 74.121.140.14 30419 (MEDIAMATH...)
24 31 15.197.193.217 16509 (AMAZON-02)
10 16 8.28.7.81 62713 (AS-PUBMATIC)
11 12 69.166.1.10 27630 (AS-XFERNET)
8 9 107.178.246.49 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
12 2607:f8b0:400... 15169 (GOOGLE)
2 2620:100:a001::4 19750 (AS-CRITEO)
52 2607:f8b0:400... 15169 (GOOGLE)
6 7 2620:1ec:21::14 8068 (MICROSOFT...)
2 5 104.18.99.194 13335 (CLOUDFLAR...)
2 2 34.194.119.3 14618 (AMAZON-AES)
6 10 2600:1f18:4e9... 14618 (AMAZON-AES)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
12 12 64.202.112.31 22075 (AS-OUTBRAIN)
7 11 184.50.205.90 16625 (AKAMAI-AS)
5 5 185.167.164.49 198622 (ADFORM)
2 2 18.233.161.105 14618 (AMAZON-AES)
8 46 104.18.18.126 13335 (CLOUDFLAR...)
4 14 23.1.200.83 16625 (AKAMAI-AS)
10 15 34.98.64.218 15169 (GOOGLE)
24 18.164.96.81 16509 (AMAZON-02)
7 7 34.193.80.51 14618 (AMAZON-AES)
17 20 69.173.151.100 26667 (RUBICONPR...)
3 88.214.206.142 46636 (NATCOWEB)
14 14 162.248.18.11 62713 (AS-PUBMATIC)
4 4 34.196.184.213 14618 (AMAZON-AES)
8 24 8.28.7.83 62713 (AS-PUBMATIC)
14 14 2606:ae80:145... 26762 (CNVR-US-EAST)
5 5 104.36.115.114 62713 (AS-PUBMATIC)
9 9 207.198.113.89 13768 (COGECO-PEER1)
6 9 18.235.231.13 14618 (AMAZON-AES)
3 23.208.216.126 16625 (AKAMAI-AS)
3 7 34.214.92.193 16509 (AMAZON-02)
4 7 35.190.60.146 15169 (GOOGLE)
3 50.19.42.95 14618 (AMAZON-AES)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
4 2a02:6ea0:c40... 60068 (CDN77 ^_^)
8 8 145.40.88.5 54825 (PACKET)
3 37.157.6.252 198622 (ADFORM)
13 14 63.251.114.137 32475 (SINGLEHOP...)
10 11 44.209.207.157 14618 (AMAZON-AES)
6 6 199.38.167.129 54312 (ROCKETFUEL)
9 9 35.227.252.103 15169 (GOOGLE)
1 4 8.2.111.121 46636 (NATCOWEB)
4 7 199.187.193.204 47043 (SMARTADSE...)
6 52.85.61.128 16509 (AMAZON-02)
11 104.36.115.121 62713 (AS-PUBMATIC)
4 8 2620:100:a001::c 19750 (AS-CRITEO)
12 12 199.127.204.142 26120 (RHYTHMONE)
1 1 52.52.146.103 16509 (AMAZON-02)
1 1 35.171.5.179 14618 (AMAZON-AES)
3 3 34.96.71.22 15169 (GOOGLE)
2 2 34.195.174.165 14618 (AMAZON-AES)
4 4 54.225.153.167 14618 (AMAZON-AES)
2 6 151.101.66.49 54113 (FASTLY)
2 54.163.73.10 14618 (AMAZON-AES)
2 18.210.205.140 14618 (AMAZON-AES)
2 6 198.148.27.139 19189 (PULSEPOINT)
2 3 169.197.150.8 398989 (DEEPINTENT)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
2 3 2620:112:f002... 6336 (TURN-US-ASN)
4 4 2620:116:800b... 27281 (QUANTCAST)
2 2 69.90.254.78 13768 (COGECO-PEER1)
1 2 18.233.196.70 14618 (AMAZON-AES)
7 2607:f8b0:400... 15169 (GOOGLE)
7 74.119.119.139 19750 (AS-CRITEO)
1 23.195.108.24 16625 (AKAMAI-AS)
5 63.251.114.182 32475 (SINGLEHOP...)
1 1 18.211.160.120 14618 (AMAZON-AES)
3 3 68.67.160.137 29990 (ASN-APPNEX)
1 22 54.87.127.173 14618 (AMAZON-AES)
2 2 35.210.53.219 19527 (GOOGLE-2)
3 4 70.42.32.255 22075 (AS-OUTBRAIN)
2 2 54.166.55.230 14618 (AMAZON-AES)
7 10 3.225.60.89 14618 (AMAZON-AES)
3 3 35.207.24.140 15169 (GOOGLE)
1 1 20.127.253.7 8075 (MICROSOFT...)
1 1 124.146.215.43 2514 (INFOSPHER...)
61 2607:f8b0:400... 15169 (GOOGLE)
2 52.85.61.121 16509 (AMAZON-02)
1 2 23.205.56.163 16625 (AKAMAI-AS)
6 142.251.35.162 15169 (GOOGLE)
1 2 52.94.222.140 16509 (AMAZON-02)
1 2001:4998:14:... 14777 (YAHOO)
1 34.120.155.137 15169 (GOOGLE)
2 52.36.124.159 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
1 199.187.193.166 47043 (SMARTADSE...)
2 2 74.119.119.150 19750 (AS-CRITEO)
4 4 54.36.150.183 16276 (OVH)
1 195.244.31.11 63140 (IGUANA-WO...)
1 31.220.27.155 39572 (ADVANCEDH...)
1 82.145.213.8 39832 (NO-OPERA)
1 1 3.219.110.236 14618 (AMAZON-AES)
1 3 2606:4700:440... 13335 (CLOUDFLAR...)
1 34.96.105.8 15169 (GOOGLE)
2 2 2600:1f18:1c9... 14618 (AMAZON-AES)
1 159.203.145.121 14061 (DIGITALOC...)
1 2a04:4e42:200... 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
1 151.101.1.194 54113 (FASTLY)
14 2404:6800:400... 15169 (GOOGLE)
4 8.28.7.84 62713 (AS-PUBMATIC)
2 2 72.251.229.176 32475 (SINGLEHOP...)
4 4 141.94.171.213 16276 (OVH)
2 2 52.0.156.250 14618 (AMAZON-AES)
2 2 35.201.96.126 15169 (GOOGLE)
1 162.248.18.10 62713 (AS-PUBMATIC)
1 2 50.57.31.206 19994 (RACKSPACE)
1 143.204.146.27 16509 (AMAZON-02)
1 35.169.70.139 14618 (AMAZON-AES)
1 1 52.5.51.141 14618 (AMAZON-AES)
1 2 4.78.226.233 3356 (LEVEL3)
2 2 54.84.62.20 14618 (AMAZON-AES)
7 8 35.169.131.238 14618 (AMAZON-AES)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 23.217.18.198 16625 (AKAMAI-AS)
1 1 139.162.78.222 63949 (LINODE-AP...)
1 5.161.47.120 213230 (HETZNER-C...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 34.102.163.6 15169 (GOOGLE)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 1 74.222.140.101 35908 (VPLSNET)
1 2 35.171.38.224 14618 (AMAZON-AES)
1 1 34.102.253.54 15169 (GOOGLE)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 151.101.129.44 54113 (FASTLY)
12 2607:f8b0:400... ()
6 172.253.115.155 ()
6 6 2607:f8b0:400... ()
12 2607:f8b0:402... ()
14 14 162.19.80.92 ()
1 2600:1f18:612... ()
3 4 69.12.8.74 ()
1171 138
57    23.66.203.93 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-203-93.deploy.static.akamaitechnologies.com
www.krem.com
8    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
19    2607:f8b0:4006:817::2004 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
www.google.com
30    23.66.228.147 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-228-147.deploy.static.akamaitechnologies.com
media.krem.com
9    2600:141b:13::17d7:8280 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
amp.akamaized.net
1    2606:4700:4400::ac40:929e (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
10    2607:f8b0:4006:80b::2003 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
www.google.ca
2    20.62.59.39 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tgna-ux-east2.service.signalr.net
2    23.208.216.220 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-216-220.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
4    104.117.182.178 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-178.deploy.static.akamaitechnologies.com
livevideo.tegnadigital.com
17    2607:f8b0:4006:81e::2003 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    13.225.214.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-104.ewr50.r.cloudfront.net
native.sharethrough.com
40    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
widget.perfectmarket.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprnjmp.taboola.com
match.taboola.com
vidstatb.taboola.com
16    54.230.160.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-160-93.ewr53.r.cloudfront.net
c.amazon-adsystem.com
12    23.200.168.205 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-168-205.deploy.static.akamaitechnologies.com
ads.pubmatic.com
20    2607:f8b0:4006:80e::2002 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
googleads.g.doubleclick.net
adservice.google.ca
1    13.226.39.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-98.ewr53.r.cloudfront.net
cdn.opecloud.com
6    108.139.47.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-108.jfk50.r.cloudfront.net
sb.scorecardresearch.com
7    23.55.166.107 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-166-107.deploy.static.akamaitechnologies.com
livevideo01.krem.com
37    2607:f8b0:4006:817::2002 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2607:f8b0:4006:81e::200e (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    99.84.119.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-119-113.ewr52.r.cloudfront.net
ats.rlcdn.com
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
4    35.156.34.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-34-146.eu-central-1.compute.amazonaws.com
tagger.opecloud.com
168    142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
11    169.60.66.35 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 23.42.3ca9.ip4.static.sl-reverse.com
um.simpli.fi
1    141.95.98.70 (France)

ASN16276 (OVH, FR)
PTR: ns3216620.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    52.85.61.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-52.ewr53.r.cloudfront.net
geo.privacymanager.io
13    18.158.221.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-221-162.eu-central-1.compute.amazonaws.com
tegna.profiles.tagger.opecloud.com
10    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
33    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
10    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
10    44.196.67.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-67-133.compute-1.amazonaws.com
tlx.3lift.com
10    108.139.29.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-89.jfk50.r.cloudfront.net
hb.undertone.com
62    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
x.serverbid.com
10    3.221.20.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-20-69.compute-1.amazonaws.com
btlr.sharethrough.com
9    34.206.27.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-27-177.compute-1.amazonaws.com
hb.emxdgt.com
19    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
12    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
us-trc-events.taboola.com
us-match.taboola.com
us-vid-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
32    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
8    52.85.61.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-99.ewr53.r.cloudfront.net
sync.serverbid.com
3    104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
3    23.200.168.248 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-168-248.deploy.static.akamaitechnologies.com
js-sec.indexww.com
3    2600:9000:2162:e00:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
14    34.201.85.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-85-55.compute-1.amazonaws.com
match.sharethrough.com
6    3.230.10.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-10-142.compute-1.amazonaws.com
match.prod.bidr.io
7    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    132.226.41.106 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
18    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    23.235.251.213 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
3    135.148.35.200 (United States)

ASN16276 (OVH, FR)
PTR: ns1015777.ip-135-148-35.us
c.us1.dyntrk.com
gu.dyntrk.com
19    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    2600:9000:2209:3e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    199.187.193.179 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
30    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
22    68.67.160.186 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
10    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
31    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
16    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
12    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
9    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
1    2607:f8b0:4006:80b::2002 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
6    2607:f8b0:4006:80d::2002 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
12    2607:f8b0:4006:80c::2001 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
15e28e779369deefe965f5bb38f7be19.safeframe.googlesyndication.com
247a278a3953c10040512acd4e2b1350.safeframe.googlesyndication.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
52    2607:f8b0:4006:821::2001 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    104.18.99.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    34.194.119.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-119-3.compute-1.amazonaws.com
ads.creative-serving.com
10    2600:1f18:4e9:5a01:9d9d:28ed:7091:e8f1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
12    64.202.112.31 (Lovettsville, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
11    184.50.205.90 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-205-90.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
5    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    18.233.161.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-161-105.compute-1.amazonaws.com
ads.avct.cloud
46    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
14    23.1.200.83 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-200-83.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
15    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
u.openx.net
24    18.164.96.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-81.jfk50.r.cloudfront.net
usr.undertone.com
7    34.193.80.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-80-51.compute-1.amazonaws.com
pixel.advertising.com
20    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-us-east.rubiconproject.com
token.rubiconproject.com
3    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
14    162.248.18.11 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
4    34.196.184.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-184-213.compute-1.amazonaws.com
sync.ipredictive.com
24    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
14    2606:ae80:1451:12::1720 (United States)

ASN26762 (CNVR-US-EAST, US)
pubmatic-match.dotomi.com
casale-match.dotomi.com
yieldmo-match.dotomi.com
pulsepoint-match.dotomi.com
5    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
9    207.198.113.89 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
9    18.235.231.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-231-13.compute-1.amazonaws.com
sync.crwdcntrl.net
id.crwdcntrl.net
3    23.208.216.126 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-216-126.deploy.static.akamaitechnologies.com
cw.addthis.com
7    34.214.92.193 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-92-193.us-west-2.compute.amazonaws.com
dpm.demdex.net
7    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
3    50.19.42.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-42-95.compute-1.amazonaws.com
beacon.krxd.net
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
4    2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
8    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
cm.adform.net
14    63.251.114.137 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
11    44.209.207.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-207-157.compute-1.amazonaws.com
cs.emxdgt.com
e1.emxdgt.com
6    199.38.167.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
9    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
4    8.2.111.121 (United States)

ASN46636 (NATCOWEB, US)
sync.colossusssp.com
7    199.187.193.204 (Canada)

ASN47043 (SMARTADSERVER, CA)
sync.smartadserver.com
6    52.85.61.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-128.ewr53.r.cloudfront.net
yummy.consumable.com
11    104.36.115.121 (United States)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
8    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
12    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    52.52.146.103 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-146-103.us-west-1.compute.amazonaws.com
usync.vrtcal.com
1    35.171.5.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-5-179.compute-1.amazonaws.com
jadserve.postrelease.com
3    34.96.71.22 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    34.195.174.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-174-165.compute-1.amazonaws.com
sync.extend.tv
4    54.225.153.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-153-167.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
rtd-tm.everesttech.net
2    54.163.73.10 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-73-10.compute-1.amazonaws.com
rtb.gumgum.com
2    18.210.205.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-205-140.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-pm.ads.yieldmo.com
6    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
3    2606:4700::6812:c4c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
4    2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN27281 (QUANTCAST, US)
pixel.quantserve.com
cms.quantserve.com
2    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    18.233.196.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-196-70.compute-1.amazonaws.com
um2.eqads.com
7    2607:f8b0:4006:816::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    23.195.108.24 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-108-24.deploy.static.akamaitechnologies.com
contextual.media.net
5    63.251.114.182 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    18.211.160.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-160-120.compute-1.amazonaws.com
aorta.clickagy.com
3    68.67.160.137 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
22    54.87.127.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-127-173.compute-1.amazonaws.com
usersync.gumgum.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
4    70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    54.166.55.230 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-55-230.compute-1.amazonaws.com
ad.360yield.com
10    3.225.60.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-60-89.compute-1.amazonaws.com
ads.yieldmo.com
3    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    124.146.215.43 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
61    2607:f8b0:4006:81e::2006 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    52.85.61.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-121.ewr53.r.cloudfront.net
services.brid.tv
2    23.205.56.163 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-56-163.deploy.static.akamaitechnologies.com
sync.teads.tv
6    142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
googleads4.g.doubleclick.net
2    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)
ads.yahoo.com
1    34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
2    52.36.124.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-124-159.us-west-2.compute.amazonaws.com
scotiabank.demdex.net
5    2607:f8b0:4006:81e::2002 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    199.187.193.166 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
4    54.36.150.183 (Paris, France)

ASN16276 (OVH, FR)
PTR: ip183.ip-54-36-150.eu
cookie-matching.mediarithmics.com
1    195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
1    31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    3.219.110.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-110-236.compute-1.amazonaws.com
fksnk.com
3    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    2600:1f18:1c96:4102:b9ab:f4:b89e:5480 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.tidaltv.com
1    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    151.101.1.194 (United States)

ASN54113 (FASTLY, US)
clarium.global.ssl.fastly.net
14    2404:6800:4005:815::2003 (Central, Hong Kong)

ASN15169 (GOOGLE, US)
csi.gstatic.com
4    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    72.251.229.176 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
4    141.94.171.213 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh
pixel.onaudience.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loada.exelator.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    162.248.18.10 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
1    143.204.146.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-27.ewr52.r.cloudfront.net
aa.agkn.com
1    35.169.70.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-70-139.compute-1.amazonaws.com
rtb.adentifi.com
1    52.5.51.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-51-141.compute-1.amazonaws.com
sonata-notifications.taptapnetworks.com
2    4.78.226.233 (Fort Worth, United States)

ASN3356 (LEVEL3, US)
pmp.mxptint.net
2    54.84.62.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-62-20.compute-1.amazonaws.com
pm.w55c.net
8    35.169.131.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-131-238.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    2606:4700::6813:ad6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
2    23.217.18.198 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-18-198.deploy.static.akamaitechnologies.com
px.owneriq.net
1    139.162.78.222 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1558-222.members.linode.com
gocm.c.appier.net
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    74.222.140.101 (United States)

ASN35908 (VPLSNET, US)
PTR: 74.222.140.101.CUSTOMER.VPLS.NET
match.bnmla.com
2    35.171.38.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-38-224.compute-1.amazonaws.com
io.narrative.io
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
12    2607:f8b0:4006:80a::200a (None, )

ASN- ()
imasdk.googleapis.com
6    172.253.115.155 (None, )

ASN- ()
bid.g.doubleclick.net
6    2607:f8b0:4006:822::200e (None, )

ASN- ()
gcdn.2mdn.net
12    2607:f8b0:4020:1::8 (None, )

ASN- ()
r3---sn-t0a7ln7d.c.2mdn.net
14    162.19.80.92 (None, )

ASN- ()
c.eu1.dyntrk.com
1    2600:1f18:612b:4200:fd1:5892:27bc:b9b0 (None, )

ASN- ()
partners.tremorhub.com
4    69.12.8.74 (None, )

ASN- ()
sync.search.spotxchange.com
Apex Domain
Subdomains		 Transfer
175 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
cm.g.doubleclick.net — Cisco Umbrella Rank: 303
stats.g.doubleclick.net — Cisco Umbrella Rank: 188
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373
bid.g.doubleclick.net
871 KB
118 googlesyndication.com
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
15e28e779369deefe965f5bb38f7be19.safeframe.googlesyndication.com
247a278a3953c10040512acd4e2b1350.safeframe.googlesyndication.com
813 KB
104 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 713
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 702
image2.pubmatic.com — Cisco Umbrella Rank: 1557
image6.pubmatic.com — Cisco Umbrella Rank: 891
image8.pubmatic.com — Cisco Umbrella Rank: 928
simage2.pubmatic.com — Cisco Umbrella Rank: 999
image4.pubmatic.com — Cisco Umbrella Rank: 1518
t.pubmatic.com — Cisco Umbrella Rank: 5050
simage4.pubmatic.com — Cisco Umbrella Rank: 1673
aud.pubmatic.com — Cisco Umbrella Rank: 8829
341 KB
94 krem.com
www.krem.com — Cisco Umbrella Rank: 303831
media.krem.com — Cisco Umbrella Rank: 513514
livevideo01.krem.com — Cisco Umbrella Rank: 364290
4 MB
79 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 350
gcdn.2mdn.net
r3---sn-t0a7ln7d.c.2mdn.net
13 MB
79 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 755
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 709
r.casalemedia.com — Cisco Umbrella Rank: 1020
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904
dsum.casalemedia.com — Cisco Umbrella Rank: 2337
ssum.casalemedia.com — Cisco Umbrella Rank: 1950
100 KB
70 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 4936
sync.serverbid.com — Cisco Umbrella Rank: 12334
x.serverbid.com — Cisco Umbrella Rank: 12177
270 KB
53 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1042
trc.taboola.com — Cisco Umbrella Rank: 918
vidstat.taboola.com — Cisco Umbrella Rank: 2985
us-trc-events.taboola.com — Cisco Umbrella Rank: 7678
images.taboola.com — Cisco Umbrella Rank: 1875
imprnjmp.taboola.com — Cisco Umbrella Rank: 9520
us-match.taboola.com — Cisco Umbrella Rank: 9760
us-vid-events.taboola.com — Cisco Umbrella Rank: 8723
sync.taboola.com — Cisco Umbrella Rank: 1545
sync-t1.taboola.com — Cisco Umbrella Rank: 1485
match.taboola.com — Cisco Umbrella Rank: 4406
pips.taboola.com — Cisco Umbrella Rank: 397303
cds.taboola.com — Cisco Umbrella Rank: 2547
vidstatb.taboola.com — Cisco Umbrella Rank: 7760
3 MB
48 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 362
s.amazon-adsystem.com — Cisco Umbrella Rank: 415
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1274
77 KB
42 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 863
eb2.3lift.com — Cisco Umbrella Rank: 652
19 KB
40 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
775 KB
37 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 4229
cdn.undertone.com — Cisco Umbrella Rank: 9415
usr.undertone.com — Cisco Umbrella Rank: 6298
24 KB
34 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1365
eus.rubiconproject.com — Cisco Umbrella Rank: 840
pixel.rubiconproject.com — Cisco Umbrella Rank: 494
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1325
token.rubiconproject.com — Cisco Umbrella Rank: 1115
64 KB
31 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 486
15 KB
30 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 419
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 772
ads.yahoo.com — Cisco Umbrella Rank: 3595
14 KB
27 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 834
gum.criteo.com — Cisco Umbrella Rank: 458
mug.criteo.com — Cisco Umbrella Rank: 1814
dis.criteo.com — Cisco Umbrella Rank: 946
15 KB
25 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 329
secure.adnxs.com — Cisco Umbrella Rank: 725
23 KB
25 sharethrough.com
native.sharethrough.com — Cisco Umbrella Rank: 3166
btlr.sharethrough.com — Cisco Umbrella Rank: 1586
match.sharethrough.com — Cisco Umbrella Rank: 799
85 KB
25 google.com
www.google.com — Cisco Umbrella Rank: 19
adservice.google.com — Cisco Umbrella Rank: 142
72 KB
24 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1623
usersync.gumgum.com — Cisco Umbrella Rank: 3001
7 KB
24 openx.net
us-u.openx.net — Cisco Umbrella Rank: 708
rtb.openx.net — Cisco Umbrella Rank: 2282
u.openx.net — Cisco Umbrella Rank: 975
3 KB
20 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 3517
cs.emxdgt.com — Cisco Umbrella Rank: 1371
e1.emxdgt.com — Cisco Umbrella Rank: 1942
12 KB
20 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1490
id5-sync.com — Cisco Umbrella Rank: 636
42 KB
19 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
imasdk.googleapis.com
763 KB
19 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 872
ce.lijit.com — Cisco Umbrella Rank: 1411
15 KB
18 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 420
9 KB
18 opecloud.com
cdn.opecloud.com — Cisco Umbrella Rank: 10104
tagger.opecloud.com — Cisco Umbrella Rank: 4690
tegna.profiles.tagger.opecloud.com — Cisco Umbrella Rank: 40668
16 KB
17 dyntrk.com
c.us1.dyntrk.com — Cisco Umbrella Rank: 3029
gu.dyntrk.com — Cisco Umbrella Rank: 2124
c.eu1.dyntrk.com
12 KB
14 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5194
casale-match.dotomi.com — Cisco Umbrella Rank: 3934
yieldmo-match.dotomi.com — Cisco Umbrella Rank: 8854
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 12240
5 KB
12 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 9615
ads.yieldmo.com — Cisco Umbrella Rank: 985
sync-pm.ads.yieldmo.com — Cisco Umbrella Rank: 15157
5 KB
12 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 845
7 KB
12 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1632
9 KB
11 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 826
tags.bluekai.com — Cisco Umbrella Rank: 767
7 KB
11 simpli.fi
tag.simpli.fi Failed
um.simpli.fi — Cisco Umbrella Rank: 1468
5 KB
10 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 743
7 KB
10 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1267
sync.smartadserver.com — Cisco Umbrella Rank: 2430
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 842
3 KB
9 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 297
scotiabank.demdex.net — Cisco Umbrella Rank: 55710
8 KB
9 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1087
id.crwdcntrl.net — Cisco Umbrella Rank: 2151
5 KB
9 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 951
6 KB
9 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 757
1 KB
9 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 2028
idsync.rlcdn.com — Cisco Umbrella Rank: 607
api.rlcdn.com — Cisco Umbrella Rank: 1084
37 KB
9 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234
364 KB
9 akamaized.net
amp.akamaized.net — Cisco Umbrella Rank: 13711
225 KB
8 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2522
5 KB
8 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 807
6 KB
8 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1508
4 KB
8 adform.net
c1.adform.net — Cisco Umbrella Rank: 1015
cm.adform.net — Cisco Umbrella Rank: 2156
3 KB
8 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 730
137 KB
7 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1612
1 KB
7 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 894
3 KB
7 google.ca
www.google.ca — Cisco Umbrella Rank: 7394
adservice.google.ca — Cisco Umbrella Rank: 13273
2 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 838
5 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 949
rtd-tm.everesttech.net — Cisco Umbrella Rank: 3872
963 B
6 consumable.com
yummy.consumable.com — Cisco Umbrella Rank: 31674
260 KB
6 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1205
4 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 846
3 KB
6 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 942
cdn.indexww.com — Cisco Umbrella Rank: 2169
6 KB
6 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 223
4 KB
5 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 962
945 B
4 spotxchange.com
sync.search.spotxchange.com
2 KB
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 4652
2 KB
4 mediarithmics.com
cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 2651
2 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 1041
1 KB
4 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 691
cms.quantserve.com — Cisco Umbrella Rank: 1531
2 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1116
1 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1901
2 KB
4 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 3318
1 KB
4 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 7089
70 KB
4 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1659
2 KB
4 tegnadigital.com
livevideo.tegnadigital.com — Cisco Umbrella Rank: 41536
4 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1505
s.tribalfusion.com — Cisco Umbrella Rank: 3853
2 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1431
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 1268
r.turn.com — Cisco Umbrella Rank: 5065
1 KB
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1399
911 B
3 company-target.com
s.company-target.com — Cisco Umbrella Rank: 6405
735 B
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 741
1010 B
3 addthis.com
cw.addthis.com — Cisco Umbrella Rank: 4905
1 KB
3 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 2416
525 B
3 bing.com
c.bing.com — Cisco Umbrella Rank: 408
1 KB
3 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1710
2 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 811
1 KB
3 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 4811
3 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 6317
643 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1924
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1307
1 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 9671
965 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1910
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 8004
625 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 25218
2 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2381
1 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 2044
777 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1510
637 B
2 brid.tv
services.brid.tv — Cisco Umbrella Rank: 18125
82 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 848
623 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 6886
747 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 6166
562 B
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 2435
1 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 3128 Failed
mweb.ck.inmobi.com — Cisco Umbrella Rank: 6301
966 B
2 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 2906
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 1133
612 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4500
898 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 6262
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
41 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 991
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3765
33 KB
2 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1165
36 KB
2 signalr.net
tgna-ux-east2.service.signalr.net — Cisco Umbrella Rank: 53115
464 B
1 tremorhub.com
partners.tremorhub.com
183 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 4294
534 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 5242
461 B
1 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 4523
900 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 4048
291 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 8020
279 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 9837
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 3894
395 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1389
332 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 10368
322 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 2164
35 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 775
658 B
1 fastly.net
clarium.global.ssl.fastly.net — Cisco Umbrella Rank: 13281
38 KB
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 3857
59 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 4047
172 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 7488
615 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 3482
464 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 4119
46 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1563
341 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1511
839 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2942
426 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 819
622 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 6550
270 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1970
537 B
1 vrtcal.com
usync.vrtcal.com — Cisco Umbrella Rank: 51894
270 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 5748
389 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1634
537 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 7365
614 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2075
594 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1893
326 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1040
321 B
1171 139
Domain Requested by
119 cm.g.doubleclick.net 37 redirects www.krem.com
eb2.3lift.com
u.openx.net
sync-amz.ads.yieldmo.com
rtb.gumgum.com
googleads.g.doubleclick.net
eus.rubiconproject.com
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
61 s0.2mdn.net www.krem.com
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
s0.2mdn.net
57 www.krem.com 1 redirects www.krem.com
54 pagead2.googlesyndication.com e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
www.krem.com
securepubads.g.doubleclick.net
52 tpc.googlesyndication.com securepubads.g.doubleclick.net
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.krem.com
imasdk.googleapis.com
43 x.serverbid.com sync.serverbid.com
www.krem.com
vid.vidoomy.com
ads.pubmatic.com
41 dsum-sec.casalemedia.com 7 redirects r.casalemedia.com
ssum-sec.casalemedia.com
um2.eqads.com
googleads.g.doubleclick.net
37 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.krem.com
yummy.consumable.com
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
32 eb2.3lift.com 10 redirects ads.pubmatic.com
eb2.3lift.com
www.krem.com
31 match.adsrvr.org 24 redirects cdn.undertone.com
sync.serverbid.com
r.casalemedia.com
rtb.gumgum.com
ads.pubmatic.com
30 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
eb2.3lift.com
s.amazon-adsystem.com
r.casalemedia.com
ssum-sec.casalemedia.com
match.sharethrough.com
u.openx.net
ap.lijit.com
rtb.gumgum.com
sync-amz.ads.yieldmo.com
bh.contextweb.com
eus.rubiconproject.com
ads.pubmatic.com
30 media.krem.com www.krem.com
24 simage2.pubmatic.com 8 redirects www.krem.com
ads.pubmatic.com
24 usr.undertone.com cdn.undertone.com
r.casalemedia.com
eus.rubiconproject.com
22 usersync.gumgum.com 1 redirects rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
22 ib.adnxs.com 18 redirects cdn.undertone.com
googleads.g.doubleclick.net
21 ssum-sec.casalemedia.com 11 redirects js-sec.indexww.com
r.casalemedia.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
19 ups.analytics.yahoo.com 17 redirects www.krem.com
19 id5-sync.com 16 redirects cdn.id5-sync.com
www.krem.com
ads.pubmatic.com
19 e.serverbid.com ads.pubmatic.com
sync.serverbid.com
yummy.consumable.com
19 www.google.com www.krem.com
www.gstatic.com
www.google.com
securepubads.g.doubleclick.net
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
tpc.googlesyndication.com
18 x.bidswitch.net 18 redirects
17 fonts.gstatic.com www.google.com
www.krem.com
fonts.googleapis.com
16 image6.pubmatic.com 10 redirects ads.pubmatic.com
16 c.amazon-adsystem.com tags.tiqcdn.com
c.amazon-adsystem.com
15 images.taboola.com www.krem.com
14 c.eu1.dyntrk.com 14 redirects
14 csi.gstatic.com securepubads.g.doubleclick.net
imasdk.googleapis.com
14 ap.lijit.com 13 redirects s.amazon-adsystem.com
14 image8.pubmatic.com 14 redirects
14 match.sharethrough.com 3 redirects www.krem.com
s.amazon-adsystem.com
match.sharethrough.com
13 tegna.profiles.tagger.opecloud.com tags.tiqcdn.com
12 r3---sn-t0a7ln7d.c.2mdn.net e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
12 imasdk.googleapis.com e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
12 us-u.openx.net 9 redirects u.openx.net
googleads.g.doubleclick.net
12 b1sync.zemanta.com 12 redirects
12 sync.go.sonobi.com 11 redirects www.krem.com
12 ads.pubmatic.com tags.tiqcdn.com
ads.pubmatic.com
sync.serverbid.com
s.amazon-adsystem.com
rtb.gumgum.com
yummy.consumable.com
11 t.pubmatic.com www.krem.com
ads.pubmatic.com
11 um.simpli.fi 10 redirects ads.pubmatic.com
10 ads.yieldmo.com 7 redirects sync-amz.ads.yieldmo.com
10 cs.emxdgt.com 10 redirects
10 pixel.rubiconproject.com 7 redirects eus.rubiconproject.com
10 eus.rubiconproject.com cdn.undertone.com
eus.rubiconproject.com
s.amazon-adsystem.com
rtb.gumgum.com
10 pr-bh.ybp.yahoo.com 6 redirects r.casalemedia.com
u.openx.net
ssum-sec.casalemedia.com
10 e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
10 sync.mathtag.com 10 redirects
10 btlr.sharethrough.com ads.pubmatic.com
10 hb.undertone.com ads.pubmatic.com
10 tlx.3lift.com ads.pubmatic.com
10 bidder.criteo.com ads.pubmatic.com
10 htlb.casalemedia.com ads.pubmatic.com
10 hbopenbid.pubmatic.com ads.pubmatic.com
10 cdn.taboola.com tags.tiqcdn.com
cdn.taboola.com
www.krem.com
9 rtb.openx.net 9 redirects
9 pixel-sync.sitescout.com 9 redirects
9 pixel.tapad.com 8 redirects www.krem.com
9 hb.emxdgt.com ads.pubmatic.com
9 www.googletagservices.com tags.tiqcdn.com
securepubads.g.doubleclick.net
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
yummy.consumable.com
9 www.gstatic.com www.google.com
www.gstatic.com
9 amp.akamaized.net www.krem.com
amp.akamaized.net
8 beacon.lynx.cognitivlabs.com 7 redirects ads.pubmatic.com
8 sync.1rx.io 8 redirects
8 gum.criteo.com 4 redirects static.criteo.net
8 prebid.a-mo.net 8 redirects
8 sync.serverbid.com ads.pubmatic.com
sync.serverbid.com
yummy.consumable.com
8 cdn.cookielaw.org www.krem.com
cdn.cookielaw.org
7 mug.criteo.com www.krem.com
7 fonts.googleapis.com yummy.consumable.com
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
7 sync.smartadserver.com 4 redirects sync.serverbid.com
7 idsync.rlcdn.com 4 redirects cdn.undertone.com
7 dpm.demdex.net 3 redirects cdn.undertone.com
r.casalemedia.com
7 sync.crwdcntrl.net 6 redirects www.krem.com
7 pixel.advertising.com 7 redirects
7 px.ads.linkedin.com 6 redirects eus.rubiconproject.com
7 image2.pubmatic.com 1 redirects ads.pubmatic.com
www.krem.com
7 livevideo01.krem.com amp.akamaized.net
6 gcdn.2mdn.net 6 redirects
6 bid.g.doubleclick.net imasdk.googleapis.com
6 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.krem.com
6 googleads.g.doubleclick.net e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
www.krem.com
6 bh.contextweb.com 2 redirects s.amazon-adsystem.com
bh.contextweb.com
www.krem.com
6 yummy.consumable.com www.krem.com
yummy.consumable.com
6 p.rfihub.com 6 redirects
6 pubmatic-match.dotomi.com 6 redirects
6 stags.bluekai.com 6 redirects
6 adservice.google.com securepubads.g.doubleclick.net
6 adservice.google.ca securepubads.g.doubleclick.net
6 match.prod.bidr.io 6 redirects
6 trc.taboola.com 1 redirects cdn.taboola.com
www.krem.com
6 sb.scorecardresearch.com 2 redirects cdn.taboola.com
www.krem.com
5 token.rubiconproject.com 5 redirects
5 ce.lijit.com ap.lijit.com
www.krem.com
5 pixel-us-east.rubiconproject.com 5 redirects
5 tags.bluekai.com 1 redirects cdn.undertone.com
www.krem.com
5 image4.pubmatic.com 5 redirects
5 c1.adform.net 5 redirects
5 p.adsymptotic.com 2 redirects eb2.3lift.com
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 pixel.onaudience.com 4 redirects
4 simage4.pubmatic.com ads.pubmatic.com
4 cookie-matching.mediarithmics.com 4 redirects
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 casale-match.dotomi.com 4 redirects
4 sync-tm.everesttech.net r.casalemedia.com
u.openx.net
ssum-sec.casalemedia.com
rtb.gumgum.com
4 sync.srv.stackadapt.com 4 redirects
4 sync.targeting.unrulymedia.com 4 redirects
4 sync.colossusssp.com 1 redirects sync.serverbid.com
4 vid.vidoomy.com sync.serverbid.com
4 sync.ipredictive.com 4 redirects
4 secure-assets.rubiconproject.com 4 redirects
4 r.casalemedia.com cdn.undertone.com
r.casalemedia.com
4 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
4 tagger.opecloud.com 3 redirects www.krem.com
4 livevideo.tegnadigital.com amp.akamaized.net
3 sync-t1.taboola.com www.krem.com
3 sync.taboola.com 2 redirects www.krem.com
3 rtb.mfadsrvr.com 3 redirects
3 secure.adnxs.com 3 redirects
3 pixel.quantserve.com 3 redirects
3 cdn.indexww.com ssum-sec.casalemedia.com
3 match.deepintent.com 2 redirects ssum-sec.casalemedia.com
3 u.openx.net 1 redirects s.amazon-adsystem.com
www.krem.com
3 s.company-target.com 3 redirects
3 cm.adform.net sync.serverbid.com
3 beacon.krxd.net cdn.undertone.com
3 cw.addthis.com cdn.undertone.com
3 cs.admanmedia.com cdn.undertone.com
3 c.bing.com eb2.3lift.com
3 sync.technoratimedia.com 3 redirects
3 creativecdn.com 3 redirects
3 cdn.undertone.com ads.pubmatic.com
3 js-sec.indexww.com ads.pubmatic.com
3 biddr.brealtime.com ads.pubmatic.com
3 us-trc-events.taboola.com www.krem.com
2 id.crwdcntrl.net ads.pubmatic.com
2 io.narrative.io 1 redirects www.krem.com
2 px.owneriq.net 2 redirects
2 pm.w55c.net 2 redirects
2 pmp.mxptint.net 1 redirects www.krem.com
2 uipglob.semasio.net 1 redirects www.krem.com
2 visitor.fiftyt.com 2 redirects
2 loada.exelator.com 2 redirects
2 cm.adgrx.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 match.taboola.com www.krem.com
ads.pubmatic.com
2 rtd-tm.everesttech.net 2 redirects
2 dis.criteo.com 2 redirects
2 scotiabank.demdex.net s0.2mdn.net
2 aax-eu.amazon-adsystem.com 1 redirects eus.rubiconproject.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 services.brid.tv yummy.consumable.com
2 pulsepoint-match.dotomi.com 2 redirects
2 yieldmo-match.dotomi.com 2 redirects
2 ad.360yield.com 2 redirects
2 pool.admedo.com 2 redirects
2 um2.eqads.com 1 redirects r.casalemedia.com
2 ums.acuityplatform.com 2 redirects
2 ad.turn.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 rtb.gumgum.com s.amazon-adsystem.com
www.krem.com
2 sync.extend.tv 2 redirects
2 gu.dyntrk.com 2 redirects
2 pippio.com 2 redirects
2 ads.avct.cloud 2 redirects
2 ads.creative-serving.com 2 redirects
2 us-match.taboola.com vidstat.taboola.com
2 static.criteo.net securepubads.g.doubleclick.net
ads.pubmatic.com
2 ssbsync.smartadserver.com 1 redirects www.krem.com
2 s.ad.smaato.net 2 redirects
2 www.google-analytics.com tags.tiqcdn.com
www.krem.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 tags.tiqcdn.com www.krem.com
tags.tiqcdn.com
2 tgna-ux-east2.service.signalr.net www.krem.com
1 partners.tremorhub.com googleads.g.doubleclick.net
1 ssum.casalemedia.com 1 redirects
1 vidstatb.taboola.com www.krem.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.bnmla.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 csync.loopme.me 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 rtb.adentifi.com www.krem.com
1 aa.agkn.com www.krem.com
1 aud.pubmatic.com www.krem.com
1 247a278a3953c10040512acd4e2b1350.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 clarium.global.ssl.fastly.net www.krem.com
1 15e28e779369deefe965f5bb38f7be19.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 cs.chocolateplatform.com e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
1 tr.blismedia.com e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
1 s.tribalfusion.com e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
1 cms.quantserve.com 1 redirects
1 r.turn.com e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
1 fksnk.com 1 redirects
1 t.adx.opera.com www.krem.com
1 s.uuidksinc.net www.krem.com
1 visitor.omnitagjs.com www.krem.com
1 e1.emxdgt.com www.krem.com
1 rtb-csync.smartadserver.com www.krem.com
1 api.rlcdn.com ads.pubmatic.com
1 ads.yahoo.com eus.rubiconproject.com
1 tg.socdm.com 1 redirects
1 sync-pm.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 aorta.clickagy.com 1 redirects
1 contextual.media.net ap.lijit.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 sync.inmobi.com s.amazon-adsystem.com
1 jadserve.postrelease.com 1 redirects
1 usync.vrtcal.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 us-vid-events.taboola.com www.krem.com
1 imprnjmp.taboola.com vidstat.taboola.com
1 ssc-cms.33across.com 1 redirects
1 c.us1.dyntrk.com 1 redirects
1 server.cpmstar.com 1 redirects
1 www.google.ca www.krem.com
1 geo.privacymanager.io ats.rlcdn.com
1 stats.g.doubleclick.net www.google-analytics.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cdn.id5-sync.com www.krem.com
1 ats.rlcdn.com www.krem.com
1 cdn.opecloud.com tags.tiqcdn.com
1 native.sharethrough.com tags.tiqcdn.com
1 geolocation.onetrust.com cdn.cookielaw.org
0 tag.simpli.fi Failed tags.tiqcdn.com
1171 234
Subject Issuer Validity Valid
www.kagstv.com
DigiCert SHA2 Secure Server CA		 2021-12-18 -
2022-12-20		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.tegna-media.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-28 -
2022-11-29		 8 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.service.signalr.net
Microsoft Azure TLS Issuing CA 02		 2022-08-08 -
2023-08-03		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
livevideo01.dailyblastlive.com
R3		 2022-07-06 -
2022-10-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
cdn.opecloud.com
Amazon		 2022-02-14 -
2023-03-15		 a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
livevideo01.king5.com
R3		 2022-08-25 -
2022-11-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
*.google.ca
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.profiles.tagger.opecloud.com
Amazon		 2022-01-26 -
2023-02-24		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.undertone.com
Amazon		 2022-09-03 -
2023-10-01		 a year crt.sh
*.consumableaudio.com
R3		 2022-07-05 -
2022-10-03		 3 months crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
sync.serverbid.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2022-04-21 -
2023-05-23		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2021-11-07 -
2022-11-07		 a year crt.sh
consumable.com
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
um3.eqads.com
Amazon		 2022-06-11 -
2023-07-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon		 2022-02-09 -
2023-03-10		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
brid.tv
Amazon		 2022-01-19 -
2023-02-17		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
uuidksinc.net
R3		 2022-07-18 -
2022-10-16		 3 months crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-08-18 -
2022-11-16		 3 months crt.sh
cs.chocolateplatform.com
ZeroSSL RSA Domain Secure Site CA		 2022-06-28 -
2022-09-26		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-04 -
2023-06-05		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
truffle.bid
R3		 2022-07-21 -
2022-10-19		 3 months crt.sh
*.iprom.net
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-08-30 -
2022-11-08		 2 months crt.sh

This page contains 141 frames:

Primary Page: https://www.krem.com/
Frame ID: 8A1E652AF91D77AD2E14BFB02536DA95
Requests: 343 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhZY8UAAAAANQxx8Y6_JJZSJtONlMiM_yiKTah&co=aHR0cHM6Ly93d3cua3JlbS5jb206NDQz&hl=en&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&badge=inline&cb=f5lfdfdx8fpk
Frame ID: A5BC2D2120ABEB14D97398BA770B961B
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=g8G8cw32bNQPGUVoDvt680GA&k=6LdhZY8UAAAAANQxx8Y6_JJZSJtONlMiM_yiKTah
Frame ID: BAB870624E566329FDF7D24C3E796C48
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Frame ID: AAD7E8D7CAF8A321B23392EAE110CEE5
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Frame ID: FC4EC15EA3D91A0E43BB62D3138621D0
Requests: 11 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000210.html
Frame ID: 1F636E5866FC7E87CBF01BE386587E4D
Requests: 16 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: A4EB6A5070CFE6F65826CD102C4BB7E7
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EB7995183C395DD523249AF57514141A
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000210.html
Frame ID: C4B4E35BD0567389DFD0DAED37DBFD52
Requests: 15 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 27347ACC0CF92396DAA830615842AF7D
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Frame ID: C3C39C73D9F9006D795632CEB8A1EFA9
Requests: 11 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Frame ID: 9CA19704B8B60550ED3F0C4612318D7F
Requests: 15 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CE4FA6BBDFD5F23C33F7FA04D3A89FA6
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: EEF7CC819546FF119764FEF4F7AE9E5D
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000210.html
Frame ID: 519E40720B5E8FCB960EBB05B6B6039C
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Frame ID: D7D6411412EC8CC2DE9069672FE51AC1
Requests: 3 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Frame ID: C5F42EFEC46350E5D2190B16DD04A708
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Frame ID: 915ED45D7FBE8433D9FA1EE7AD29D454
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Frame ID: BC4D0F35165FEB169061D27ED3C5A163
Requests: 13 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Frame ID: 143E078A4A5F5AAEAD8D5A468DF8235D
Requests: 15 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A3DC921AE48C79B72CAEC295ADE5FD76
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&dcc=t
Frame ID: 34285F71A5829998354DDA22F1FA23CD
Requests: 1 HTTP requests in this frame

Frame: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AA7EB5F709593F89048FAFC0A10CD54A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssq9xzCZFTL_9IIk-dyCgWmE1czU99oWgWXsnm_JK3jw_dbsm8ag_E5f3N8XNex-xZayXfXN5P2lPyy9jBWN8VLune3eXg95dgaHxL-DARpHEJ_PkLMdeshc69YreRitjfkhE_LhEBZQSfVyND6OpgmxzkShyw6MFjep_zKkDVXQAR7Az52-blMzvG7NWdsuokyFkKOkhApCosfd58zbEcfNvInLgZYs8SNHtMs53TeS5Vd_LOfdrVAtKyJ0rhi_kwJs3FOrUoWh6ONAc__Jy8Sv6grjMDYyVUHt_ddylmwyT3gEnBk6o1F5egve0u3OQmfesvo1ulXIrr7krqcLQr1zT2JLBcLPghdBIIi7AvduA4lBP8l49ND&sai=AMfl-YSw1QSmg1G3aoWdAoikhi3g4JqKfAAD37GpN7h9Gm_7KzbNPxDsAHZCBFcgOljzOe32TK4n9dzYMe-H7vz1n2LH_8_C9Q-4HiSiiAbPkOMWScjs1IwUOOTn106pow&sig=Cg0ArKJSzKhn5wNCTtxhEAE&uach_m=[UACH]&adurl=
Frame ID: 706C9C55DE9A4558F55C54604C80450F
Requests: 8 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7oqoCFgNbSF7ciR5n2gRbSF7ciR5n2gUAAAAGBvQHJOUbDic2k3Ot3Gw2a9FuOHMLV7vNWrkaLjajhW1iXI6MQFK-4XBiMznXys1msxbthjO3cLXbrJWr4WIzWtgmxuXICiPGcpkMaoGEZfb7DmqG027Q8M2ut90gKrreFrvDafa8oQJNp8Pnutfrfr-71vJy2zV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAJhsC0SEHQvvtpsvLYfYHAAAAAAgAAAAACYAA4GQJgAdZ6cn_________f8wAfeaNzP____-NQg_Agw_AgxAAAMDFEAAG4Vev66Y-EYFiESMAAACASpzM2qNJnVBZVP3___dbAVwBAAQMzoguM2XpDkq8hQEAAACMLdDD4vebHXaN3-2y_________3-z_7N_NCEbAIA04UkUe7VfQACAtV9AAAC2cQMAeAuACzqCVgwGqyOI3XI4OwAAAIC7____fz0Qm5hsI8_MNxq5TLOFbWXbmDYT58xmGlk2zo1tuD3eAqcLrdUh2b4SYZn9voOa4bQbNHyz6203iIqut8XucJo9B_FBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0v4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggzw8VoNvEs3CrjaOIWrSyDtXI5WrkVo8Vy47KZLDbfYi16fUwPx3KycSy8KBhQsRfJ0yKdKDa-1XAzGiw2Nstk5plMZhvXxDib2RwL32aw2kzEEs3JIp3ILvvaxGQbeWa-0chlmi1sK9vGtJk4ZzbTyLJxbmzDfWe4GM0mnoVbZRxN3KKVZbBWLkcrt2K0WG5cNpPF5lusRa-P6eFYTjaOhb8xm20Gi-FsNdg3ZrPNYDGcrQb7DpPpmfqcjcbD9-8xubymazJ9cxgULoPFu1KdVtqC5KDNXkVOl2amLOqMyud35DUoPAeP6jOsKZ7PcC0knk2-B6Milggu0ono5bM73FrLy20RS5Smi3SiL_rdLsPD5_JXxBLB6SKdCP1ul0X9R4cYLeeq2Vyx2swVw8UqAQAAAAAAAAAsYcq8CQAAAMBpELPNcrhb50Esl4vhaLVcgAfrFN2fcnsWpeze3N1cD8kauCsq5eLGjxXo5bM73FrLy21lgAdrBebNnwlirVbLGgAAQAAbAABAgFs3b4HoUPz___9_HAAAgIwcPQAAAP0-EFUD3Oi1Qg__QKsGAw!&cmcv=&pix=undefined&cb=1663018651501&uv=3223&tms=1663018651501&abt=inc_all_video_vA!nrlc_vA!ntvc_vB!spa2_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=e788bfd9-9333-478f-8573-958134a6b89d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 6E6CBDA69C2DACC8BBC3757E5AF7A92F
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V7oqoCFgNbSF7ciR5n2gRbSF7ciR5n2gUAAAAGBvQHJOUbDic2k3Ot3Gw2a9FuOHMLV7vNWrkaLjajhW1iXI6MQFK-4XBiMznXys1msxbthjO3cLXbrJWr4WIzWtgmxuXICiPGcpkMaoGEZfb7DmqG027Q8M2ut90gKrreFrvDafa8oQJNp8Pnutfrfr-71vJy2zV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAJhsC0SEHQvvtpsvLYfYHAAAAAAgAAAAACYAA4GQJgAdZ6cn_________f8wAfeaNzP____-NQg_Agw_AgxAAAMDFEAAG4Vev66Y-EYFiESMAAACASpzM2qNJnVBZVP3___dbAVwBAAQMzoguM2XpDkq8hQEAAACMLdDD4vebHXaN3-2y_________3-z_7N_NCEbAIA04UkUe7VfQACAtV9AAAC2cQMAeAuACzqCVgwGqyOI3XI4OwAAAIC7____fz0Qm5hsI8_MNxq5TLOFbWXbmDYT58xmGlk2zo1tuD3eAqcLrdUh2b4SYZn9voOa4bQbNHyz6203iIqut8XucJo9B_FBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0v4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggzw8VoNvEs3CrjaOIWrSyDtXI5WrkVo8Vy47KZLDbfYi16fUwPx3KycSy8KBhQsRfJ0yKdKDa-1XAzGiw2Nstk5plMZhvXxDib2RwL32aw2kzEEs3JIp3ILvvaxGQbeWa-0chlmi1sK9vGtJk4ZzbTyLJxbmzDfWe4GM0mnoVbZRxN3KKVZbBWLkcrt2K0WG5cNpPF5lusRa-P6eFYTjaOhb8xm20Gi-FsNdg3ZrPNYDGcrQb7DpPpmfqcjcbD9-8xubymazJ9cxgULoPFu1KdVtqC5KDNXkVOl2amLOqMyud35DUoPAeP6jOsKZ7PcC0knk2-B6Milggu0ono5bM73FrLy20RS5Smi3SiL_rdLsPD5_JXxBLB6SKdCP1ul0X9R4cYLeeq2Vyx2swVw8UqAQAAAAAAAAAsYcq8CQAAAMBpELPNcrhb50Esl4vhaLVcgAfrFN2fcnsWpeze3N1cD8kauCsq5eLGjxXo5bM73FrLy21lgAdrBebNnwlirVbLGgAAQAAbAABAgFs3b4HoUPz___9_HAAAgIwcPQAAAP0-EFUD3Oi1Qg__QKsGAw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 2D0EE7E40FCE2B62F09BA17479283E7C
Requests: 1 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 0CE252AFC85A6FAECA779865289C3EBB
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: D63A5DAD6811FD6E76661FAC8FC45BC0
Requests: 11 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 3074764C0D9D0DC75F669E21D479D102
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: B610D5DB011354C97740A7F64FB0C46F
Requests: 2 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 63F0F0FA60437A775529E8E1374BADAA
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: A0002175FB9626A16275DC770165EFD0
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: AB89D66C5801A40B31DFFFBC3167673E
Requests: 10 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=6227&spui=&dpui=a6f37f0123013099a595be2217fc435a
Frame ID: B39EA3EB945D0737681BEDD83F73EEA9
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 0C8B37377362D4E59D7E0BAB43205B07
Requests: 2 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=6227&spui=&dpui=a6f37f0123013099a595be2217fc435a
Frame ID: F2EF8AB2A675976218614AE1C9C3912F
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: C1804D188DF3229DD9A46DB926D0EF8E
Requests: 2 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=6227&spui=&dpui=a6f37f0123013099a595be2217fc435a
Frame ID: 2E2BE61BEA7D6C03DBFAA69FB0ACDEFF
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXCbS7Gu7Q0b2LqniMIVtUeXyj7ABSJmIFBmW2lK4XNMO5-fiGo2hlPJ1vGgpIDNjX3FufIHHJcqrergv_K4s5nIjw2FD1p-FeqhrhEFGOrjBc7KO0E-SWDY11I6Q7fR_yXaqYztWrAOKNaxTN8o-HVPsRQCzcsq8XeqBGq7VMkFSUSm7XbYuhbgBb88VPy0rQgsd5kYCKD_FI5OypJm5aEuEmRop5IAjtsZuMEjBwiZtR_1DIWrlrwXU3v_zuPgrpoxUi7Ee5BbsDIKhGlaLPngmraZfE8TKk7xaMUNSEB50uaiUwbyfx_YyCZCVY4FttuUEp4ZsG9N9ZXetJ340l5KbX0LdlaGKR8IerQRyJojHk3rVLnFo&sai=AMfl-YTX3uwdBidr-o5ZasWS9u9cx8rQLbUm-hBJytxOzLo0xTaaMZHZQ7Y_VQCUBqST4PsAgz4ASZNsVKbx6JG3ld8_Um09mJhSG-dhXfydByi56qoSUcRfF3gks2uf6gM&sig=Cg0ArKJSzJh68vKBdd6nEAE&uach_m=[UACH]&adurl=
Frame ID: 01E2F1A5FC7085696FB9D5CD5EE11ABB
Requests: 8 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: A2C379C2C877E3443D851690FB6B15CA
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrx3S2CFcPR67QzK2NEfHXpOSAuzfU4IvEnaCpkNpdljvPkJLBlgqoyomqhIFw1RfP71J3BL6NsUY5wdqucg4Jo7V_hGpEEM936rHyCp1pi-QoJyQKXt7qH2Ry8wdBij1WS8JevzUYZLOEkpR9ZIiomFPDhl8EnTXP47jnTsC9QoDqsERmVE5so5MSgEe1XGTep516z6-4o3rmzHaqUeNfJU3BrHjnPjY-RD4MS3SraX75dAhgJuXlGfExSLVKXPg41-ZPIvAVSIAkB4j8e3yjG-lMyPqkyZ20vmVqVXSvY4LndxgSVfl1wFBPiELpJtttOj4i0TqMUmHKpA_0ULClHmlhwJqBxdBnbztatJVhQqJY7LlJb6SFlbZ_PA&sai=AMfl-YRU7jjmd7iZrWcWVU0SRVJrz7XztuR_oUvnhWAyEsW4_BYuZd9Fw2ZcUqkJBuKJjO-Psw7Iy5nCTBghOF0hPpAHQG8z2zXvRULC76LbmzIRCmaOEQbe6DuEfTuvCwk&sig=Cg0ArKJSzFoc2pIH2m8DEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 973D0B26A85B4F99F5167FB4A842EB2C
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 758CBE16D5C93644009AE272D47AB38E
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E5E605075500638487E894945E5DD024
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 08BEBBDF0328F9D23FEBFE05362789D9
Requests: 10 HTTP requests in this frame

Frame: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 19ADC31D5BB5EA4329D5E629D2D173C7
Requests: 14 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.krem.com
Frame ID: F095810486807E92128F9E61D6C82902
Requests: 2 HTTP requests in this frame

Frame: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 46217F31A69048D2E649075F462E756C
Requests: 15 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 4DF1B400485F7371C1D27C09919B7349
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 8370BDED7317BFA94F3C2CA8009FA028
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 56C80BDC525A6E05BA3BCF63E7450F4B
Requests: 7 HTTP requests in this frame

Frame: https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
Frame ID: 18C25AEA03647BC28B9D44B8F3BFB28E
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 75A2B89E7D21B63D23D2CD714B31F1E9
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: D7C8E66E1C0B21B590989686BCEF0459
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 38096138FD0875A844D5F8F9FEECD346
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 88CA0DA96ABCECDB6EE0EC762756442A
Requests: 3 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: 099614EE0E270C29A0E44785D6D53452
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1UbGUyM2VSRTJ1S3JEQm1BNUwzemplMzFxaHNueGVHZH5B
Frame ID: CB7426D647D57B1A5822286F6041764A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6740448256026770921&ex=appnexus.com
Frame ID: DDF23DDDD1DB69F44A25ECBA82BDE776
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: 3F721C6D5E55F12BDCF8495446941371
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3925327059705463040423
Frame ID: 42E49E5DE3165A8EE0F3801A5DDD247B
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 93A6583782B95D11D1AAAA7720F401DD
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800
Frame ID: E7CBABA305B658ECAEB90702138C6DD8
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Y0Na3wAEwAQ&v=APEucNUyTR6M9tlUJED5JHzYhcZLN-IiXJxO9JjtLse-QL5R5GZLh4YR0BGGw0OrrfuLp_sDevfkSmoxareMetW0XOx7X4JV4w
Frame ID: 8C54C91FB7CF5893571F1CD004B88BC7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfHIxD_1ewBGIizmdABMAE&v=APEucNW1Ln_WNkBMFz-TbnK1izL9JQbkgSlOd2Xyz6lIrkmlvYQCrwnm-y3F6Jdh-YvtOkJBUrTlry1OkCD-u_34vOxHDd3cog
Frame ID: 4C8EF8ED6A58BC4E138D472F8B8C274F
Requests: 5 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=inm&i=ID5-ZHMOO8h8ETp-hGRrPK8bEprY35JfCnSR2Hg43YOO1w
Frame ID: 0BA106760B8CC507E062117E923F42A0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: F7441EE85DEEF34813DC83CB6F6042A6
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 66C5BC9FEE4ECCC9A2897EEDC550B555
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=3374631f-a69c-4f00-8548-033a1286fef8&gdpr=&gdpr_consent=
Frame ID: AB9111A9E1E871DE2E2A53609C8432E1
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
Frame ID: 9D110115B0108748A32B01979D2FDF3C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8xOGU0MzVmYy1kZTUzLTQxODEtYWUxZS1iMDI4MWUxZjZiMjE=&gdpr=&gdpr_consent=
Frame ID: 6D17F67EA8D2D30828E085DF6B612320
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=6740448256026770921brt53451663018651931712bd
Frame ID: 98155E804601DA957CD6366C7BB93C45
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Yx.mncCo8YMAACrR0IgAAAAA
Frame ID: F2D419666DD2BBD42135C981C53185D6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Yx.mm01KsayL.r.TyKhWBAAA%262923
Frame ID: C40E954A91D83708BC38BE0BC97EA4B0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=Qqm1WMvcgGOkNCUxBBU6&pi=gumgum
Frame ID: 84205D006020D577726BE16C6472D139
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 78AA8795876CE2A1ACEC53BDD8508BA1
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6D1E225DFB0DB342DAD5C251CAA1BDBB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B778225A422EA9AC5387A0A19C865A46
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 31B16EA4DE21663B5F843373A55721AC
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Frame ID: 3B703A322195B1CA7C54EA18CE5893D4
Requests: 28 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L7ZAD86L-U-LLYM
Frame ID: A389F5F1990BCEE28CB33530D3DC8379
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C5F0F0675E3A51FA79743279EB2FEEA5
Requests: 3 HTTP requests in this frame

Frame: https://15e28e779369deefe965f5bb38f7be19.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: CD364616B28A402AAEA80800D9E3AAF3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOqLxaKd4U5Bu6hPRU8W4mdyt3RrLSiSRhiQHDmDCWFMXJrtS0IilJyiFlYCvkOod17LqqmXQhZb7JWs02sBFmp1-v4IVyYHNXKfVxHsZnFhtZkNjtH-iVvAGyQ2Yn7AkpubenLobFbz-9qixv4-DIGEVS48EMrgg8dCoVyZwyxS4uNPzotG6OsQFxkyw0FqYzpwSrOrWvhph_B3_0mYCSTdpAZFAGOqr4rGFz2lOlazuUinHiwnbm36FA8_MQADX8xVs9hT9r51j-tCwwctlkOs-C2uPeMI3AxixFC6mdpIt6paRptJIASggbn3rGiLZF9XZocLO1g2DOzH_bxNVtmzHeANOa-YEDfz_EjECodoiaH6-Rikb4MPtlFL0EcWIYxZBdzRs&sai=AMfl-YTihzWhQwvKdGBdUqke4AMsrpcadKY9vCNsL0f04s7VIOvRRosJrWE3ZO6w77h7m7kt1iHh0Pl_ZFqtlHhveAu4dvAlWHNBgNzDAsNLVXQzOkfE8TgNv4CX4Oc0Ngw&sig=Cg0ArKJSzHIh0yTdWeAjEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 36222A0B9F60412474BE362C23B3A43A
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 4FC88680366A2F83E902128352777306
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 39A1C04EAD43187BFC5B57B3A1183FC1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8359C3921C497B874FAE73B250BE0C4D
Requests: 2 HTTP requests in this frame

Frame: https://247a278a3953c10040512acd4e2b1350.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Frame ID: 003A80D2C8950A29A9AC3C0AA4B0B3A1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E78620469D317011CE534F4448181E68
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CD775345E7C26133C0782EE1CD56A384
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=1d49be3a-32e3-11ed-94f2-677f45bc236b
Frame ID: A5C8909AB6107B22B4266741CB6AEFF1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ded8d05cbe0549d4aaea1
Frame ID: 00921E05152B5F9BE4AFB105F53B34A2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 5803CFCBFC5139AD01851914A353502C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IEik9TknQUVu429l2S6RgZU4mbU
Frame ID: CE0D460A2B86E0600FCFD8E77E609F99
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:a6VH6ePW1OxR7x5&gdpr=0&gdpr_consent=
Frame ID: DFB11BAE99AE481F6C3DA51EEB38556F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=692474668868
Frame ID: B038835B218CD8B883FDCE6F410F93F8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005
Frame ID: 2277CA8E1E745B260A35CE4322F7EF59
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=0C65799C-ADAA-4108-A890-30B257FC431D
Frame ID: D081D2CF3A7E92C29B1EC16D121F3EA9
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 6D8B85BE3CEE1B777AA48282B4BA3ADE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: DCE5E37DF5230BD593F4E2D8B375FDA6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7163050551832802892
Frame ID: CCE936D1065745DCA91DD9D6BAC9BF8C
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: DEECBF64094183CC28F7D94E2566A7E4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=VCRczv1jBNucJV6jn6YfYw
Frame ID: 14C3342089C82E93D2F2F40D716E5990
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 41220698D22A0825BE195202A2BC5BEE
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: B4A998CB815AF59BE158A5C3E3652DC7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=Iuo35QDap
Frame ID: 9FD65213BD9F023FB6805A92D75CFFAF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=b757b3fd-5c48-4f82-8ee8-ea2d7cbe9229
Frame ID: 12A2C4AE753DEE3C5C5F1FE764B9FD4E
Requests: 1 HTTP requests in this frame

Frame: https://um.simpli.fi/epx
Frame ID: 5777B0A49C33056368F0BF09F3E74DA3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0F544501480B4ED1A98BD63E61B44B8D
Frame ID: 7F140FBC07FAA2A667A6AD904A4AFA84
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=0C65799C-ADAA-4108-A890-30B257FC431D
Frame ID: 8E027BD83B592B414FBE7B549DE32E38
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=0C65799C-ADAA-4108-A890-30B257FC431D
Frame ID: DD9958531B18E4E4F6E6C1E14613DF53
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=0C65799C-ADAA-4108-A890-30B257FC431D
Frame ID: 985D0EC91435BF591D68B1EAECFDF80F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID0C65799C-ADAA-4108-A890-30B257FC431D
Frame ID: 62683522137D555ACFB4A9AAD639029A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=0C65799C-ADAA-4108-A890-30B257FC431D
Frame ID: C3CACB0A9D6A0914EB90252AAC59F4A6
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V7oqoCFgNbSF7ciR5n2gRbSF7ciR5n2gUAAAAGBvQHJOUbDic2k3Ot3Gw2a9FuOHMLV7vNWrkaLjajhW1iXI6MQFK-4XBiMznXys1msxbthjO3cLXbrJWr4WIzWtgmxuXICiPGcpkMaoGEZfb7DmqG027Q8M2ut90gKrreFrvDafa8oQJNp8Pnutfrfr-71vJy2zV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAJhsC0SEHQvvtpsvLYfYHAAAAAAgAAAAACYAA4GQJgAdZ6cn_________f8wAfeaNzP____-NQg_Agw_AgxAAAMDFEAAG4Vev66Y-EYFiESMAAACASpzM2qNJnVBZVP3___dbAVwBAAQMzoguM2XpDkq8hQEAAACMLdDD4vebHXaN3-2y_________3-z_7N_NCEbAIA04UkUe7VfQACAtV9AAAC2cQMAeAuACzqCVgwGqyOI3XI4OwAAAIC7____fz0Qm5hsI8_MNxq5TLOFbWXbmDYT58xmGlk2zo1tuD3eAqcLrdUh2b4SYZn9voOa4bQbNHyz6203iIqut8XucJo9B_FBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0v4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggzw8VoNvEs3CrjaOIWrSyDtXI5WrkVo8Vy47KZLDbfYi16fUwPx3KycSy8KBhQsRfJ0yKdKDa-1XAzGiw2Nstk5plMZhvXxDib2RwL32aw2kzEEs3JIp3ILvvaxGQbeWa-0chlmi1sK9vGtJk4ZzbTyLJxbmzDfWe4GM0mnoVbZRxN3KKVZbBWLkcrt2K0WG5cNpPF5lusRa-P6eFYTjaOhb8xm20Gi-FsNdg3ZrPNYDGcrQb7DpPpmfqcjcbD9-8xubymazJ9cxgULoPFu1KdVtqC5KDNXkVOl2amLOqMyud35DUoPAeP6jOsKZ7PcC0knk2-B6Milggu0ono5bM73FrLy20RS5Smi3SiL_rdLsPD5_JXxBLB6SKdCP1ul0X9R4cYLeeq2Vyx2swVw8UqAQAAAAAAAAAsYcq8CQAAAMBpELPNcrhb50Esl4vhaLVcgAfrFN2fcnsWpeze3N1cD8kauCsq5eLGjxXo5bM73FrLy21lgAdrBebNnwlirVbLGgAAQAAbAABAgFs3b4HoUPz___9_HAAAgIwcPQAAAP0-EFUD3Oi1Qg__QKsGAw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: BACD3F417435503D0E501A1C65272C4A
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000210.html
Frame ID: 833C9DA40229FC944183C5062B9040E4
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 91B4C74A8D2CAC0F42EF7E213AB11D6C
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=6227&spui=&dpui=a6f37f0123013099a595be2217fc435a
Frame ID: 76F1392B113AEB76BF34DB3A75DE5BDA
Requests: 2 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=0C65799C-ADAA-4108-A890-30B257FC431D
Frame ID: 47AF979309BF57813C652803C33A4E16
Requests: 1 HTTP requests in this frame

Frame: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 302E9AF19B2DC442619FC1EC71C98288
Requests: 19 HTTP requests in this frame

Frame: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AA86B995AA63498414624E7CF49D207D
Requests: 19 HTTP requests in this frame

Frame: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 65551DADA8AC2F354DB666A54F742F61
Requests: 19 HTTP requests in this frame

Frame: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2C238D79C850BA0B6049D5A3218773E8
Requests: 18 HTTP requests in this frame

Frame: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 554EB2373F61B4579AB687082D30EDD7
Requests: 19 HTTP requests in this frame

Frame: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9121D496D6DA69FA69B4BBF199B35D2F
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B3D21CB6509C3D3F5CB7F4D9EF9BEAA5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 49862487558E5B621095152A09BB3F27
Requests: 9 HTTP requests in this frame

Frame: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 874EE7D8DF630F9170CD8CB9E40B3B60
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1E13A7B05CB47A0837CC5E64D57D7AB9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Y84y3wAEwAQ&v=APEucNUQcKnssh0MYKQ9OgZ2Puc05zKzNHCPcJSgvvtQoYXrjvJYo1pRd-kPpUXDW6YEHDHLwpL0_8vgavBHujFSd__y8u-Yww
Frame ID: DE6243D9DE082FF44760A862A4578D3A
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 88A7CAF019175D02AE90D281978BE166
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ECBBE33803A6AF1EE87B245BF3C5DEC5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 925B7BAE3934438C48D3603DA70B6ADD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 102A6104E9F2C90767C1CA69CDAA978C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 39E4599596CF6541FE336D2384B09F6B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4BBE2BB084A96C37700DB57E8C4DDC2F
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Frame ID: 745BF73D0CD6CC171E844BF6CD997508
Requests: 30 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B0B734AAA4991E79055D48108DD493F4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 50A69C24C1E837D289D3CA3C7DEA7C85
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 0980707E409044B896A2120A1E577069
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 43F96899FA96D0FF067989A793D3C9E3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 52BADA9208ABBF0FFA8013F344DC6ABD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Spokane's Leading Local News: Weather, Traffic, Sports and more | Spokane, Washington | KREM.com | krem.comBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://www.krem.com/ HTTP 301
    https://www.krem.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

1171
Requests

74 %
HTTPS

20 %
IPv6

139
Domains

234
Subdomains

138
IPs

14
Countries

25655 kB
Transfer

38450 kB
Size

275
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.krem.com/ HTTP 301
    https://www.krem.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 132
  • https://sb.scorecardresearch.com/c2/19962895/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 133
  • https://sb.scorecardresearch.com/b?c1=2&c2=19962895&comscorekw=home&category=home&templatetype=index&ns__t=1663018650271&ns_c=UTF-8&c8=Spokane%27s%20Leading%20Local%20News%3A%20Weather%2C%20Traffic%2C%20Sports%20and%20more%20%7C%20Spokane%2C%20Washington%20%7C%20KREM.com%20%7C%20krem.com&c7=https%3A%2F%2Fwww.krem.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=19962895&comscorekw=home&category=home&templatetype=index&ns__t=1663018650271&ns_c=UTF-8&c8=Spokane%27s%20Leading%20Local%20News%3A%20Weather%2C%20Traffic%2C%20Sports%20and%20more%20%7C%20Spokane%2C%20Washington%20%7C%20KREM.com%20%7C%20krem.com&c7=https%3A%2F%2Fwww.krem.com%2F&c9=
Request Chain 144
  • https://tagger.opecloud.com/tegna/v2/pixel.gif?url=https%3A%2F%2Fwww.krem.com%2F&ref=&tref=&tz=0&screen=1600x1200x24&visiturl=https%3A%2F%2Fwww.krem.com%2F&uspstatus=uspoptoutsalenoconsent&e=%5B%7B%22pageType%22%3A%22index%22%2C%22section%22%3A%22home%22%2C%22callLetters%22%3A%22KREM%22%2C%22siteId%22%3A%22293%22%2C%22platform%22%3A%22desktop%22%2C%22type%22%3A%22pageView%22%7D%5D&fpid=ae8e460c-8bff-4416-9d55-a67bfab48a7b HTTP 302
  • https://tagger.opecloud.com/tegna/v2/pixel.gif?e=%5B%7B%22pageType%22%3A%22index%22%2C%22section%22%3A%22home%22%2C%22callLetters%22%3A%22KREM%22%2C%22siteId%22%3A%22293%22%2C%22platform%22%3A%22desktop%22%2C%22type%22%3A%22pageView%22%7D%5D&tref=&url=https%3A%2F%2Fwww.krem.com%2F&tz=0&trackability-redirect=true&visiturl=https%3A%2F%2Fwww.krem.com%2F&ref=&fpid=ae8e460c-8bff-4416-9d55-a67bfab48a7b&screen=1600x1200x24&uspstatus=uspoptoutsalenoconsent HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-d4MbwwL%2BtzdywBaRgCof3H8%2FxVE%2F1To%3D&source=tegna HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm=&state=2-d4MbwwL%2BtzdywBaRgCof3H8%2FxVE%2F1To%3D&source=tegna&google_tc= HTTP 302
  • https://tagger.opecloud.com/dbm/opecs.gif?state=2-d4MbwwL%2BtzdywBaRgCof3H8%2FxVE%2F1To%3D&source=tegna&google_gid=CAESEC9JYtLv-zAHwmXjBK9o_yY&google_cver=1 HTTP 302
  • https://um.simpli.fi/1plusx?state=2-OHyD%2BKG8%2Bw7oCEnRb%2FwuAq%2FzKVj08sA%3D&source=tegna HTTP 302
  • https://tagger.opecloud.com/simplifi/pbfs.gif?puid=0F544501480B4ED1A98BD63E61B44B8D&state=2-OHyD%2BKG8%2Bw7oCEnRb%2FwuAq%2FzKVj08sA%3D&source=tegna
Request Chain 225
  • https://eb2.3lift.com/sync?us_privacy=1YNY& HTTP 302
  • https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Request Chain 231
  • https://eb2.3lift.com/sync?us_privacy=1YNY& HTTP 302
  • https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Request Chain 238
  • https://eb2.3lift.com/sync?us_privacy=1YNY& HTTP 302
  • https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Request Chain 242
  • https://creativecdn.com/cm-notify?pi=sharethrough&us_privacy=1YNY HTTP 302
  • https://creativecdn.com/cm-notify?pi=sharethrough&us_privacy=1YNY&tc=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=PNoZYBiDuXiYZvaVd8ixzJNL&source_user_id=Qqm1WMvcgGOkNCUxBBU6&pi=sharethrough&us_privacy=1YNY&tc=1
Request Chain 243
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=&us_privacy=1YNY HTTP 303
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=&us_privacy=1YNY&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEMlRVN0dQMDBBQUEzVllMa2kydw&gdpr=0&gdpr_consent=&us_privacy=1YNY&bee_sync_partners=pm%2Csyn%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Csyn%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD2TU7GP00AAA3VYLki2w&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252Csas%252Cshr%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Csas%2Cshr&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAD2TU7GP00AAA3VYLki2w&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cshr%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp,sas,shr&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAD2TU7GP00AAA3VYLki2w
Request Chain 244
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=b75dfde1-b8ce-42f6-8fe8-e9417cbd954a&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy=1YNY&us_privacy=1YNY HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sharethrough&user_id=b75dfde1-b8ce-42f6-8fe8-e9417cbd954a&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy=1YNY&us_privacy=1YNY HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=840b9800-7fd1-40bd-a695-2bd7ac05ae93&gdpr=0&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dsharethrough%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=sharethrough&user_id=17osx15X5LXiVHPVylUJ0 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=840b9800-7fd1-40bd-a695-2bd7ac05ae93&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Request Chain 245
  • https://c.us1.dyntrk.com/adx/dstct/us.php?dynk=d4s3t4c3t&callback=https://match.sharethrough.com/sync/v1?source_id=d5VvCLuDuN8u3E6oruPETyjE&source_user_id=%USERID%&us_privacy=1YNY HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=d5VvCLuDuN8u3E6oruPETyjE
Request Chain 246
  • https://ups.analytics.yahoo.com/ups/58280/sync?uid=f9631220-0087-4898-b6ea-0659e15676c2&_origin=1&us_privacy=1YNY HTTP 302
  • https://ups.analytics.yahoo.com/ups/58280/sync?uid=f9631220-0087-4898-b6ea-0659e15676c2&_origin=1&us_privacy=1YNY&verify=true
Request Chain 247
  • https://s.ad.smaato.net/c/?adExInit=s&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DxTFJbLbs37tyhbKsPP9VC2cm%26source_user_id%3D%24UID&us_privacy=1YNY HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=807ffc0a
Request Chain 249
  • https://ups.analytics.yahoo.com/ups/58280/sync?uid=b75dfde1-b8ce-42f6-8fe8-e9417cbd954a&_origin=1&us_privacy=1YNY HTTP 302
  • https://ups.analytics.yahoo.com/ups/58280/sync?uid=b75dfde1-b8ce-42f6-8fe8-e9417cbd954a&_origin=1&us_privacy=1YNY&verify=true
Request Chain 250
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X&us_privacy=1YNY HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=211975278567969
Request Chain 252
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&dcc=t
Request Chain 254
  • https://id5-sync.com/i/688/8.gif?id5id=ID5*IPbiz0F205FAwCvkEYIAm2gkd1_o4aX062bXuKc9IVciwPQfqRMd_hYZKCoS9dVM&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/688/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F688%2F2%2F7%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/688/2/7/2.gif?puid=6740448256026770921&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOO8h8ETp-hGRrPK8bEprY35JfCnSR2Hg43YOO1w&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F688%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/688/3/6/3.gif?puid=20d5631f-a69c-4400-9e92-25efa6b072ff&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=a2c2f461-deb4-4461-8898-1773ade8bb97&ttl=%%TTL%% HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F688%2F429%2F4%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/688/429/4/5.gif?puid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F688%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/688/434/3/6.gif?puid=5c63b8fc-35f1-4969-a16b-e4efe07de565&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F688%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/688/429/2/7.gif?puid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F688%2F108%2F1%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/688/108/1/8.gif?puid=1ae18a8f-69ba-4fa5-9048-7e4f69043c66&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F688%2F429%2F0%2F9.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/688/429/0/9.gif?puid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent=
Request Chain 275
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a2c2f461-deb4-4461-8898-1773ade8bb97&dongle=0cfd
Request Chain 276
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO834LNaEZeLq5TpXATi4RI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 278
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D
Request Chain 279
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3925327059705463040423&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3925327059705463040423&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=696198a4-dc0f-457a-af19-d83de666f4d4&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=696198a4-dc0f-457a-af19-d83de666f4d4&_noobservation=1&_expected_cookie=e4cf503f8d76f79a1506d1b76129ca42
Request Chain 280
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3925327059705463040423&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=840b9800-7fd1-40bd-a695-2bd7ac05ae93 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=840b9800-7fd1-40bd-a695-2bd7ac05ae93 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=252556e4-8972-4825-a50b-9b9115fa0160&ssp=triplelift&expires=30&user_group=5&bsw_param=840b9800-7fd1-40bd-a695-2bd7ac05ae93 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=840b9800-7fd1-40bd-a695-2bd7ac05ae93&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 281
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3925327059705463040423?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-1LpqFjVE2oTgkxT._e8BqielKK0yid.VWqEkPVeKxA--~A&dongle=0883
Request Chain 284
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=sLxirMxaRNIjUTPSKkSe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5ONGHQ2LSJV4GCUSOJFVFKVCQKNFWWU3F&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5ONGHQ2LSJV4GCUSOJFVFKVCQKNFWWU3F HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=sLxirMxaRNIjUTPSKkSe
Request Chain 285
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a2c2f461-deb4-4461-8898-1773ade8bb97&dongle=0cfd
Request Chain 286
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO834LNaEZeLq5TpXATi4RI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 288
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D
Request Chain 289
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3925327059705463040423&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3925327059705463040423&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=696198a4-dc0f-457a-af19-d83de666f4d4&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=696198a4-dc0f-457a-af19-d83de666f4d4&_noobservation=1&_expected_cookie=df549f10a127003547161493242c2907
Request Chain 290
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3925327059705463040423&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8514218752795873796&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=840b9800-7fd1-40bd-a695-2bd7ac05ae93&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 291
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3925327059705463040423?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-1LpqFjVE2oTgkxT._e8BqielKK0yid.VWqEkPVeKxA--~A&dongle=0883
Request Chain 294
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=9-ix6QKcq2Ib3Qgz91hZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5HEWWS6BWKFFWG4JSJFRDGULHPI4TC2C2&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5HEWWS6BWKFFWG4JSJFRDGULHPI4TC2C2 HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=9-ix6QKcq2Ib3Qgz91hZ
Request Chain 295
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a2c2f461-deb4-4461-8898-1773ade8bb97&dongle=0cfd
Request Chain 296
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 297
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO834LNaEZeLq5TpXATi4RI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 298
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D
Request Chain 299
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3925327059705463040423&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3925327059705463040423&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=696198a4-dc0f-457a-af19-d83de666f4d4&_noobservation=1
Request Chain 300
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3925327059705463040423&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=1821034a-12a8-42b3-8b1d-acccf684ecee&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=840b9800-7fd1-40bd-a695-2bd7ac05ae93&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 301
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3925327059705463040423?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-1LpqFjVE2oTgkxT._e8BqielKK0yid.VWqEkPVeKxA--~A&dongle=0883
Request Chain 304
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZTQbFeJQMV3vJfNj1D20&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LJKFCYSGMVFFCTKWGN3EUZSONIYUIMRQ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LJKFCYSGMVFFCTKWGN3EUZSONIYUIMRQ HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZTQbFeJQMV3vJfNj1D20
Request Chain 305
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Request Chain 306
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 308
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21314d99-b3a7-458c-8e3f-a316f81d65b0
Request Chain 309
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-uIK0yS1E2uFT7pr82qeiWvTtuAU478a0~A
Request Chain 310
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=a2c2f461-deb4-4461-8898-1773ade8bb97&ttl=1665610652
Request Chain 311
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L7ZAD81Z-1G-2SMX
Request Chain 313
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=a357b7e2-e2b0-4b8a-928a-c3d6af9c94d4&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=579dcdc4504b0fce&is_secure=true&networkId=17100&version=1&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAF3WaMSvO5RwMGhflSAAAAAAA&expiration=1663105052&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D0C65799C-ADAA-4108-A890-30B257FC431D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=0C65799C-ADAA-4108-A890-30B257FC431D
Request Chain 314
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D55%2526uid%253D%2524UID%252F06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D55%2526uid%253D%2524UID%252F06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID%2F06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID%2F06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341
Request Chain 315
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-KkoRqS5E2uGnx3nv8tQ1h2dIBuj7REjgzwr0uAM-~A
Request Chain 317
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu
Request Chain 319
  • https://idsync.rlcdn.com/403716.gif?partner_uid=a6inav80s9tudcj0jnuelpimu HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=3f9a55d8-7e4f-4f8f-bbc3-3c22362a243a
Request Chain 322
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21314d99-b3a7-458c-8e3f-a316f81d65b0
Request Chain 323
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-uIK0yS1E2uFT7pr82qeiWvTtuAU478a0~A
Request Chain 325
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L7ZAD81Z-1D-BY0G
Request Chain 327
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1a2f2bc6-a0f2-4bed-b2e7-72ecf0af5216&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6407947eb979105c&is_secure=true&networkId=17100&version=1&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFz-Z30_6faAMSnnEtAAAAAAA&expiration=1663105052&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D0C65799C-ADAA-4108-A890-30B257FC431D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=0C65799C-ADAA-4108-A890-30B257FC431D
Request Chain 328
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D55%2526uid%253D%2524UID%252F06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D55%2526uid%253D%2524UID%252F06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID%2F06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341
Request Chain 329
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-KkoRqS5E2uGnx3nv8tQ1h2dIBuj7REjgzwr0uAM-~A
Request Chain 331
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu
Request Chain 333
  • https://idsync.rlcdn.com/403716.gif?partner_uid=a6inav80s9tudcj0jnuelpimu HTTP 307
  • https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIm83-mAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIm83-mAYSBAgCEABCAEoA&google_gid=CAESEDe5beBZdiHhzI-dS-NCNPk&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=c594603f-d022-48aa-bb8c-dcd229c131a5
Request Chain 335
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Request Chain 336
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 338
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21314d99-b3a7-458c-8e3f-a316f81d65b0
Request Chain 339
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-uIK0yS1E2uFT7pr82qeiWvTtuAU478a0~A
Request Chain 340
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=a2c2f461-deb4-4461-8898-1773ade8bb97&ttl=1665610651
Request Chain 341
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L7ZAD86L-U-LLYM
Request Chain 343
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2617dbac-cce6-4337-b447-62fc0b76992c&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6e0383f3976e1082&is_secure=true&networkId=17100&version=1&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHJavbwZXOgAMpBOU6AAAAAAA&expiration=1663105052&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D0C65799C-ADAA-4108-A890-30B257FC431D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=0C65799C-ADAA-4108-A890-30B257FC431D
Request Chain 344
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D55%2526uid%253D%2524UID%252F06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D55%2526uid%253D%2524UID%252F06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID%2F06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID%2F06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341
Request Chain 345
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-KkoRqS5E2uGnx3nv8tQ1h2dIBuj7REjgzwr0uAM-~A
Request Chain 347
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu
Request Chain 349
  • https://idsync.rlcdn.com/403716.gif?partner_uid=a6inav80s9tudcj0jnuelpimu HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CITSGBIlCiEIARCakQEaGWE2aW5hdjgwczl0dWRjajBqbnVlbHBpbXUQABoNCJvN_pgGEgUI6AcQAEIASgA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEzSzdmy4bZpheS1EGT37ok&google_cver=1
Request Chain 351
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Request Chain 352
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 356
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F585%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D1b117908-8cf5-4723-a303-61311bb487cb%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID
Request Chain 357
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID&sovrn_retry=true HTTP 307
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FTkxeLZHR3PtEe5nScqbdRwo
Request Chain 358
  • https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24EMXUID&b64_redirect=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM/dHR0PTEmc3JjPTImY3NwaT0wJmNuPTkmc3B1aT0mZHB1aT0kRU1YVUlE HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=6740448256026770921&redirect=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=$EMXUID&b64_redirect=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM/dHR0PTEmc3JjPTImY3NwaT0wJmNuPTkmc3B1aT0mZHB1aT0kRU1YVUlE HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=6740448256026770921brt53451663018651931712bd
Request Chain 359
  • https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=978477409158715723
Request Chain 360
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yx.mm01KsayL.r.TyKhWBAAA%262923
Request Chain 361
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=5382a571-0a97-4a06-8f36-7cc48eea876f
Request Chain 363
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Request Chain 364
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6740448256026770921
Request Chain 365
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=20006cfe-7779-4bd8-bdbb-2bc987eb53d3
Request Chain 366
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Request Chain 367
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F696%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0c505aca-d6ee-4f5c-b4ba-e9c94c879ea0%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID
Request Chain 368
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID&sovrn_retry=true HTTP 307
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FTkxeLZHR3PtEe5nScqbdRwo
Request Chain 369
  • https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24EMXUID&b64_redirect=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM/dHR0PTEmc3JjPTImY3NwaT0wJmNuPTkmc3B1aT0mZHB1aT0kRU1YVUlE HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=6740448256026770921&redirect=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=$EMXUID&b64_redirect=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM/dHR0PTEmc3JjPTImY3NwaT0wJmNuPTkmc3B1aT0mZHB1aT0kRU1YVUlE HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=6740448256026770921brt53451663018651931712bd
Request Chain 370
  • https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=978477409158715722
Request Chain 371
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yx.mm01KsayL.r.TyKhWBAAA%262923
Request Chain 372
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=5382a571-0a97-4a06-8f36-7cc48eea876f
Request Chain 374
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Request Chain 375
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6740448256026770921
Request Chain 376
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=22408f9d-3775-47ec-8bd7-6341adfe631c
Request Chain 377
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Request Chain 381
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F689%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc334e879-c81b-40a9-83e7-1a00900a3b88%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID
Request Chain 382
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID&sovrn_retry=true HTTP 307
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FTkxeLZHR3PtEe5nScqbdRwo
Request Chain 383
  • https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24EMXUID&b64_redirect=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM/dHR0PTEmc3JjPTImY3NwaT0wJmNuPTkmc3B1aT0mZHB1aT0kRU1YVUlE HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=6740448256026770921&redirect=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=$EMXUID&b64_redirect=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM/dHR0PTEmc3JjPTImY3NwaT0wJmNuPTkmc3B1aT0mZHB1aT0kRU1YVUlE HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=6740448256026770921brt53451663018651931712bd
Request Chain 384
  • https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=2809753606263793905
Request Chain 385
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yx.mm01KsayL.r.TyKhWBAAA%262923
Request Chain 386
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=5382a571-0a97-4a06-8f36-7cc48eea876f
Request Chain 388
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Request Chain 389
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6740448256026770921
Request Chain 390
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=5c63b8fc-35f1-4969-a16b-e4efe07de565
Request Chain 391
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Request Chain 422
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1663018652146 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5640700947 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a2c2f461-deb4-4461-8898-1773ade8bb97 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-aa4e4e25-838b-4a7b-b968-928038c26e99-005 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005
Request Chain 423
  • https://usync.vrtcal.com/i?ssp=1822&surl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvrtcal.com%26id%3D%24%24VRTCALUSER%24%24 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vrtcal.com&id=83505946c1600b64e9f989f38ad6b6ad
Request Chain 424
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=807ffc0a
Request Chain 425
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$UIDbrt53451663018651931712bd HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=6740448256026770921brt53451663018651931712bd
Request Chain 426
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=1b01c2e2-c056-47f0-bd84-7b927b71d75d
Request Chain 431
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx-mmwIcKW-2scZ9X_0pPgAACoIAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
Request Chain 432
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx.mm01KsayL.r.TyKhWBAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
Request Chain 433
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
Request Chain 434
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678657052&external_user_id=db5134fa-0dc4-48c9-a4a9-d7b7f741ac8c
Request Chain 435
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=06030002_631fa69b36e25&knw=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030002_631fa69b36e25
Request Chain 436
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8514218752795873796&expiration=1664228252
Request Chain 437
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=dc4f1abb-3b25-417e-98e3-d4a200573e9f
Request Chain 439
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx.mm01KsayL.r.TyKhWBAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
Request Chain 441
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
Request Chain 442
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx-mm7Y6g_DdWxfgsPgA2wAACoIAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
Request Chain 443
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678657052&external_user_id=dc7f5226-9998-4e48-a07b-3aa188eb6034
Request Chain 444
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=IEik9TknQUVu429l2S6RgZU4mbU
Request Chain 445
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://tags.bluekai.com/site/17724?id=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&redir=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=
Request Chain 447
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx-mm5QnmBUL-GN2KQ84mgAACp8AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
Request Chain 448
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx.mm01KsayL.r.TyKhWBAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
Request Chain 454
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477409158715723
Request Chain 467
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 468
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1UbGUyM2VSRTJ1S3JEQm1BNUwzemplMzFxaHNueGVHZH5B
Request Chain 469
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6740448256026770921&ex=appnexus.com
Request Chain 471
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3925327059705463040423
Request Chain 473
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
Request Chain 474
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx.mm01KsayL.r.TyKhWBAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
Request Chain 475
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
Request Chain 476
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3374631f-a69c-4f00-8548-033a1286fef8
Request Chain 477
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=6086858fffe80fce&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHJavbwZXOdwNcSdxJAAAAAAA&expiration=1663105052&is_secure=true
Request Chain 478
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZTQbFeJQMV3vJfNj1D20&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2WSUKFREMZKKKFGVMM3WJJTE42RRIQZDA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2WSUKFREMZKKKFGVMM3WJJTE42RRIQZDA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=ZTQbFeJQMV3vJfNj1D20
Request Chain 481
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
Request Chain 482
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx.mm01KsayL.r.TyKhWBAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
Request Chain 484
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
Request Chain 485
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=408e7c48-5966-4399-8914-c3c6a6b65ea9
Request Chain 486
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=6f72999ddebd105c&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAFz-Z30_6fXgN9wDYSAAAAAAA&expiration=1663105052&is_secure=true
Request Chain 487
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8514218752795873796&expiration=1664228252
Request Chain 488
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2435504376283644868
Request Chain 490
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx.mm01KsayL.r.TyKhWBAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
Request Chain 492
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
Request Chain 493
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
Request Chain 494
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=gysV-tQuHf-YLUWp1ysJ_4IqHK-Ye0GshC2rOb5R
Request Chain 495
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477409158715723
Request Chain 496
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZTQbFeJQMV3vJfNj1D20&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2WSUKFREMZKKKFGVMM3WJJTE42RRIQZDA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2WSUKFREMZKKKFGVMM3WJJTE42RRIQZDA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=ZTQbFeJQMV3vJfNj1D20
Request Chain 497
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=692474668868
Request Chain 499
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 512
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=krem.com&sn=ChromeSyncframe&so=0&topUrl=www.krem.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Zwc4jHxBaTNaVGJTbHZkV3Q4WlNvalhzZkNsYzIxVXNCcG1wNTRUYkd1aStyZzlDOHpaV1pzQU1UTjZOOFQ2VWpub0NtLzJFaWxFdXk4emNQWGRRUllDTkpLS3luTms4cnFWY01zV2JRZXNoS3gwbnRJSXZnVERMVStpczZmMkhQWTdWbjZ5UytGZXpmRkh1YTNuL0RUZCt6dnBObDZOeTB5MGNPWmZ2TkNqWWNGcHdNSnF2djhDK3Y2Yll5akFSSG9KaVY3a1E5UHZKazlhYUJVLy9DdmNURDA0U09oZWRPdUJGaXpsWmhzTFJEQVczZTE5OFBjNkZqdTBCYTNKRTNzdXovSi9yaXJwYUgxeUw0aVZTQUlmNU5xQT09fA&cppv=2
Request Chain 515
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L7ZAD86L-U-LLYM
Request Chain 517
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&gdpr=0&gdpr_consent=
Request Chain 518
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L7ZAD86L-U-LLYM
Request Chain 530
  • https://match.adsrvr.org/track/cmf/openx?oxid=6a5c2abe-b308-79ef-e4ba-bcd10fb145e2&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a2c2f461-deb4-4461-8898-1773ade8bb97&ttd_puid=6a5c2abe-b308-79ef-e4ba-bcd10fb145e2&gdpr=0&gdpr_consent=
Request Chain 532
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE5tmYh6Za-GYoWkJNkJXVE&google_cver=1
Request Chain 535
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=L7ZAD86L-U-LLYM&gdpr=0
Request Chain 536
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=QpOyjRWWuohZleLeFpOuiEOSu9hZw-bbRZUMqZQ1
Request Chain 537
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=FTkxeLZHR3PtEe5nScqbdRwo&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:cde53036af8cde50fd4a619efbd06ce7
Request Chain 538
  • https://um.simpli.fi/lj_match?r=1663018652234&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=0F544501480B4ED1A98BD63E61B44B8D
Request Chain 539
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6740448256026770921
Request Chain 542
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB
Request Chain 543
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678657052&external_user_id=db5134fa-0dc4-48c9-a4a9-d7b7f741ac8c
Request Chain 544
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0F544501480B4ED1A98BD63E61B44B8D
Request Chain 545
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD2TU7GP00AAA3VYLki2w&expiration=1664228252
Request Chain 548
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6740448256026770921
Request Chain 549
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_18e435fc-de53-4181-ae1e-b0281e1f6b21&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=840b9800-7fd1-40bd-a695-2bd7ac05ae93 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=840b9800-7fd1-40bd-a695-2bd7ac05ae93 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=421d6941-3751-417a-beca-0d44d2588bea&user_group=1&ssp=gumgum2&bsw_param=840b9800-7fd1-40bd-a695-2bd7ac05ae93 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=840b9800-7fd1-40bd-a695-2bd7ac05ae93
Request Chain 550
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-2048a4f5-3927-4145-6ee3-6f65d92e9181$ip$149.56.153.181
Request Chain 551
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_18e435fc-de53-4181-ae1e-b0281e1f6b21&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZTQbFeJQMV3vJfNj1D20&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVNFIULCIZSUUUKNKYZXMSTGJZVDCRBSGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVNFIULCIZSUUUKNKYZXMSTGJZVDCRBSGA HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=ZTQbFeJQMV3vJfNj1D20
Request Chain 552
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005&rndcb=1838201642 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=840b9800-7fd1-40bd-a695-2bd7ac05ae93&google_hm=ODQwYjk4MDAtN2ZkMS00MGJkLWE2OTUtMmJkN2FjMDVhZTkz HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJIkSYVJMjXRfR2CKRg-8Gc&google_cver=1&ssp=adconductor&bsw_param=840b9800-7fd1-40bd-a695-2bd7ac05ae93 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/840b9800-7fd1-40bd-a695-2bd7ac05ae93?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-aa4e4e25-838b-4a7b-b968-928038c26e99-005 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005
Request Chain 553
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=lC1EXI0aD2CU&ev=1&pid=558355
Request Chain 554
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28-oCewe015N7aiDAz7V8W3JovxW7EmIl68zVoISH-58MHUsAek0onbOUaTu_QnT96%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28-oCewe015N7aiDAz7V8W3JovxW7EmIl68zVoISH-58MHUsAek0onbOUaTu_QnT96%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_18e435fc-de53-4181-ae1e-b0281e1f6b21&obuid=ENC(-oCewe015N7aiDAz7V8W3JovxW7EmIl68zVoISH-58MHUsAek0onbOUaTu_QnT96) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3D-oCewe015N7aiDAz7V8W3JovxW7EmIl68zVoISH-58MHUsAek0onbOUaTu_QnT96 HTTP 307
  • https://sync.outbrain.com/cookie-sync?p=synacor&uid=5B9D3ABC77CC43EB96F43F52A5B43722&obUid=-oCewe015N7aiDAz7V8W3JovxW7EmIl68zVoISH-58MHUsAek0onbOUaTu_QnT96
Request Chain 555
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=9d618ece-9b1d-41b9-83c1-ac3cc7e144a4
Request Chain 556
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-rnLbFv1E2pe6Z7Z9P.AmVBDRCSPIbn_MutNn~A
Request Chain 557
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=2617dbac-cce6-4337-b447-62fc0b76992c
Request Chain 558
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=5B9D3ABC77CC43EB96F43F52A5B43722
Request Chain 559
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_ded8d05cbe0549d4aaea1
Request Chain 560
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=d74363b1-8cf9-47f7-9dba-f66faa471ed2
Request Chain 561
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=2362538231446745451
Request Chain 564
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=L7ZAD86L-U-LLYM
Request Chain 565
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D0C65799C-ADAA-4108-A890-30B257FC431D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0C65799C-ADAA-4108-A890-30B257FC431D
Request Chain 567
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1 HTTP 302
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=7e463e05fee20fce&is_secure=true&networkId=42851&version=1 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAAFnXOksiUFIwNgKSJ4AAAAAAA&expiration=1663105052&is_secure=true
Request Chain 568
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=82fc2787-d2df-4446-b5a8-955c797c6821&gdpr=&gdpr_pd=&gdpr_consent=
Request Chain 569
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=L7ZAD86L-U-LLYM HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L7ZAD86L-U-LLYM
Request Chain 570
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=V2lfLUo4T0NPWHQ2dGZYQUNoS0dHUQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEPd-Cw2z8kyP5TWwqyb-Jvk&google_cver=1
Request Chain 571
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=520c3f65e0d10fce&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAHJavbwZXOfwNcIrFdAAAAAAA&expiration=1663105052&nuid=&is_secure=true
Request Chain 574
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-ZHMOO8h8ETp-hGRrPK8bEprY35JfCnSR2Hg43YOO1w
Request Chain 577
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=3374631f-a69c-4f00-8548-033a1286fef8&gdpr=&gdpr_consent=
Request Chain 580
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=6740448256026770921brt53451663018651931712bd
Request Chain 581
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Yx.mncCo8YMAACrR0IgAAAAA
Request Chain 582
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Yx.mm01KsayL.r.TyKhWBAAA%262923
Request Chain 583
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=Qqm1WMvcgGOkNCUxBBU6&pi=gumgum
Request Chain 584
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 585
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1
Request Chain 586
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yx.mm01KsayL.r.TyKhWBAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
Request Chain 587
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOt6pDGycuoIsRz2Jxxpzkc&google_cver=1
Request Chain 588
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc0MDQ0ODI1NjAyNjc3MDkyMQ%3D%3D
Request Chain 593
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE5tmYh6Za-GYoWkJNkJXVE&google_cver=1
Request Chain 594
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDYzM2Y5NzQtN2E3Zi0yNzRiLWYxNWEtZTY2OGM1NTM4Yjgy
Request Chain 595
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEPkEFG1D0E00PTLkqxGduvM&google_cver=1
Request Chain 596
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjQ1YWQ0NmYtMTBjOS00N2QyLWIxODctMWNjZjA5NjAyMzNl
Request Chain 602
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECvnsTZOaHEN62cZZmFtCBg&google_cver=1
Request Chain 603
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=6EA2vAM7SQi9UTE-occvDg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6EA2vAM7SQi9UTE-occvDg
Request Chain 604
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7ZAD86L-U-LLYM&sigv=1&esig=2~5787336264ab8ea3840f52b69da8c7f0c884432d
Request Chain 605
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmRhM2JlMTBlZmZkMDRmY2FlOWU2Mzg2NGJjOWM4Y2I4NWQxMjZjNA
Request Chain 606
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/81Mu4C4fIWyh3KtZ-cL_kg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8056190942419320372
Request Chain 607
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7ZAD86L-U-LLYM
Request Chain 608
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a2c2f461-deb4-4461-8898-1773ade8bb97&gdpr=0&gdpr_consent=&expires=30
Request Chain 609
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdaQUQ4NkwtVS1MTFlN
Request Chain 611
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.krem.com%2F&domain=www.krem.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=HqWQn3wzeWZiM0g3UGlTWUxQcVBaWlhzcGFrSWF0cXNIdXlYWldsTVE0NUpqV25WamVGRVZ0NFYzUzRtTWxhbnErdjFSdFJYTjV5cm54bDlLN1FvbVRseGxpMlA5N3ZmcnVvMTF5UmMvdVBONnlDNDJKTXRxSnF5QytuakM0NGZ6WmJ4WFdVOU1PVGtMTlVQOXhsRzN2RzVuUTZVdjQyZlB1Wklid0lTWTdsV2NiWElBTm5JRW8vNmVWVGxzQWpZbWdSaVZSZ2tQMjBaSTJxMzgzbzQzc1FLeWlTSTlwN2JmZXZCWEhyeXhiaXpORTdRNUIvT0pLYit0bzh4VkpEMmFLc1B0djZrY3NhUWJWejVKWitlamR4WERHdz09fA&cppv=2
Request Chain 615
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1YNY&khaos=L7ZAD86L-U-LLYM HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=L7ZAD86L-U-LLYM&ex=d-rubiconproject.com&status=ok&us_privacy=1YNY
Request Chain 631
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L7ZAD86L-U-LLYM
Request Chain 632
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGI9Uifj-bt_OPwUmpTqYqU&google_cver=1
Request Chain 634
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a
Request Chain 635
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a2c2f461-deb4-4461-8898-1773ade8bb97
Request Chain 640
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=ad4edbbb-b0e1-4769-ae71-4d6147a953a5
Request Chain 641
  • https://id5-sync.com/s/464/9.gif?puid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F6%2F2.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/429/6/2.gif?puid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/464/434/5/3.gif?puid=5c63b8fc-35f1-4969-a16b-e4efe07de565&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F4%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/429/4/4.gif?puid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/3/5.gif?puid=1ae18a8f-69ba-4fa5-9048-7e4f69043c66&gdpr=0&gdpr_consent= HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F136%2F2%2F6.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://rtd-tm.everesttech.net/ct/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F136%2F2%2F6.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yx_mngAAJ4ujOAAE HTTP 302
  • https://id5-sync.com/c/464/136/2/6.gif?puid=Yx_mngAAJ4ujOAAE&gdpr=0&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEL79XHD7ziZJi-2KSXW8J2k&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEL79XHD7ziZJi-2KSXW8J2k&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=6740448256026770921&opid=apx&ops=&utidl=tech:goo:CAESEL79XHD7ziZJi-2KSXW8J2k&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A29200825567&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=20d5631f-a69c-4400-9e92-25efa6b072ff&gdpr=0&consent=&id5id=ID5-ZHMOO8h8ETp-hGRrPK8bEprY35JfCnSR2Hg43YOO1w
Request Chain 642
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=1YNY HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dtaboola%26bsw_param%3D840b9800-7fd1-40bd-a695-2bd7ac05ae93&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=3374631f-a69c-4f00-8548-033a1286fef8&expires=30&ssp=taboola&bsw_param=840b9800-7fd1-40bd-a695-2bd7ac05ae93&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=840b9800-7fd1-40bd-a695-2bd7ac05ae93
Request Chain 643
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=82fc2787-d2df-4446-b5a8-955c797c6821 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=82fc2787-d2df-4446-b5a8-955c797c6821&tbid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&query=taboola_hm%3D82fc2787-d2df-4446-b5a8-955c797c6821&isDirect=0
Request Chain 648
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=IEik9TknQUVu429l2S6RgZU4mbU
Request Chain 649
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&gdpr=0&gdpr_consent=&us_privacy=1YNY HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=840b9800-7fd1-40bd-a695-2bd7ac05ae93&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 651
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ed66c99d-5909-48b8-9614-bd57aecce156
Request Chain 657
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1YNY&khaos=L7ZAD86L-U-LLYM HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L7ZAD86L-U-LLYM&us_privacy=1YNY
Request Chain 659
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKT0aVXQHSSNy6JlnJXRwFk&google_cver=1&google_push=AehlK4AgnsiXV2kIAlOL4_9xfRAAUg1-lfWe8QUU63DZs1onW1bB5YC7R9HcvytdHrLEe-rp0Q5VdKqTa73QUk-FXfYOvxJRg0A- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTJjMmY0NjEtZGViNC00NDYxLTg4OTgtMTc3M2FkZThiYjk3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a2c2f461-deb4-4461-8898-1773ade8bb97
Request Chain 660
  • https://fksnk.com/cs/google?google_gid=CAESEF2i_bDc9XfN683NsEy2k-Y&google_cver=1&google_push=AehlK4AaZUw4PsIvT8aEdAmKC376s1cT8OeWBNHI5ihismgr_xLYMTlI83mD2yGHg1-U7QTs1KF65gyxdPFIDbWZqiWnu4k7s626 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0YyRENDRUQyMEFBRUVFMA==
Request Chain 661
  • https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEMHPfoamwSqbsvU00Cyj4Mw&google_cver=1&google_push=AehlK4AIG0HCx8DOMw6yY9QgotwC8Gk1_gd2_PjpoCvvFfqGCYn4Z3VUJdmMgP5eT9_fO60_kHi3_Vr4t03UZ99bAAsrJzDfeRBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AehlK4AIG0HCx8DOMw6yY9QgotwC8Gk1_gd2_PjpoCvvFfqGCYn4Z3VUJdmMgP5eT9_fO60_kHi3_Vr4t03UZ99bAAsrJzDfeRBS
Request Chain 662
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIlcFQAtUlE6i1wxrPd6Py4&google_cver=1&google_push=AehlK4BrFzO1n6u_QIUw7NowwiUKCYRyf1mLUHysYR6JNr63jXwPWUs59eGJgnc2K7NVWl_SthjQlPYrs-fcGlbYd1xLcw-RFQ2k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BrFzO1n6u_QIUw7NowwiUKCYRyf1mLUHysYR6JNr63jXwPWUs59eGJgnc2K7NVWl_SthjQlPYrs-fcGlbYd1xLcw-RFQ2k&google_hm=ODA1NjE5MDk0MjQxOTMyMDM3Mg%3D%3D
Request Chain 663
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOfkxWgIi2PiShDYK4HZUoc&google_cver=1&google_push=AehlK4D9Wg2zMqLSKDM-C83tsxW7L9zPW2qjdAmrTuJQVpJKJSgSvbePgglHf0LAxZehXjDAnkf1PqQIZfr6emALok0-rZ3uexSu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4D9Wg2zMqLSKDM-C83tsxW7L9zPW2qjdAmrTuJQVpJKJSgSvbePgglHf0LAxZehXjDAnkf1PqQIZfr6emALok0-rZ3uexSu&google_hm=tQqgghqOwMECzvBm3Kh_WA==
Request Chain 664
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEBHEk0vIbIAJ7FxKlBbPjDw&google_cver=1&google_push=AehlK4CjmPC2VtEZxQuy0NtIplo8mAi_egk8INgD6qFa6o5XAE2kiDGJ2pcuNapg5OgQNsUw15FZjh1UIUhEogDrJPHIYnYcCbw HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4CjmPC2VtEZxQuy0NtIplo8mAi_egk8INgD6qFa6o5XAE2kiDGJ2pcuNapg5OgQNsUw15FZjh1UIUhEogDrJPHIYnYcCbw%26google_hm%3DBapOTiWDi0p7uWiSgDjCbpk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CjmPC2VtEZxQuy0NtIplo8mAi_egk8INgD6qFa6o5XAE2kiDGJ2pcuNapg5OgQNsUw15FZjh1UIUhEogDrJPHIYnYcCbw&google_hm=BapOTiWDi0p7uWiSgDjCbpk
Request Chain 665
  • https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEFlkDWz-wJeRkaQ7LutTfFs&google_cver=1&google_push=AehlK4BM9-tAjA_-qcPyRKnQGH9t7pHYWr4uGL5xt7Khkmd-JUFZkoBgbJ_CJpQm4sEarUUjBH9VLM6jxBNQ_XsqB0Rpu4JiY5OwZQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTM0NTE2NjMwMTg2NTE5MzE3MTJiZA==
Request Chain 667
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEG-LC1Yld5IxghjPu7ak0Es&google_cver=1&google_push=AehlK4DUzDVDJaTwGRIISg7znkcR_9xd_Ie4G1bg6MTGELxuWXJHxeS-yylnIFQ9Ca2SE4jDQ2skN7-a1lUB0EIMuj_ETx6_ANjziw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQzNTUwNDM3NjI4MzY0NDg2OA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENGA0eUtJkfAsXtudHSRu5c&google_cver=1
Request Chain 668
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFgx1OxJmOCWcCsGndmIPN8&google_cver=1&google_push=AehlK4Dy5Bmh2d7QkMHiCd_lw0-BOD4_6g3zaYG3u7D4vrK56P9bdbm_tezd80sZamhwW65gevHWrEk9B0QxU6NuuKkIKGm-q-JrNQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AehlK4Dy5Bmh2d7QkMHiCd_lw0-BOD4_6g3zaYG3u7D4vrK56P9bdbm_tezd80sZamhwW65gevHWrEk9B0QxU6NuuKkIKGm-q-JrNQ&google_hm=MprAxbEOiWtcl9q5uxr-rg
Request Chain 669
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHHJ_Z0H2B1idwhpkGzzjfw&google_cver=1&google_push=AehlK4CifP9JyihaUm5ih9tcSOWR7jRQiu4_39OCpXdHuZDAZl6fls35zpOwHiUYOgoUBvo8yaJ-F21S2lOXgKMwznOhMq-S4MXXNg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CifP9JyihaUm5ih9tcSOWR7jRQiu4_39OCpXdHuZDAZl6fls35zpOwHiUYOgoUBvo8yaJ-F21S2lOXgKMwznOhMq-S4MXXNg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHHJ_Z0H2B1idwhpkGzzjfw&google_cver=1&google_push=AehlK4CifP9JyihaUm5ih9tcSOWR7jRQiu4_39OCpXdHuZDAZl6fls35zpOwHiUYOgoUBvo8yaJ-F21S2lOXgKMwznOhMq-S4MXXNg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CifP9JyihaUm5ih9tcSOWR7jRQiu4_39OCpXdHuZDAZl6fls35zpOwHiUYOgoUBvo8yaJ-F21S2lOXgKMwznOhMq-S4MXXNg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 671
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEJPW8ObAkThUMP7fTdIUZvw&google_cver=1&google_push=AehlK4CTUgFPHxX28fgW4gwPCqHw3yvdj-SCwu8lKYDKgCscogSICWt5zyQnoJbUyOz9w37oxZpNW0Gib_g8rVFKX_z-4sy8Kr7mwA HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEJPW8ObAkThUMP7fTdIUZvw&google_cver=1&google_push=AehlK4CTUgFPHxX28fgW4gwPCqHw3yvdj-SCwu8lKYDKgCscogSICWt5zyQnoJbUyOz9w37oxZpNW0Gib_g8rVFKX_z-4sy8Kr7mwA&s_h=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=SqVhOs0ERXeNvJ6xctJHwQ
Request Chain 672
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOfkxWgIi2PiShDYK4HZUoc&google_cver=1&google_push=AehlK4A7yAkgk4z0-uQi69dn0GwBfm232sz_16xSUXGH6oGZwACjZLjDV9AlZ3kff6eSbX00EP_glGYSg2Jdc19RNdawmSn67UHyPg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4A7yAkgk4z0-uQi69dn0GwBfm232sz_16xSUXGH6oGZwACjZLjDV9AlZ3kff6eSbX00EP_glGYSg2Jdc19RNdawmSn67UHyPg&google_hm=tQqgghqOwMECzvBm3Kh_WA==
Request Chain 756
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=1d49be3a-32e3-11ed-94f2-677f45bc236b
Request Chain 757
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ded8d05cbe0549d4aaea1
Request Chain 758
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 759
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IEik9TknQUVu429l2S6RgZU4mbU
Request Chain 760
  • https://pixel.onaudience.com/?partner=214&mapped=0C65799C-ADAA-4108-A890-30B257FC431D HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4332f1d165c6a3ec4434c642cb2c8bc3&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=a2c2f461-deb4-4461-8898-1773ade8bb97&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=d986af95a5b85d04
Request Chain 761
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=0C65799C-ADAA-4108-A890-30B257FC431D&addseg=10,33,39
Request Chain 762
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0C65799C-ADAA-4108-A890-30B257FC431D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0C65799C-ADAA-4108-A890-30B257FC431D&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 764
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6740448256026770921&gdpr=0&gdpr_consent=
Request Chain 765
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BIle6FOMVu0fjw67UIlC7QWIV70f2Qq-A493HM49
Request Chain 766
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=
Request Chain 768
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=840b9800-7fd1-40bd-a695-2bd7ac05ae93&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_db10aaf7-f2cb-45a7-8792-228a2ed7fc3e&bsw_param=840b9800-7fd1-40bd-a695-2bd7ac05ae93&expires=10 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=840b9800-7fd1-40bd-a695-2bd7ac05ae93&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 769
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B331_F61CC78F_5FCF8828&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 776
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:a6VH6ePW1OxR7x5&gdpr=0&gdpr_consent=
Request Chain 777
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=692474668868
Request Chain 778
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=2238415957 HTTP 302
  • https://sync.1rx.io/usersync3/centro/1508/06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341?zcc=0&sspret=1&rndcb=2238415957 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-aa4e4e25-838b-4a7b-b968-928038c26e99-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005
Request Chain 779
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=f85aa32f-15ad-48ee-967f-eeda0b87f821&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=0C65799C-ADAA-4108-A890-30B257FC431D
Request Chain 781
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 782
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7163050551832802892&uid=Q7163050551832802892&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7163050551832802892
Request Chain 783
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 784
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=VCRczv1jBNucJV6jn6YfYw
Request Chain 787
  • https://ad.mrtnsvr.com/sync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=Iuo35QDap
Request Chain 788
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=b757b3fd-5c48-4f82-8ee8-ea2d7cbe9229
Request Chain 789
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://um.simpli.fi/epx
Request Chain 790
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0F544501480B4ED1A98BD63E61B44B8D
Request Chain 792
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:0C65799C-ADAA-4108-A890-30B257FC431D HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=1d9ce560-32e3-11ed-90ee-126ccf625bfb&companyId=673&id=pubmatic_id:0C65799C-ADAA-4108-A890-30B257FC431D
Request Chain 794
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0C65799C-ADAA-4108-A890-30B257FC431D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1ae18a8f-69ba-4fa5-9048-7e4f69043c66%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2c2f461-deb4-4461-8898-1773ade8bb97&ttd_puid=1ae18a8f-69ba-4fa5-9048-7e4f69043c66%2C
Request Chain 795
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8514218752795873796
Request Chain 796
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6740448256026770921
Request Chain 797
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:071774bb-d327-4273-a3dd-56debf77e4fe&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 804
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.krem.com%2F&domain=www.krem.com&bundle=zCh4B19WMVRLcVBmTDAlMkJxQUNyRzVzNCUyQlM4eGFYeE5hVEFaQlh3JTJCbFYxWnFiZzBkUWg0U3hLNXZOQjRRS3NuY2RReVZ6SHZrREJ0SSUyRiUyRlFlUEVyUlIyUG5PbjQ1ek5pRHZsciUyQk1JbmVoYUJaczBUR3VaVnduOVRUSGFUT3NQOFBJUHZBZ0dEakNsaWNQbUt6aXJ6biUyQnIzaTc4dyUzRCUzRA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=fjoKI3w4VnE0RTRNejJtbEQ0R3o1OC9sRi9jdzNSRU1Md2hzbWVsdmlpOU5tSzdQTHhEVHMyM0haSkp3RnY2THFOdGxKemJDdDNtcFFOTFlMOVNkWW05R3hTbG9HMmFQQ3p6U0kreWZabFE3Sit2d1VlYjU4c1FXMmwwVDdXVDRmdkRuaFl3WWxGLy83SmNDamNFVzR5OGhlZm8wdUdzRktjdit1OUpWcjlBQWN1ejZOSEg4QjdrcjNXOG9xL0syVC9zcXltZE1sVVZUamYzRDNReldhdldhaHVYRTE3bTI3a1hpTGJaQTNLM0lONjA0V3VWeG1TTGVaS2lyYUt1bVpxQ245a2JsR3A0ekthRmcvdk9zMERUVTdlVGJOZzBzWXNQcHVjZ0diOC9pa1dYWT18&cppv=2
Request Chain 809
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.krem.com%2F&domain=www.krem.com&bundle=zCh4B19WMVRLcVBmTDAlMkJxQUNyRzVzNCUyQlM4eGFYeE5hVEFaQlh3JTJCbFYxWnFiZzBkUWg0U3hLNXZOQjRRS3NuY2RReVZ6SHZrREJ0SSUyRiUyRlFlUEVyUlIyUG5PbjQ1ek5pRHZsciUyQk1JbmVoYUJaczBUR3VaVnduOVRUSGFUT3NQOFBJUHZBZ0dEakNsaWNQbUt6aXJ6biUyQnIzaTc4dyUzRCUzRA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=3L8BCnxsRndPMDdGNGZzL0ZFQjNsZEZBTTlZUTdWUERRNWFmWkozY21ZVDhMWXNjVXNER1V1TkRDSllEaEpRQmJtKythaTI3WFNsK2kvTi8rWDQ4L1Frb1hOVGdlR2JxdjJ2bGhkckl3SG1UOEM4eDVwWnN3RXc5cjlxdGc4NWdRRkdGbWtZVHNodkZvU2xSVVU1eTFSZW1DZnI3ZmVEUFV2ckxiV1h0eUlRbnJhRmZML1V4YlNoNi9lUjBjeERUSmN0QzNnT3hGNmNvWDRhYTVPdGsrYUo2TzRSWk9DZXBmNVVXUjIvZlJaMWhCYkt2ajdsemVsa01zQXVzSDVSRXVqU05qU01xdFE5ZFFzVmQzaU9LanVYOUFDZGd6NjlaNHAyMitXa1FESjJ2bjNtOD18&cppv=2
Request Chain 824
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D HTTP 302
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F181%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc334e879-c81b-40a9-83e7-1a00900a3b88%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/cchain/0/181?gdpr=&gdpr_consent=&us_privacy=&A=c334e879-c81b-40a9-83e7-1a00900a3b88&bidder=sovrn&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0=&uid=FTkxeLZHR3PtEe5nScqbdRwo HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F181%253Fgdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253Dc334e879-c81b-40a9-83e7-1a00900a3b88%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%25253D%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F181%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc334e879-c81b-40a9-83e7-1a00900a3b88%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D0C65799C-ADAA-4108-A890-30B257FC431D HTTP 302
  • https://prebid.a-mo.net/cchain/1/181?gdpr=&gdpr_consent=&us_privacy=&A=c334e879-c81b-40a9-83e7-1a00900a3b88&bidder=pubmatic&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%3D&uid=0C65799C-ADAA-4108-A890-30B257FC431D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F181%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc334e879-c81b-40a9-83e7-1a00900a3b88%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/3/181?gdpr=&gdpr_consent=&us_privacy=&A=c334e879-c81b-40a9-83e7-1a00900a3b88&bidder=appnexus&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%3D&uid=6740448256026770921 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F181%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc334e879-c81b-40a9-83e7-1a00900a3b88%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/5/181?gdpr=&gdpr_consent=&us_privacy=&A=c334e879-c81b-40a9-83e7-1a00900a3b88&bidder=index_rtb&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%3D&uid=Yx.mm01KsayL.r.TyKhWBAAA%262923 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=c334e879-c81b-40a9-83e7-1a00900a3b88&gdpr=&gdpr_consent=&us_privacy=
Request Chain 825
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FTkxeLZHR3PtEe5nScqbdRwo
Request Chain 826
  • https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=6740448256026770921brt53451663018651931712bd
Request Chain 827
  • https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=978477409158715723
Request Chain 828
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yx.mm01KsayL.r.TyKhWBAAA%262923
Request Chain 829
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=5382a571-0a97-4a06-8f36-7cc48eea876f
Request Chain 830
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6740448256026770921
Request Chain 831
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=5c63b8fc-35f1-4969-a16b-e4efe07de565
Request Chain 832
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Request Chain 836
  • https://sync.colossusssp.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=6ace4f04-dc3d-4653-8c3d-6ef7c5dceeaf
Request Chain 837
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=2362538231446745451
Request Chain 1002
  • https://gcdn.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/8CAD23E06BC8154D19A73067B271934A19277703.8BA98C17ACA6964AF8316D29F2C261F8EF72B491/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2BBF78F5D7266041D7575C84E977110E50674CA8.6A2842D9BEFD6A42C3E284E82A62E8487FD430E4/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Request Chain 1004
  • https://gcdn.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/8CAD23E06BC8154D19A73067B271934A19277703.8BA98C17ACA6964AF8316D29F2C261F8EF72B491/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/06602F2DFCF399436B270A36D6CDB0E006D15259.4C5EABF691B51A3D181DE4607DB96DEB8FF6B235/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Request Chain 1005
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEINQxf5LYN0nS5RUU7NlIoA&google_cver=1&google_push=AehlK4D437wfgIzTlCue_Elf0gZwA39mjZ6Gl8O-kGzPTmXq1lmhgBOI7k66V9d1tEwEcARHyva6EfxtDbtr4urL1zLeehWwXxLQnw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4D437wfgIzTlCue_Elf0gZwA39mjZ6Gl8O-kGzPTmXq1lmhgBOI7k66V9d1tEwEcARHyva6EfxtDbtr4urL1zLeehWwXxLQnw
Request Chain 1006
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4AFOYAWx6ih0bSxe16QwBT4cK2FiB5FBQF7p8D2cbQFsn9x9zHvy-PPyirp0Do5Vl9xVWDVuv5jq72DglcbKKDVIWoR-RGl HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4AFOYAWx6ih0bSxe16QwBT4cK2FiB5FBQF7p8D2cbQFsn9x9zHvy-PPyirp0Do5Vl9xVWDVuv5jq72DglcbKKDVIWoR-RGl&prevuid=06030002_631fa69b36e25&knw=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4AFOYAWx6ih0bSxe16QwBT4cK2FiB5FBQF7p8D2cbQFsn9x9zHvy-PPyirp0Do5Vl9xVWDVuv5jq72DglcbKKDVIWoR-RGl&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
Request Chain 1007
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAehlK4ARPqB0M4qEToDeMoNCKTC3hk4Lo6WetaLIDbURX0xnAo6h6h1jgyAApx7x4XhpwT_NrDFAu1ryi-tSHCW2mnAdLU076Rn81Q%26google_hm%3D%5BUID%5D&google_gid=CAESEHRLv58n8SEn_yloaBBktb8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4ARPqB0M4qEToDeMoNCKTC3hk4Lo6WetaLIDbURX0xnAo6h6h1jgyAApx7x4XhpwT_NrDFAu1ryi-tSHCW2mnAdLU076Rn81Q&google_hm=5c63b8fc-35f1-4969-a16b-e4efe07de565
Request Chain 1008
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEARf4h8jkzLbHxfH613lq6k&google_cver=1&google_push=AehlK4BAaGG0l-K-iqmVqDa5V6-CuxwpCeVCfCGVoEzpj0lS1tWTApceOIEcb-DigfRR_XBl7aoEfUipiu26kjGIbITkyeai5xqd6A HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4BAaGG0l-K-iqmVqDa5V6-CuxwpCeVCfCGVoEzpj0lS1tWTApceOIEcb-DigfRR_XBl7aoEfUipiu26kjGIbITkyeai5xqd6A&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
Request Chain 1009
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPfjGebC06lV1eEY1djKin0&google_cver=1&google_push=AehlK4DUAc6p0xFnporanHstoftL9SVZaBT8T9EJKtkVL9XGQO-N4g7k3odlhboZBxwXU4FQq16zG1b3Q3eq0xCLHv9CwYo_KswbXg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4DUAc6p0xFnporanHstoftL9SVZaBT8T9EJKtkVL9XGQO-N4g7k3odlhboZBxwXU4FQq16zG1b3Q3eq0xCLHv9CwYo_KswbXg&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
Request Chain 1010
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIiS_Lim73JJvDJH0upw8KU&google_cver=1&google_push=AehlK4B__8aVodQnRlmdtdARIlrEZm_-4VSNMbd4emeNxgakHwN-5LqHo7le2wy_X84fr9i1U-Lq9AQ_CQsgCJE4lXUtzfoelOcww4I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1raDBiT0FGRTJ1RzFiNS5vM2FxcWF0NXQyeDNIN1VCcn5B&google_push=AehlK4B__8aVodQnRlmdtdARIlrEZm_-4VSNMbd4emeNxgakHwN-5LqHo7le2wy_X84fr9i1U-Lq9AQ_CQsgCJE4lXUtzfoelOcww4I
Request Chain 1011
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEAnbfEsDGdWeytNQhxu7NP8&google_cver=1&google_push=AehlK4Daox083TVyECVRntjfWr09n8Q_xSBbE8VcAUrOjcN_68OZTVsh38gNtaYUSxEjzf8EHSy5PZ1oMKQRIoHTMkjRlYkBZHI3yM0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4Daox083TVyECVRntjfWr09n8Q_xSBbE8VcAUrOjcN_68OZTVsh38gNtaYUSxEjzf8EHSy5PZ1oMKQRIoHTMkjRlYkBZHI3yM0
Request Chain 1021
  • https://gcdn.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/8CAD23E06BC8154D19A73067B271934A19277703.8BA98C17ACA6964AF8316D29F2C261F8EF72B491/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/51539FA3EE14AC31E742E1D5083A91C464C78278.25EA88271658D261AFBCD79D9E6A94EABA8444ED/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Request Chain 1022
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEINQxf5LYN0nS5RUU7NlIoA&google_cver=1&google_push=AehlK4Db0ArR2VU6_6QvzBl-1ef0Cm9bLeqqGduSfdvyyQj6n-sx4QZgu0ICZWlg79eBV5F0JSK89zlqAVr0SCJexbJ1vbSZeV8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4Db0ArR2VU6_6QvzBl-1ef0Cm9bLeqqGduSfdvyyQj6n-sx4QZgu0ICZWlg79eBV5F0JSK89zlqAVr0SCJexbJ1vbSZeV8
Request Chain 1023
  • https://um.simpli.fi/gp_match?google_gid=CAESEMWoS1DT6QcYlXOUx_4KM8o&google_cver=1&google_push=AehlK4DLX6dSLl4IaVMlno_3LLhbuY4jhNsTcgmF76yaEFsswtjvNv8VsDmheGIEf9kGklGMh_I4rBpnCE-CDyPGw65CoaYk-p0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4DLX6dSLl4IaVMlno_3LLhbuY4jhNsTcgmF76yaEFsswtjvNv8VsDmheGIEf9kGklGMh_I4rBpnCE-CDyPGw65CoaYk-p0
Request Chain 1024
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4BSICDr5IZ-7gGm48STPnNxgC4jg3ZI0AEsSrO7OZAKRZeIpdnanV1groe5ABvjEtL2PMy8FkQfE5RW2sQJqQx5RAqRtrg HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4BSICDr5IZ-7gGm48STPnNxgC4jg3ZI0AEsSrO7OZAKRZeIpdnanV1groe5ABvjEtL2PMy8FkQfE5RW2sQJqQx5RAqRtrg&prevuid=06030002_631fa69b36e25&knw=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4BSICDr5IZ-7gGm48STPnNxgC4jg3ZI0AEsSrO7OZAKRZeIpdnanV1groe5ABvjEtL2PMy8FkQfE5RW2sQJqQx5RAqRtrg&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
Request Chain 1025
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEdAO4HKvxjCZkidvFI7_8M&google_cver=1&google_push=AehlK4CHLzp3FnGFtd8EykU2tMwEEdovPappOcv37yZAdhtfV_Lg5hrxf0mWjp6565MnGo7L0CVqgHnpWinX2Wcq1wo6t5OaNQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4CHLzp3FnGFtd8EykU2tMwEEdovPappOcv37yZAdhtfV_Lg5hrxf0mWjp6565MnGo7L0CVqgHnpWinX2Wcq1wo6t5OaNQ
Request Chain 1026
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAehlK4DunoglvaaI56pjN8xB96FHvzXgrNyIAdulQEBpPEOMxukECXOdN-eQcRXCqnixBcwJp_4VjWJuYQNOqEccrPOA3WsRem4%26google_hm%3D%5BUID%5D&google_gid=CAESEHRLv58n8SEn_yloaBBktb8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4DunoglvaaI56pjN8xB96FHvzXgrNyIAdulQEBpPEOMxukECXOdN-eQcRXCqnixBcwJp_4VjWJuYQNOqEccrPOA3WsRem4&google_hm=5c63b8fc-35f1-4969-a16b-e4efe07de565
Request Chain 1027
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPfjGebC06lV1eEY1djKin0&google_cver=1&google_push=AehlK4AkggyEE8sRes0jEybEiYmyjAHJ8Ym__Sxv5Eu49P-sVqC8pi3WKv-1l7Cg6jh6Wm4XJuEsNt7DhT5Axv40b_BUws_iTOU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4AkggyEE8sRes0jEybEiYmyjAHJ8Ym__Sxv5Eu49P-sVqC8pi3WKv-1l7Cg6jh6Wm4XJuEsNt7DhT5Axv40b_BUws_iTOU&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
Request Chain 1028
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIiS_Lim73JJvDJH0upw8KU&google_cver=1&google_push=AehlK4C168lilY9g0nuv8ZRfHy4j6l9iYtxrANrTWrWxrJCXX_tSSqRh5NtyX7pkotwcp97rgD0aQQDyYnLTzzkiqbYLsauzVGm0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1raDBiT0FGRTJ1RzFiNS5vM2FxcWF0NXQyeDNIN1VCcn5B&google_push=AehlK4C168lilY9g0nuv8ZRfHy4j6l9iYtxrANrTWrWxrJCXX_tSSqRh5NtyX7pkotwcp97rgD0aQQDyYnLTzzkiqbYLsauzVGm0
Request Chain 1038
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEK8_UKJNH9JXTeejqk7cy5g&google_cver=1
Request Chain 1039
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBvHYDForwSgEMbh7o9SbGo&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBvHYDForwSgEMbh7o9SbGo&google_cver=1&__user_check__=1&sync_id=208e1106-32e3-11ed-a6c1-164d817e0103
Request Chain 1040
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=208e030e-32e3-11ed-b55b-1ecf2a460103 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjA4ZTAyY2EtMzJlMy0xMWVkLWI1NWItMWVjZjJhNDYwMTAz
Request Chain 1041
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEINQxf5LYN0nS5RUU7NlIoA&google_cver=1&google_push=AehlK4CzOED_qr-zcTo_-RoVGn_BekH0q0urbftVtIJgYO9OIOiN83zZi2dXWyRkpd7mPoomdtArSnX29KIfqil5M0qLU5Ijhio HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4CzOED_qr-zcTo_-RoVGn_BekH0q0urbftVtIJgYO9OIOiN83zZi2dXWyRkpd7mPoomdtArSnX29KIfqil5M0qLU5Ijhio
Request Chain 1042
  • https://um.simpli.fi/gp_match?google_gid=CAESEMWoS1DT6QcYlXOUx_4KM8o&google_cver=1&google_push=AehlK4Au77S0JkVSiDBISAU-1UwVfosNVxqR9zx_g-NN9JqZUesN8e5nSKyaPW3lPApA4y8oQ3tTnvIcQVvQbXQ-SRRpzMPw09Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4Au77S0JkVSiDBISAU-1UwVfosNVxqR9zx_g-NN9JqZUesN8e5nSKyaPW3lPApA4y8oQ3tTnvIcQVvQbXQ-SRRpzMPw09Y
Request Chain 1043
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4A2bdBny7TZLolbXO2anyqdQbrAb2dCfuchk5mMV3fAoUfNohsJ3t_a1ulE9ccgTh9NDAbrel8YUZzY_ZL0a6QQY1dYcmI HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4A2bdBny7TZLolbXO2anyqdQbrAb2dCfuchk5mMV3fAoUfNohsJ3t_a1ulE9ccgTh9NDAbrel8YUZzY_ZL0a6QQY1dYcmI&prevuid=06030002_631fa69b36e25&knw=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4A2bdBny7TZLolbXO2anyqdQbrAb2dCfuchk5mMV3fAoUfNohsJ3t_a1ulE9ccgTh9NDAbrel8YUZzY_ZL0a6QQY1dYcmI&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
Request Chain 1044
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEdAO4HKvxjCZkidvFI7_8M&google_cver=1&google_push=AehlK4Doc0QI4C0nB58F4cR4b0QJ9RulJEUaLf83Q1rR2gwiLwqKlbaVG8HWz5idTpuD8OB3ZSCggy5nUJ5j_cIZ1Z0pUsBnKYI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4Doc0QI4C0nB58F4cR4b0QJ9RulJEUaLf83Q1rR2gwiLwqKlbaVG8HWz5idTpuD8OB3ZSCggy5nUJ5j_cIZ1Z0pUsBnKYI
Request Chain 1045
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEARf4h8jkzLbHxfH613lq6k&google_cver=1&google_push=AehlK4BDpjNXtGvtl-sCWigAmiHrcVFne_3Nz6I1Dq3DrpfB-PfAuTZLuHH_v4crDFcvXpjsxRS75sma9nBWDPlv3byx82y02A HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4BDpjNXtGvtl-sCWigAmiHrcVFne_3Nz6I1Dq3DrpfB-PfAuTZLuHH_v4crDFcvXpjsxRS75sma9nBWDPlv3byx82y02A&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
Request Chain 1046
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPfjGebC06lV1eEY1djKin0&google_cver=1&google_push=AehlK4B4S5Dsi47moyHUVoPKtFSFMlXkQ3Jd40cQlNZjXL35UTnVBTHsJgWQ-SrSr7krbjNUgvjDhf79NUBPGgu5-EK3u60_hg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4B4S5Dsi47moyHUVoPKtFSFMlXkQ3Jd40cQlNZjXL35UTnVBTHsJgWQ-SrSr7krbjNUgvjDhf79NUBPGgu5-EK3u60_hg&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
Request Chain 1047
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEAnbfEsDGdWeytNQhxu7NP8&google_cver=1&google_push=AehlK4Cz-uNHZxp6Pyse2sEzG3Gi9ciYKqzXfH5ILhtEZF-k6prljwGRR6IfEgpwXFvnJflWuf1BwzirdVeu2zk4ZDH2_clpOUE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4Cz-uNHZxp6Pyse2sEzG3Gi9ciYKqzXfH5ILhtEZF-k6prljwGRR6IfEgpwXFvnJflWuf1BwzirdVeu2zk4ZDH2_clpOUE
Request Chain 1072
  • https://gcdn.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/8CAD23E06BC8154D19A73067B271934A19277703.8BA98C17ACA6964AF8316D29F2C261F8EF72B491/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/398E424304BEC627AA74A090A5DE9AA3489EAEC7.3B9C68996A10875090651A936BF0203C27884AB2/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Request Chain 1075
  • https://gcdn.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/8CAD23E06BC8154D19A73067B271934A19277703.8BA98C17ACA6964AF8316D29F2C261F8EF72B491/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2EB13BEC52EDDA67CE11FDEC771BA4F6E81099FC.590F643730EC2A8029876F13CA21F8CE25C9D8EE/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Request Chain 1077
  • https://um.simpli.fi/gp_match?google_gid=CAESEMWoS1DT6QcYlXOUx_4KM8o&google_cver=1&google_push=AehlK4BtOqMYwUkA-ozC5geqbnkin9UVbAHLUGWKwLIemg3olE8R_i8hnPpr_WVRVwPzWNKFB3XhST2KcUxB0ullwuY-2Wry_gvO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4BtOqMYwUkA-ozC5geqbnkin9UVbAHLUGWKwLIemg3olE8R_i8hnPpr_WVRVwPzWNKFB3XhST2KcUxB0ullwuY-2Wry_gvO
Request Chain 1078
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4ChCj6cFfC9Z2GmNkAlWFQQboxZe06TzumSrlfp5SnEpKqrW611-grkBqr6R_vOXiIJXAQvo1mj3wohnmRC10g0NEfC1wg HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4ChCj6cFfC9Z2GmNkAlWFQQboxZe06TzumSrlfp5SnEpKqrW611-grkBqr6R_vOXiIJXAQvo1mj3wohnmRC10g0NEfC1wg&prevuid=06030002_631fa69b36e25&knw=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4ChCj6cFfC9Z2GmNkAlWFQQboxZe06TzumSrlfp5SnEpKqrW611-grkBqr6R_vOXiIJXAQvo1mj3wohnmRC10g0NEfC1wg&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
Request Chain 1079
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEdAO4HKvxjCZkidvFI7_8M&google_cver=1&google_push=AehlK4Cbh3p1_cEEmsDaYHRCeEheGEpdIDnys9r_t16s1_hzscxq0JPTY_sBuavs1GzCfJnityfMAAs1e7Kth0zr-o0f3nBJDd30 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4Cbh3p1_cEEmsDaYHRCeEheGEpdIDnys9r_t16s1_hzscxq0JPTY_sBuavs1GzCfJnityfMAAs1e7Kth0zr-o0f3nBJDd30
Request Chain 1080
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAehlK4BD9HrpvEOTzEV7Y2GR1jWQs-BEIlHW_kQqnd_xzR4PmFa1OcxrdaC5IlwC9bxlpsfmg7sJYwuRb4lnEiuWjn61fjFNFR-1%26google_hm%3D%5BUID%5D&google_gid=CAESEHRLv58n8SEn_yloaBBktb8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4BD9HrpvEOTzEV7Y2GR1jWQs-BEIlHW_kQqnd_xzR4PmFa1OcxrdaC5IlwC9bxlpsfmg7sJYwuRb4lnEiuWjn61fjFNFR-1&google_hm=5c63b8fc-35f1-4969-a16b-e4efe07de565
Request Chain 1081
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEARf4h8jkzLbHxfH613lq6k&google_cver=1&google_push=AehlK4Bg8lB8_AdmJTfXyPENOS4pMhhZIBp68mBCeVbnWPRU_dm7VOqen30MGXCZgP_A0LYt8EP7Oz7P1hpKAdtRNkB2dSbV9HYW HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4Bg8lB8_AdmJTfXyPENOS4pMhhZIBp68mBCeVbnWPRU_dm7VOqen30MGXCZgP_A0LYt8EP7Oz7P1hpKAdtRNkB2dSbV9HYW&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
Request Chain 1082
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPfjGebC06lV1eEY1djKin0&google_cver=1&google_push=AehlK4DH2FTJAz3uJJG7qHuB4No2woTOBd8iQrxeaDVTcCcH5BaWdoOClflMy4ddtZcAhaw_OMSFZ8rzMi89kSrJ16hMSdoOLF42 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4DH2FTJAz3uJJG7qHuB4No2woTOBd8iQrxeaDVTcCcH5BaWdoOClflMy4ddtZcAhaw_OMSFZ8rzMi89kSrJ16hMSdoOLF42&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
Request Chain 1083
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEAnbfEsDGdWeytNQhxu7NP8&google_cver=1&google_push=AehlK4BBcys5WlTSLKKp-tHa8eUYgkB2knoS33R23UB4yFgaGl1JNr2I4rAi2lpvTtwQHMM_CJaTn8YfDDexZOPxAN-dUdV0hS_ZKw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4BBcys5WlTSLKKp-tHa8eUYgkB2knoS33R23UB4yFgaGl1JNr2I4rAi2lpvTtwQHMM_CJaTn8YfDDexZOPxAN-dUdV0hS_ZKw
Request Chain 1089
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEINQxf5LYN0nS5RUU7NlIoA&google_cver=1&google_push=AehlK4DBbbz8_assgs6QxeunFVVLm8atcyzXv8YHrqqbHeigbCjRTNhD1Gl0Byf2aL0e1uXhE2HZCw7OLuohUnuD2BsSYDph4ncR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4DBbbz8_assgs6QxeunFVVLm8atcyzXv8YHrqqbHeigbCjRTNhD1Gl0Byf2aL0e1uXhE2HZCw7OLuohUnuD2BsSYDph4ncR
Request Chain 1090
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4CK0Xq3tQC-akf3gXfi9CgmV4yrA49HwOsDbzOQh01kimt1pb1Gw94EnZP14GCPIxSLdXdFq1lPestcAKQHLdzzs5SYeoM HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4CK0Xq3tQC-akf3gXfi9CgmV4yrA49HwOsDbzOQh01kimt1pb1Gw94EnZP14GCPIxSLdXdFq1lPestcAKQHLdzzs5SYeoM&prevuid=06030002_631fa69b36e25&knw=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4CK0Xq3tQC-akf3gXfi9CgmV4yrA49HwOsDbzOQh01kimt1pb1Gw94EnZP14GCPIxSLdXdFq1lPestcAKQHLdzzs5SYeoM&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
Request Chain 1091
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEdAO4HKvxjCZkidvFI7_8M&google_cver=1&google_push=AehlK4B3PyKyatW9evVBmhtksbPZCNrP3CvwauwV71wAmwBAvkrjRl3QK2BRR0Egcd8-jcfTQ4_Z_iVW1QIeNPwkjmoZ1kOEbGU- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4B3PyKyatW9evVBmhtksbPZCNrP3CvwauwV71wAmwBAvkrjRl3QK2BRR0Egcd8-jcfTQ4_Z_iVW1QIeNPwkjmoZ1kOEbGU-
Request Chain 1092
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAehlK4CaV0-SaoyS34kiC0iJ3wLWVXrIZFNL0OGPpgYRbaSI-qc6KJzqzj8AYI1WkJkJA8SZbcBKBpACulN_-AP7BPoeQ_NdHQml%26google_hm%3D%5BUID%5D&google_gid=CAESEHRLv58n8SEn_yloaBBktb8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4CaV0-SaoyS34kiC0iJ3wLWVXrIZFNL0OGPpgYRbaSI-qc6KJzqzj8AYI1WkJkJA8SZbcBKBpACulN_-AP7BPoeQ_NdHQml&google_hm=5c63b8fc-35f1-4969-a16b-e4efe07de565
Request Chain 1093
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEARf4h8jkzLbHxfH613lq6k&google_cver=1&google_push=AehlK4B-KTYX_TYAUoL0gs70xeewyNeMsqSDvlKZsGp2tjRfNS1Jad3MQRzvVGIH6PE6ZRssBolp9fa81UxQKj8qp6vnriGNerMw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4B-KTYX_TYAUoL0gs70xeewyNeMsqSDvlKZsGp2tjRfNS1Jad3MQRzvVGIH6PE6ZRssBolp9fa81UxQKj8qp6vnriGNerMw&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
Request Chain 1094
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPfjGebC06lV1eEY1djKin0&google_cver=1&google_push=AehlK4C28_YE5AJiCDzvEV_mowO-wmeGDP_yALh3vdgK0EdBtlCfjx6hyULaohyxRMUxnCD75zERJ0chbYdVF20i85jfLZpMMKNI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4C28_YE5AJiCDzvEV_mowO-wmeGDP_yALh3vdgK0EdBtlCfjx6hyULaohyxRMUxnCD75zERJ0chbYdVF20i85jfLZpMMKNI&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
Request Chain 1095
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEAnbfEsDGdWeytNQhxu7NP8&google_cver=1&google_push=AehlK4AKxS7k-0An0zT-Nx8wcUEdn4V-cVTO9U-1GvdM9Z0bSkIkTmpERgi6HQu1c8Xe57CZS3ZxiR7WxXGT9offYsP0dwFP9fZfJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4AKxS7k-0An0zT-Nx8wcUEdn4V-cVTO9U-1GvdM9Z0bSkIkTmpERgi6HQu1c8Xe57CZS3ZxiR7WxXGT9offYsP0dwFP9fZfJg
Request Chain 1100
  • https://gcdn.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/8CAD23E06BC8154D19A73067B271934A19277703.8BA98C17ACA6964AF8316D29F2C261F8EF72B491/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/69761A3DA7135ED46F4AD1B60D2F28ECE748816C.35F918E7116526665AEF1A4F4E398097677CDF93/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Request Chain 1106
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEINQxf5LYN0nS5RUU7NlIoA&google_cver=1&google_push=AehlK4B6o-ob-YHk6uLb-SLFNxp_YU1vwq2-os6LoCJmVQ-KzH3Q-JujalmA-1_6oaSV7h1shLC9kH3h-jVY7RomPrCRT980Nd0OFQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4B6o-ob-YHk6uLb-SLFNxp_YU1vwq2-os6LoCJmVQ-KzH3Q-JujalmA-1_6oaSV7h1shLC9kH3h-jVY7RomPrCRT980Nd0OFQ
Request Chain 1107
  • https://um.simpli.fi/gp_match?google_gid=CAESEMWoS1DT6QcYlXOUx_4KM8o&google_cver=1&google_push=AehlK4AUDvWP1Vm2E-kQEC88Iw-T5Y5IeHpXPHisTJYVIw3TRtpWqhxQ1fKsZfSZG9yjGMct97zY16gyiJ-tx4fSz1jZryg60pa9QA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4AUDvWP1Vm2E-kQEC88Iw-T5Y5IeHpXPHisTJYVIw3TRtpWqhxQ1fKsZfSZG9yjGMct97zY16gyiJ-tx4fSz1jZryg60pa9QA
Request Chain 1108
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4CdV34nAXD_jL2Kjm9B6pBGB6PvNIu248rAn0I4YanX18pLbCZIr3zbGfUcYapD57MYjiNYPOZocKEM90X6oxuzmOmWuvky8g HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4CdV34nAXD_jL2Kjm9B6pBGB6PvNIu248rAn0I4YanX18pLbCZIr3zbGfUcYapD57MYjiNYPOZocKEM90X6oxuzmOmWuvky8g&prevuid=06030002_631fa69b36e25&knw=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4CdV34nAXD_jL2Kjm9B6pBGB6PvNIu248rAn0I4YanX18pLbCZIr3zbGfUcYapD57MYjiNYPOZocKEM90X6oxuzmOmWuvky8g&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
Request Chain 1109
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEARf4h8jkzLbHxfH613lq6k&google_cver=1&google_push=AehlK4D6cqldnwM2UXdKT-aWmPre20c2fmgaAaFkSKeMC5C0RsIsN9_AjoZi14uqpqBY2JUWqMy8Fbvxb4oaiKCR5yWNjN0ymNdE5w HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4D6cqldnwM2UXdKT-aWmPre20c2fmgaAaFkSKeMC5C0RsIsN9_AjoZi14uqpqBY2JUWqMy8Fbvxb4oaiKCR5yWNjN0ymNdE5w&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
Request Chain 1110
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPfjGebC06lV1eEY1djKin0&google_cver=1&google_push=AehlK4ADtvVjn8AozKfXeFtsm_BoJVO-OyL9-1tp1YJXbE1YgMUXzO3QqI_v96y4a4BVN6LOnFuqNmbpQPuV1yvVP92HjkVAqzjkNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4ADtvVjn8AozKfXeFtsm_BoJVO-OyL9-1tp1YJXbE1YgMUXzO3QqI_v96y4a4BVN6LOnFuqNmbpQPuV1yvVP92HjkVAqzjkNw&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
Request Chain 1111
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIiS_Lim73JJvDJH0upw8KU&google_cver=1&google_push=AehlK4B2nB4QETNL1FHyndXly1lDVXlvVLJZiXfmFKz3k--HtxbZgb9NhZsT2mGxq4yj7eEraMt6uwjvCDfdNR_1NlmbjsFFgR5GXA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1raDBiT0FGRTJ1RzFiNS5vM2FxcWF0NXQyeDNIN1VCcn5B&google_push=AehlK4B2nB4QETNL1FHyndXly1lDVXlvVLJZiXfmFKz3k--HtxbZgb9NhZsT2mGxq4yj7eEraMt6uwjvCDfdNR_1NlmbjsFFgR5GXA
Request Chain 1112
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEAnbfEsDGdWeytNQhxu7NP8&google_cver=1&google_push=AehlK4AChQmPX36cMYrVGLIDYs5t5RllKPzimI6pIyM1nhGwzRL7qd0gksFB04H4u0S_yNJ9hvcpAIkPbBZW3g5RirodWsIMBrm0ABs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4AChQmPX36cMYrVGLIDYs5t5RllKPzimI6pIyM1nhGwzRL7qd0gksFB04H4u0S_yNJ9hvcpAIkPbBZW3g5RirodWsIMBrm0ABs
Request Chain 1148
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEINQxf5LYN0nS5RUU7NlIoA&google_cver=1&google_push=AehlK4AULn9VEh640-h8sl5vUyojqDdDMAccwAgzrC6mLEDdUFA-nbfedEnHdJFExKrvDv5n8SZyr3lpnEm2JCVHDrCSGsBiIq6Vcg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4AULn9VEh640-h8sl5vUyojqDdDMAccwAgzrC6mLEDdUFA-nbfedEnHdJFExKrvDv5n8SZyr3lpnEm2JCVHDrCSGsBiIq6Vcg
Request Chain 1149
  • https://um.simpli.fi/gp_match?google_gid=CAESEMWoS1DT6QcYlXOUx_4KM8o&google_cver=1&google_push=AehlK4CBcAC2kvi17-i2e-UnFRNcMWuqOfP527y_95O-5e4o6653Iru_lvXaz4M_KWqdaQu1P65vm-qZT8RhO2y-kSSHrEOlSubRNA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4CBcAC2kvi17-i2e-UnFRNcMWuqOfP527y_95O-5e4o6653Iru_lvXaz4M_KWqdaQu1P65vm-qZT8RhO2y-kSSHrEOlSubRNA
Request Chain 1150
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4DU2tkPXFlMAqbWFYm8UOfp1heHvf36pTwm3qNLWj8hxqK2TfgHsbbX7DNUvvJjUiMMR249VHeBFmpZPATz286LlXGUr8lwWg HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4DU2tkPXFlMAqbWFYm8UOfp1heHvf36pTwm3qNLWj8hxqK2TfgHsbbX7DNUvvJjUiMMR249VHeBFmpZPATz286LlXGUr8lwWg&prevuid=06030002_631fa69b36e25&knw=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4DU2tkPXFlMAqbWFYm8UOfp1heHvf36pTwm3qNLWj8hxqK2TfgHsbbX7DNUvvJjUiMMR249VHeBFmpZPATz286LlXGUr8lwWg&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
Request Chain 1151
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEdAO4HKvxjCZkidvFI7_8M&google_cver=1&google_push=AehlK4CvPtMDNzcxoIo_fyeHkw17nYHhzZG3iD_vz4Jl3ovp_fu02zUsMYk3aoCjn5nArczUJHyqJMqM__ET-GgqVRDGs0fyIWZWTA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4CvPtMDNzcxoIo_fyeHkw17nYHhzZG3iD_vz4Jl3ovp_fu02zUsMYk3aoCjn5nArczUJHyqJMqM__ET-GgqVRDGs0fyIWZWTA
Request Chain 1152
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAehlK4Afzbu0sUDGlX_RyXdyZvx0WhOZKO9DjPyWEfSRkVk2jOLPeBoEisYlJPZG2F4jePl1ffJz-_ob56k7i2jQE4equu2TinWO%26google_hm%3D%5BUID%5D&google_gid=CAESEHRLv58n8SEn_yloaBBktb8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4Afzbu0sUDGlX_RyXdyZvx0WhOZKO9DjPyWEfSRkVk2jOLPeBoEisYlJPZG2F4jePl1ffJz-_ob56k7i2jQE4equu2TinWO&google_hm=5c63b8fc-35f1-4969-a16b-e4efe07de565
Request Chain 1153
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPfjGebC06lV1eEY1djKin0&google_cver=1&google_push=AehlK4CdS-y4kJciG6-KMGBM36McujVrQrd3SFMMfCcMc9CpoDVsQ0skgd55_HFN5fxRV-tgK_X7U-7JER7cPmyld1dumNLsAj7WBQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4CdS-y4kJciG6-KMGBM36McujVrQrd3SFMMfCcMc9CpoDVsQ0skgd55_HFN5fxRV-tgK_X7U-7JER7cPmyld1dumNLsAj7WBQ&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
Request Chain 1154
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEAnbfEsDGdWeytNQhxu7NP8&google_cver=1&google_push=AehlK4Da6TXOER4cgXvOV7bGVqEYYfBkibwp6zPp4jH3JXqqZoeE57KTGbYEtJPJjnb6t1_Rn78SJ9jhGtB13CZT8iptHUYO9Xnzsw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4Da6TXOER4cgXvOV7bGVqEYYfBkibwp6zPp4jH3JXqqZoeE57KTGbYEtJPJjnb6t1_Rn78SJ9jhGtB13CZT8iptHUYO9Xnzsw

1171 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.krem.com/
Redirect Chain
  • http://www.krem.com/
  • https://www.krem.com/
668 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
bda56707bf20744124e4bf13fc1893819d08c2c47f9087b7e599fe45f2fa78bb
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=295
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 12 Sep 2022 21:37:29 GMT
expires
Mon, 12 Sep 2022 21:42:24 GMT
link
</assets/fonts/proximanova-extrabold-webfont.woff2>; rel=preload; as=font; crossorigin; type="font/woff2", </assets/fonts/proximanova-regular-webfont.woff2>; rel=preload; as=font; crossorigin; type="font/woff2", </assets/fonts/proximanova-bold-webfont.woff2>; rel=preload; as=font; crossorigin; type="font/woff2", </assets/fonts/proximanova-semibold-webfont.woff2>; rel=preload; as=font; crossorigin; type="font/woff2", </assets/shared-images/logos/wbir.png>; rel=preload; as=image, </assets/shared-images/backgrounds/diag-5x5-blue-2x.png>; rel=preload; as=image
pragma
no-cache
strict-transport-security
max-age=7776000; includeSubDomains; preload
vary
Accept-Encoding
x-akamai-transformed
9 95095 0 pmb=mTOE,4
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
max-age=0
Connection
keep-alive
Content-Length
0
Date
Mon, 12 Sep 2022 21:37:28 GMT
Expires
Mon, 12 Sep 2022 21:37:28 GMT
Location
https://www.krem.com/
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
proximanova-extrabold-webfont.woff2
www.krem.com/assets/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/assets/fonts/proximanova-extrabold-webfont.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
8f4ad4651d303f2ba96e415554e247770276cbf7a9165d3ae1d3fd8fcaed5f41
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.krem.com/
Origin
https://www.krem.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c55514"
content-type
font/woff2
cache-control
max-age=32894
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
14612
x-xss-protection
1; mode=block
expires
Tue, 13 Sep 2022 06:45:43 GMT
proximanova-regular-webfont.woff2
www.krem.com/assets/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/assets/fonts/proximanova-regular-webfont.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
bc902768c2ec3a51106337c1b7b7ee9d0994a21f795b879db7cd24029edd33c7
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.krem.com/
Origin
https://www.krem.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c555c8"
content-type
font/woff2
cache-control
max-age=202839
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
14792
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 05:58:08 GMT
proximanova-bold-webfont.woff2
www.krem.com/assets/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/assets/fonts/proximanova-bold-webfont.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
6b1a95aed3687521fcbf654063d65a3facbe97c96c888c9016bbe8d1c719637f
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.krem.com/
Origin
https://www.krem.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c55594"
content-type
font/woff2
cache-control
max-age=137788
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
14740
x-xss-protection
1; mode=block
expires
Wed, 14 Sep 2022 11:53:57 GMT
proximanova-semibold-webfont.woff2
www.krem.com/assets/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/assets/fonts/proximanova-semibold-webfont.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
ecf31d03b0335b2099411a2b2ffe02cb9272db8ee1878e7f693b9f07caf12af1
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.krem.com/
Origin
https://www.krem.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c554a0"
content-type
font/woff2
cache-control
max-age=70279
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
14496
x-xss-protection
1; mode=block
expires
Tue, 13 Sep 2022 17:08:48 GMT
wbir.png
www.krem.com/assets/shared-images/logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krem.com/assets/shared-images/logos/wbir.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
efee60553488e3661711cdf3ca62be875fdc1b05ff755b440a841d49c96344f3
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c57686"
content-type
image/png
cache-control
max-age=161132
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
6790
x-xss-protection
1; mode=block
expires
Wed, 14 Sep 2022 18:23:01 GMT
diag-5x5-blue-2x.png
www.krem.com/assets/shared-images/backgrounds/ 		486 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krem.com/assets/shared-images/backgrounds/diag-5x5-blue-2x.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
e7e638e2b784c385f72ad60a8832fbb550b716769988d9abf570968e268e87f4
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c56de6"
content-type
image/png
cache-control
max-age=95282
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
486
x-xss-protection
1; mode=block
expires
Wed, 14 Sep 2022 00:05:31 GMT
modules.min_6.7.1.css
www.krem.com/ 		208 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/modules.min_6.7.1.css
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
130df041e3d67a527400e41e269b62264c8fed52386af02522381857a6d3045a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:32 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfd5629a27"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=98546
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
46900
x-xss-protection
1; mode=block
expires
Wed, 14 Sep 2022 00:59:55 GMT
common.min_6.7.1.js
www.krem.com/ 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/common.min_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
1eb4932342710af98fd136bc59f1a5ddbabf83019ffabf74775c83a531a8a53c
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:18 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfcd09d424"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=238428
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
16639
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 15:51:17 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Sep 2022 21:37:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7BKk7WQU1Z9EDMZmf1T6Vg==
age
9357
vary
Accept-Encoding
content-length
7151
x-ms-lease-status
unlocked
last-modified
Mon, 12 Sep 2022 02:42:29 GMT
server
cloudflare
etag
0x8DA94686F47117A
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8c87fa76-f01e-0103-7155-c69db4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
749bc8dca8237133-YUL
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Sep 2022 21:37:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ERttG9+iQk1LCPjR495NRw==
age
9348
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fdfee482-401e-011a-4343-28b1dc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
749bc8dca8257133-YUL
api.js
www.google.com/recaptcha/ 		912 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=recaptchaCallback&render=explicit
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f70f9ebd1fc1685dd00ccc12f66efec3127c54444a2689fa83ef5b677e13390d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Mon, 12 Sep 2022 21:37:29 GMT
1a6f8d7b
www.krem.com/akam/13/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/akam/13/1a6f8d7b
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a8a7cf649a68c6a92ed7d7be99160e275afde928691d4fe68db2440f8a0924f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Feb 2022 15:08:42 GMT
etag
"c954d12d31e7cb0bfe0bdd4c928e670b690afd16d0d7b98a6c5ed2ece412bb45"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
vary
Accept-Encoding
content-length
8745
x-xss-protection
1; mode=block
expires
Mon, 12 Sep 2022 21:37:29 GMT
close-menu.svg
www.krem.com/assets/shared-images/icons/ 		287 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krem.com/assets/shared-images/icons/close-menu.svg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
010e128b57dec050c1a5a238e8d18f42ba3b66f4fc52cc83cdd392c230263544
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c56d1f"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=194819
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
208
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 03:44:28 GMT
krem.png
www.krem.com/assets/shared-images/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krem.com/assets/shared-images/logos/krem.png
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
6d60990bac72725f8ab3930f0ea573fc789f6006cea08e9c5ade5b6eeb134cf0
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c578a1"
content-type
image/png
cache-control
max-age=54281
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
5281
x-xss-protection
1; mode=block
expires
Tue, 13 Sep 2022 12:42:10 GMT
13e95593-b560-4127-a6a2-6adf0820c95f_16x9.jpg
media.krem.com/assets/KREM/images/13e95593-b560-4127-a6a2-6adf0820c95f/ 		752 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/13e95593-b560-4127-a6a2-6adf0820c95f/13e95593-b560-4127-a6a2-6adf0820c95f_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
64aa3d7cf6937c0b7c0ea85a12036be72c3c4cfea0389bf97111548f98e841b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
last-modified
Wed, 18 Aug 2021 18:30:56 GMT
x-amz-request-id
EHM872MS1VWS5WJJ
etag
"80e44ab8e13511e16aa8ce20a11b715b"
x-amz-id-2
EywvCcJDdiSfyDtzxuSxVdeSyAW/gJS8AoGa0ocU52IpJaOV+eFTqGx0c3oN3kdRoFyNCCz1fmM=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1045140
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
752
x-xss-protection
1; mode=block
expires
Sat, 24 Sep 2022 23:56:29 GMT
blank.png
www.krem.com/assets/shared-images/backgrounds/ 		95 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krem.com/assets/shared-images/backgrounds/blank.png
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c56c5f"
content-type
image/png
cache-control
max-age=198949
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
95
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 04:53:18 GMT
d49a5d1f-470e-4693-af18-64ac5508c3a7_16x9.jpg
media.krem.com/assets/KREM/images/d49a5d1f-470e-4693-af18-64ac5508c3a7/ 		749 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/d49a5d1f-470e-4693-af18-64ac5508c3a7/d49a5d1f-470e-4693-af18-64ac5508c3a7_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
67196a99b374ae5918c6196a7fcda458a81570989c2c47161b76644e86b0f28c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
JE3ALwHUS.zUckfEuG7WQVOcxUjkrlnj
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 23:21:41 GMT
x-amz-request-id
N7HE7PRBDESRHNXJ
etag
"226354efdb86bc95ed55e8bed0613c79"
x-amz-id-2
HtIFB5shTyGpxDIYKhyIq9nXp2/jsfh8e6qQC6vDZiRy2K8ohmsRAaCzeFGkdzTlrTmqdTEWADs=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1216030
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
749
x-xss-protection
1; mode=block
expires
Mon, 26 Sep 2022 23:24:39 GMT
d4f9f9ae-a63a-4116-8943-8eff5f79b6c1_16x9.jpg
media.krem.com/assets/KREM/images/d4f9f9ae-a63a-4116-8943-8eff5f79b6c1/ 		745 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/d4f9f9ae-a63a-4116-8943-8eff5f79b6c1/d4f9f9ae-a63a-4116-8943-8eff5f79b6c1_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
993eb25a78e2d68a356e67b87890abecb56ff7d04c8fa84683b9b81ce7949900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
XGNYOTJ4_Hf_caUDB_MzHxZIm6lIKV37
x-content-type-options
nosniff
last-modified
Mon, 12 Sep 2022 15:11:05 GMT
x-amz-request-id
69SMDQ71YV4GKZ62
etag
"3d88188a54a36105406ba4d167bb7d0a"
x-amz-id-2
6jKYAOzmeOyUIXfRPUwZLaFfUv0zSnr1Yi8NEwxt877y9do24aMmG5BNkwyADtGmaXmS1H0TwYg=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1282439
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
745
x-xss-protection
1; mode=block
expires
Tue, 27 Sep 2022 17:51:28 GMT
cc6c3c2e-ca48-4ff4-94a0-fb421aebd135_16x9.png
media.krem.com/assets/KREM/images/cc6c3c2e-ca48-4ff4-94a0-fb421aebd135/ 		458 B
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/cc6c3c2e-ca48-4ff4-94a0-fb421aebd135/cc6c3c2e-ca48-4ff4-94a0-fb421aebd135_16x9.png
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0ae425e275ac1aff1eea26ba5a42598c56a87aa2738d48486ee4319dcb636a2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
last-modified
Thu, 24 Sep 2020 17:30:33 GMT
x-amz-request-id
NYW8HJ24T6KBN219
etag
"0c04703defc59ef848377047c55daa92"
x-amz-id-2
ftVGR2MIGz1GJULUOsnXB4DXMy9JcWriD/s13022X6xlXYVN44qKOZ5uKTum8NGnzFOmqzyJUAA=
content-type
image/png
access-control-allow-origin
nope
cache-control
max-age=1291798
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
458
x-xss-protection
1; mode=block
expires
Tue, 27 Sep 2022 20:27:27 GMT
wx-69_8x8.png
www.krem.com/assets/shared-images/weather-icons/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krem.com/assets/shared-images/weather-icons/wx-69_8x8.png
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
e38f7698b273506394fedb2afc26753ac8101d54cdf0bb60cd7fab597df2564c
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c556df"
content-type
image/png
cache-control
max-age=48435
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
15071
x-xss-protection
1; mode=block
expires
Tue, 13 Sep 2022 11:04:44 GMT
arrow.png
www.krem.com/images/header/ 		403 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krem.com/images/header/arrow.png
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
16235d26a4505b22b5b62c524f5de5daf63ab483046da51209f5eae79dbe6317
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:50:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfdc88b393"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=88018
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
403
x-xss-protection
1; mode=block
expires
Tue, 13 Sep 2022 22:04:27 GMT
ad51d4b1-0738-4858-964e-417647922307_16x9.jpg
media.krem.com/assets/KREM/images/ad51d4b1-0738-4858-964e-417647922307/ 		740 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/ad51d4b1-0738-4858-964e-417647922307/ad51d4b1-0738-4858-964e-417647922307_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0c90efb5cfff5e985fccad4309b7ccf7207c217773975ccf9d6f9983dcb6a992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
sYhVl2sbL6h.C4_I2cG_etjqC5Du.Laz
x-content-type-options
nosniff
last-modified
Mon, 12 Sep 2022 18:12:58 GMT
x-amz-request-id
62S7F5TYP7GA51AV
etag
"ba6a45055fdb38fdddcc80d8961ccfdc"
x-amz-id-2
ylidab31oqKg9dzd+l6+oUSZzhA77yAfGewjl4/zU6JD3+R3am6RXIsr4c1xWuJDzUPV16Gu//M=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1283794
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
740
x-xss-protection
1; mode=block
expires
Tue, 27 Sep 2022 18:14:03 GMT
fc31c8ce-e774-4531-9d57-a66202b6d345_16x9.jpg
media.krem.com/assets/KREM/images/fc31c8ce-e774-4531-9d57-a66202b6d345/ 		722 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/fc31c8ce-e774-4531-9d57-a66202b6d345/fc31c8ce-e774-4531-9d57-a66202b6d345_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
936ad958ff03965aa08336a732d43390793b61b62c93677a374eaf09729e3dd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
CVhpQFmR19ioFfcqQygZ2Zl_Me1Pd9CX
x-content-type-options
nosniff
last-modified
Mon, 12 Sep 2022 13:58:19 GMT
x-amz-request-id
GBX7XB3RCEQ0DFGB
etag
"541b81a8eff08730ddb9b427c36a89eb"
x-amz-id-2
xg/ClbNVa4SfK9lchmKz5UjpqCyLAMppK68yXZ/IACrFOnnsxLyW7/LqZS5jRXqeUjSsQfvrOBw=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1268642
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
722
x-xss-protection
1; mode=block
expires
Tue, 27 Sep 2022 14:01:31 GMT
e9162916-d652-491c-a69e-3abce03b1cb8_16x9.jpg
media.krem.com/assets/KREM/images/e9162916-d652-491c-a69e-3abce03b1cb8/ 		731 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/e9162916-d652-491c-a69e-3abce03b1cb8/e9162916-d652-491c-a69e-3abce03b1cb8_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3fe8deb171562b11143d389c936de259b6231ed7c3f85b858da26922d56ef112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
FS4Tf73dUlUp3ItzUtMijsjgr0JrdYlw
x-content-type-options
nosniff
last-modified
Mon, 12 Sep 2022 15:10:10 GMT
x-amz-request-id
Y6DRS802K96XXAPA
etag
"c17cb6c3bd3b6cb174395c26a8ed23ec"
x-amz-id-2
OELR/em+YfwgvZCUEBQRtBqoABXv0ZSSgpyXg9WhBqHu7nhhBHeooMskxEOumovNPRIDY7i51f4=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1281337
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
731
x-xss-protection
1; mode=block
expires
Tue, 27 Sep 2022 17:33:06 GMT
player.esi
amp.akamaized.net/hosted/1.1/ 		277 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/hosted/1.1/player.esi?apikey=tegna&version=9.1.8
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:141b:13::17d7:8280 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b4b33c0e7bcf1828b81107c8380dcb273e2aad02f134963189708d5a5321eb88

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:29 GMT
Content-Encoding
gzip
PROTO
https
Server
AkamaiNetStorage
ETag
"22c8e983ad99cc0570d21c8e586cb8e9:1597899815"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
bdf05041-f853-4b85-9e20-14bf7c2d88bc.json
cdn.cookielaw.org/consent/bdf05041-f853-4b85-9e20-14bf7c2d88bc/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/bdf05041-f853-4b85-9e20-14bf7c2d88bc/bdf05041-f853-4b85-9e20-14bf7c2d88bc.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bf9a52323e16d44bf059fce129eed2d5c9adeae5ed1ddbf406dffa419a80393
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Sep 2022 21:37:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
JVDJTHXJj6Vy0l8nJt7bMA==
age
2871
vary
Accept-Encoding
content-length
1266
x-ms-lease-status
unlocked
last-modified
Wed, 19 Jan 2022 20:16:02 GMT
server
cloudflare
etag
0x8D9DB888402A341
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
552d86e8-e01e-013e-7232-5a2892000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
749bc8dcfcbcca4f-YUL
expires
Tue, 13 Sep 2022 01:37:29 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		190 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb59848b4e6672fb3b94f7ce6ee8c7f6916c0ea6110c79e1384d9a71e8ebbf1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
749bc8dd1e09ca5f-YUL
date
Mon, 12 Sep 2022 21:37:29 GMT
vary
Accept-Encoding
content-type
text/javascript
search.png
www.krem.com/images/header/ 		744 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krem.com/images/header/search.png
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
dd620ff1363947eaa898325ec249aad550adf5e7937d2ed37dcad5e6b4751636
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:50:46 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfddb9dde8"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=248261
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
744
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 18:35:10 GMT
alert.png
www.krem.com/images/header/ 		345 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krem.com/images/header/alert.png
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
47c419a977696a7de547c455e8255a7fd55dbe76cd8aca12a212b1951ab18eca
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:50:42 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfdb578459"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=234977
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
345
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 14:53:46 GMT
wx-69_32x32.png
www.krem.com/assets/shared-images/weather-icons/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krem.com/assets/shared-images/weather-icons/wx-69_32x32.png
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
02661fb474ed627f5e5f86213da07ebc15c57c9441846f9218bf9b865fd7f050
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c55282"
content-type
image/png
cache-control
max-age=162049
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
16002
x-xss-protection
1; mode=block
expires
Wed, 14 Sep 2022 18:38:18 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.27.0/ 		321 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a384d1fc7d84b2fe1b1cb470193838a86a5c72d39268aed7825e2235285b5ef7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Sep 2022 21:37:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
8eaHtBigP1U3b42ruIgxsQ==
age
9175
vary
Accept-Encoding
content-length
78056
x-ms-lease-status
unlocked
last-modified
Mon, 29 Nov 2021 20:31:00 GMT
server
cloudflare
etag
0x8D9B37727F240FD
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0243a399-e01e-0171-286c-e5ec8a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
749bc8dd390c7133-YUL
e9162916-d652-491c-a69e-3abce03b1cb8_360x203.jpg
media.krem.com/assets/KREM/images/e9162916-d652-491c-a69e-3abce03b1cb8/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/e9162916-d652-491c-a69e-3abce03b1cb8/e9162916-d652-491c-a69e-3abce03b1cb8_360x203.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
017ef5c4f597cb30f35e3e0e5c7c74f0831924f69fc0918398f63306c80a5380
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
X2qGOW_UThM6kX.vywF3aGDhIyOZlOQl
x-content-type-options
nosniff
last-modified
Mon, 12 Sep 2022 15:10:11 GMT
x-amz-request-id
MQBV936AZZKKX4CY
etag
"8349a2c54e900e45bf5dd1cb4f52ea2f"
x-amz-id-2
QIkneHWNOLQT+d+978+7fPe5fTagV5iBIgl8gJBbJHUKQrXrxjrZY19nUnvA3TcIHHObtQGhvQk=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1281224
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
28295
x-xss-protection
1; mode=block
expires
Tue, 27 Sep 2022 17:31:13 GMT
ad51d4b1-0738-4858-964e-417647922307_360x203.jpg
media.krem.com/assets/KREM/images/ad51d4b1-0738-4858-964e-417647922307/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/ad51d4b1-0738-4858-964e-417647922307/ad51d4b1-0738-4858-964e-417647922307_360x203.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dbe3843e0dc46cce65b3841be6c93e037e8fe161af931365e5009affc6463883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
VcRvgm12lCGbcj_2nql6N33gTS_WE.w3
x-content-type-options
nosniff
last-modified
Mon, 12 Sep 2022 18:12:59 GMT
x-amz-request-id
MGG8YWSHX36114WQ
etag
"12f9046c0e743af65d8db1eca08cbc47"
x-amz-id-2
h63hFtRYwLsJ2erh7G7nuhXByes52WLxZ506mU+hprhatBe+KHHTniz+d1JUTd9myQ8Lv68QsSA=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1283896
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
24533
x-xss-protection
1; mode=block
expires
Tue, 27 Sep 2022 18:15:45 GMT
fc31c8ce-e774-4531-9d57-a66202b6d345_360x203.jpg
media.krem.com/assets/KREM/images/fc31c8ce-e774-4531-9d57-a66202b6d345/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/fc31c8ce-e774-4531-9d57-a66202b6d345/fc31c8ce-e774-4531-9d57-a66202b6d345_360x203.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
adc5ea41f01640df70c1cc7e9b956274814dca8381e58baf3ed2266d81192aeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
vmf2dWYm6xh..Q06UDWliWPK36Af4e50
x-content-type-options
nosniff
last-modified
Mon, 12 Sep 2022 13:58:20 GMT
x-amz-request-id
S6439TAQQHFH7Y3H
etag
"6c5928afcdd694f2a1031a2c14b216f2"
x-amz-id-2
zCHl0b/M5Ol9yu41diDFdbrHhDZzambpaBl4PesNksGmvyHbZRL8zwIl2wojzy2N/H2mQ9HnZes=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1268776
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
22703
x-xss-protection
1; mode=block
expires
Tue, 27 Sep 2022 14:03:45 GMT
dd0105d6-6247-416a-843f-8f92650f1dc6_16x9.jpg
media.krem.com/assets/KREM/images/dd0105d6-6247-416a-843f-8f92650f1dc6/ 		755 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/dd0105d6-6247-416a-843f-8f92650f1dc6/dd0105d6-6247-416a-843f-8f92650f1dc6_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
32cf13edc1a69ec61c012aa967cb0c134e07871e3c0a9afe86450b6dac76a868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
1vpNpB5z2xYrI55ldra0jFmXc.peaHi9
x-content-type-options
nosniff
last-modified
Thu, 11 Aug 2022 20:04:51 GMT
x-amz-request-id
2DBDEZFPREA1BT97
etag
"876c3b80a9dc002993de1aa5381bd402"
x-amz-id-2
l407qIWYEoVqf9h/ZeRZGnANP2Nw4HD60uDc81NVIZBiGrbxYV0abnDNQyWU7ObVa3iN1Q96Ecc=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=735251
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
755
x-xss-protection
1; mode=block
expires
Wed, 21 Sep 2022 09:51:40 GMT
ea2404d2-232c-4762-843e-f2c26a73157e_16x9.jpg
media.krem.com/assets/KSDK/images/ea2404d2-232c-4762-843e-f2c26a73157e/ 		781 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KSDK/images/ea2404d2-232c-4762-843e-f2c26a73157e/ea2404d2-232c-4762-843e-f2c26a73157e_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
576c69b2d66a4475f7c1e6ac2f48fe628e3045787d76e084dfcfe97562eda5b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
qEDGUwcw5mvdTzhw4DbtMYdta0YZ7Mas
x-content-type-options
nosniff
last-modified
Thu, 09 Jun 2022 14:12:57 GMT
x-amz-request-id
VCFDGBRAHEJS89NM
etag
"2df18f18bde640e96362793a2fda2ce3"
x-amz-id-2
lLhvUbDMO8z0vwtcO16UB6NE/vrDjIpB8EIR7zTUfT8mg0eNFzk5VxEt/TCeJcBst+ZWywdU3n8=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=575266
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
781
x-xss-protection
1; mode=block
expires
Mon, 19 Sep 2022 13:25:15 GMT
2417941b-956e-4443-b4bf-cae1694a7b9b_16x9.jpg
media.krem.com/assets/KREM/images/2417941b-956e-4443-b4bf-cae1694a7b9b/ 		771 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/2417941b-956e-4443-b4bf-cae1694a7b9b/2417941b-956e-4443-b4bf-cae1694a7b9b_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9814ed88fecbd63a6e03dc09f197e9a8ffd60c4103b5a1b240f8804a0a8d9da4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
last-modified
Thu, 12 Aug 2021 17:14:08 GMT
x-amz-request-id
18537H2NZTW3WJ12
etag
"eeb2da819888e1f51a9546918b3496cf"
x-amz-id-2
j5C31Za0MoCyn50PoVTHUfsjbqniwB1ZirkqgPJ7mrkRaND5wu9Ifz9IBk2EQodDMiMrUAsS9jE=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=639215
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
771
x-xss-protection
1; mode=block
expires
Tue, 20 Sep 2022 07:11:04 GMT
d33c0e28-826b-493b-924c-6585e0d7f353_16x9.jpg
media.krem.com/assets/KREM/images/d33c0e28-826b-493b-924c-6585e0d7f353/ 		755 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/d33c0e28-826b-493b-924c-6585e0d7f353/d33c0e28-826b-493b-924c-6585e0d7f353_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8d20f11c0652bd2f3a42da8690c51a107f30e3da9f5878f098f8eb9a13976246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
last-modified
Fri, 30 Jul 2021 17:38:36 GMT
x-amz-request-id
NW807GS80APXYQN5
etag
"14c90c1a0e8c9f3f4e360226c914b49d"
x-amz-id-2
eA+TREQRmCZm/mj0EMWrmIxO6nFlYdkWgD+cK6lv1ikYdk2exElOoTNTOQVYqzNVp3UgZXuywT8=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=434178
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
755
x-xss-protection
1; mode=block
expires
Sat, 17 Sep 2022 22:13:47 GMT
edba180b-173c-477e-a3ee-f4ac7792bb6a_16x9.jpg
media.krem.com/assets/KING/images/edba180b-173c-477e-a3ee-f4ac7792bb6a/ 		743 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KING/images/edba180b-173c-477e-a3ee-f4ac7792bb6a/edba180b-173c-477e-a3ee-f4ac7792bb6a_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f39f99b6d3118125c7f0996ae98ec78cff2ac8714283d85c6accee5e0a7102ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
5txPCk6nGdSzmGIfliAQ87DUMH82OSnH
x-content-type-options
nosniff
last-modified
Thu, 28 Jul 2022 15:55:22 GMT
x-amz-request-id
M2XYZ46CHCPEPREJ
etag
"f1d99394627fa2669e33d63896bd3b9b"
x-amz-id-2
yU5E8/DfDnZEjCB56Q2xaMfEjC+jnYCwIji9w+YbvsGQd4pEQ59ry69MKdMUObE0pjJSjh0YDqc=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=734135
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
743
x-xss-protection
1; mode=block
expires
Wed, 21 Sep 2022 09:33:04 GMT
e4512c1b-4171-4190-95c7-077bb3a5b40c_16x9.jpg
media.krem.com/assets/KING/images/e4512c1b-4171-4190-95c7-077bb3a5b40c/ 		751 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KING/images/e4512c1b-4171-4190-95c7-077bb3a5b40c/e4512c1b-4171-4190-95c7-077bb3a5b40c_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
326b995f951075c89927d0e9d2f9f4f90fed4926917493cf594456ed76ed786a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
wC.sCcT3vQY0nr2AFBv_WcY9RGlgF10n
x-content-type-options
nosniff
last-modified
Fri, 09 Sep 2022 01:59:43 GMT
x-amz-request-id
8Y8NSS9VBYYQBEPH
etag
"335213ad47e4b00d1c47f2ed2a4ce64c"
x-amz-id-2
f5a9QFnift4Wln60lYIFXF7BrZx5Wci0HuBijw/8dAhBDXJryFdcgAOWI4GTuW2qnv2tMLL/Ins=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1008588
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
751
x-xss-protection
1; mode=block
expires
Sat, 24 Sep 2022 13:47:17 GMT
f7eb925f-5ae2-4ebf-874f-c2b5aa9bc8e3_16x9.jpg
media.krem.com/assets/WTHR/images/f7eb925f-5ae2-4ebf-874f-c2b5aa9bc8e3/ 		754 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/WTHR/images/f7eb925f-5ae2-4ebf-874f-c2b5aa9bc8e3/f7eb925f-5ae2-4ebf-874f-c2b5aa9bc8e3_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1e4618167c3126036486a0b859b6a9682218284d7db3bbe062f0044b62375963
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
IeFalMZDpAIOh7MsY7PCnqmTQTMUcpnh
x-content-type-options
nosniff
last-modified
Fri, 02 Sep 2022 05:07:23 GMT
x-amz-request-id
NSEVM25MHRGAF2BE
etag
"45410610d7260d1710546af3470e9f98"
x-amz-id-2
Rej836rcfJLhmobVriS1qPJm61DcoLi9blCFE+jldqKEmUHo9ZMaBusYlTD++r5eYJ4CdZCA8aI=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=445083
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
754
x-xss-protection
1; mode=block
expires
Sun, 18 Sep 2022 01:15:32 GMT
b011ac31-71e7-45ec-a9f5-f9a19af2dfd1_16x9.jpg
media.krem.com/assets/KING/images/b011ac31-71e7-45ec-a9f5-f9a19af2dfd1/ 		744 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KING/images/b011ac31-71e7-45ec-a9f5-f9a19af2dfd1/b011ac31-71e7-45ec-a9f5-f9a19af2dfd1_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
82e9bb1dfff86eeedabdaf07efb8b973c558870fd29d7c16bca42b2764552dcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
3yK.HURooEQaZIfQtQgZ72sB8q9xjnf9
x-content-type-options
nosniff
last-modified
Thu, 28 Jul 2022 15:55:29 GMT
x-amz-request-id
EEXMF9T1WGDHCBSD
etag
"94327557a333dfe7756e139048c99163"
x-amz-id-2
YG1qSGXZaD74vyKSPHbDZ7UBZNWzwKUM6wKGLjbEiHUxinBfFG2sSqQLQrSq9CJwqBJrbhijuPk=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=408910
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
744
x-xss-protection
1; mode=block
expires
Sat, 17 Sep 2022 15:12:39 GMT
wx-67_8x8.png
www.krem.com/assets/shared-images/weather-icons/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krem.com/assets/shared-images/weather-icons/wx-67_8x8.png
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
636a23c49febfc119a8a054f7fef768acc5f644217585af6be9eb1c1c63a1438
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c556c3"
content-type
image/png
cache-control
max-age=121306
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
15043
x-xss-protection
1; mode=block
expires
Wed, 14 Sep 2022 07:19:15 GMT
wx-99_8x8.png
www.krem.com/assets/shared-images/weather-icons/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krem.com/assets/shared-images/weather-icons/wx-99_8x8.png
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
03d9af71b568900dac546f6a992f657bec4c67b002dd634e984c1631ffaf8398
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c55734"
content-type
image/png
cache-control
max-age=25706
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
15156
x-xss-protection
1; mode=block
expires
Tue, 13 Sep 2022 04:45:55 GMT
wx-65_8x8.png
www.krem.com/assets/shared-images/weather-icons/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krem.com/assets/shared-images/weather-icons/wx-65_8x8.png
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
42f24d190e5092cebfdc91a9c341155e2cb2bbfd4c2db493cff8d619c937ecca
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c55738"
content-type
image/png
cache-control
max-age=194892
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
15160
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 03:45:41 GMT
wx-97_8x8.png
www.krem.com/assets/shared-images/weather-icons/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krem.com/assets/shared-images/weather-icons/wx-97_8x8.png
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
a78f43446c07555ccad9cd29f5b39a3e0a7ebbebe47725066464a7a8f1b3fde9
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c556dc"
content-type
image/png
cache-control
max-age=96384
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
15068
x-xss-protection
1; mode=block
expires
Wed, 14 Sep 2022 00:23:53 GMT
arrow-blue.svg
www.krem.com/assets/shared-images/icons/ 		635 B
900 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krem.com/assets/shared-images/icons/arrow-blue.svg
Requested by
Host: www.krem.com
URL: https://www.krem.com/modules.min_6.7.1.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
64a623a19dccdebb046e8f2dc6828d1b617d7b7630c1bfd370bda5e0e2211e26
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/modules.min_6.7.1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c56e7b"
content-type
image/svg+xml
cache-control
max-age=192470
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
635
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 03:05:19 GMT
c6abc593-e176-4980-8da9-a6b8d7947830_16x9.jpg
media.krem.com/assets/KREM/images/c6abc593-e176-4980-8da9-a6b8d7947830/ 		729 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/c6abc593-e176-4980-8da9-a6b8d7947830/c6abc593-e176-4980-8da9-a6b8d7947830_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
73349d5e621b0170cf8703aba2b27003a7d0b52e0ce3f3ac8bae9938cfe6bbdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
NE5KolpOlv84eTLA41B47ZTMpEWk7cpX
x-content-type-options
nosniff
last-modified
Thu, 14 Jul 2022 05:53:34 GMT
x-amz-request-id
JHBTD3W3KTFNQZRD
etag
"a3dc8f943e9c6925a7b3f64b9472ca0b"
x-amz-id-2
MTt53fRkP+Q0R4b0MwoCAsY0ySBdlzRqQ6zJemi2ZIe8Y+pzGQhoQDf1PdVR5sGS28KkaAekInw=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1283755
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
729
x-xss-protection
1; mode=block
expires
Tue, 27 Sep 2022 18:13:24 GMT
526cd699-35b5-4828-90b3-e643a3562c5b_16x9.jpg
media.krem.com/assets/KREM/images/526cd699-35b5-4828-90b3-e643a3562c5b/ 		728 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/526cd699-35b5-4828-90b3-e643a3562c5b/526cd699-35b5-4828-90b3-e643a3562c5b_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f96a9807d2422d6ac77aa38d81f0748f9194de57389f1a23f5013fb62aa30cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
sDaHox7wg0f2vXxwJ8HYAiOcHjhMUmQ7
x-content-type-options
nosniff
last-modified
Thu, 25 Aug 2022 04:05:16 GMT
x-amz-request-id
H4QN6WWMG2NQ94EG
etag
"3efbf1a6c4c4645f01905083f4ddb502"
x-amz-id-2
P/c6IbGxskZCPrlpZzi3uIJT5NnLqSclc4xch4IEdcK/zrUEAx01O/+CymJYNbhZzeADVBcqBrI=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1270772
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
728
x-xss-protection
1; mode=block
expires
Tue, 27 Sep 2022 14:37:01 GMT
e44c75bb-6954-4781-917f-c4cbeb2284e3_16x9.jpg
media.krem.com/assets/KING/images/e44c75bb-6954-4781-917f-c4cbeb2284e3/ 		736 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KING/images/e44c75bb-6954-4781-917f-c4cbeb2284e3/e44c75bb-6954-4781-917f-c4cbeb2284e3_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7afe6f0860db60846b0b2a092f9e90e3405af43e403de4c74669c4fe03e96f4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
r5kHuaeMmpxr1T2W5cZ7aVF2RrOWrz9I
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 15:32:25 GMT
x-amz-request-id
98N553GB09J7WKDP
etag
"0bafedbd2bcdfc91ae5bca389a9b534f"
x-amz-id-2
0yi4ZaWGh5umxKzlR0fy1wQlknjF5C0q7Ulx6NfSsvGuAwveHawsMwjJAYRUvjDgI9GbXEFfHDg=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1190681
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
736
x-xss-protection
1; mode=block
expires
Mon, 26 Sep 2022 16:22:10 GMT
en.json
cdn.cookielaw.org/consent/bdf05041-f853-4b85-9e20-14bf7c2d88bc/6136f85f-6938-4683-83a2-fc0fdc2ed231/ 		120 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/bdf05041-f853-4b85-9e20-14bf7c2d88bc/6136f85f-6938-4683-83a2-fc0fdc2ed231/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15bd480f990312c30a7f518d43e3077f88e5bf911217582761f56e26f668c491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Sep 2022 21:37:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
12v9RwOWczRcuoLMLnh3eg==
age
2870
vary
Accept-Encoding
content-length
22872
x-ms-lease-status
unlocked
last-modified
Wed, 19 Jan 2022 20:16:06 GMT
server
cloudflare
etag
0x8D9DB8886225105
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
adb113dc-d01e-0010-5832-5aee00000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
749bc8ddad82ca4f-YUL
expires
Tue, 13 Sep 2022 01:37:29 GMT
2417941b-956e-4443-b4bf-cae1694a7b9b_360x203.jpg
media.krem.com/assets/KREM/images/2417941b-956e-4443-b4bf-cae1694a7b9b/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/2417941b-956e-4443-b4bf-cae1694a7b9b/2417941b-956e-4443-b4bf-cae1694a7b9b_360x203.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a9a4bcc10cf08203e602576a8dc2eddc2059a548f3b1f1b10bf80db47dcd5c9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
last-modified
Thu, 12 Aug 2021 17:14:09 GMT
x-amz-request-id
0MRS2RVBWFB4GNYN
etag
"e1c2e697af3367e0fd1417a08579af2d"
x-amz-id-2
9sTEVRdFhRqiknSRvF2bFYZ3TzDtVpG15Vj+6ym+a/zLsR+dMF4TfCdmbF8g3H5q0QeXgKOARZg=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=343918
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
10050
x-xss-protection
1; mode=block
expires
Fri, 16 Sep 2022 21:09:27 GMT
d33c0e28-826b-493b-924c-6585e0d7f353_360x203.jpg
media.krem.com/assets/KREM/images/d33c0e28-826b-493b-924c-6585e0d7f353/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/d33c0e28-826b-493b-924c-6585e0d7f353/d33c0e28-826b-493b-924c-6585e0d7f353_360x203.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3bc0dd306dac14893dd794c144d782457ef72d75c38d1173779e5e8f1e0f0aad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
last-modified
Fri, 30 Jul 2021 17:38:37 GMT
x-amz-request-id
0MRYD3H54SZ5DCJX
etag
"2386e21d8b2e6e434ca025eaf2349bb8"
x-amz-id-2
1Z4vYZZQPO9snMnm+vMcbOOC9KqYQO8/eBIkvN9ko+/HZ/zhHMOle5Lz4FcLynLWPQfzdvWsAA8=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=419722
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
21649
x-xss-protection
1; mode=block
expires
Sat, 17 Sep 2022 18:12:51 GMT
ea2404d2-232c-4762-843e-f2c26a73157e_360x203.jpg
media.krem.com/assets/KSDK/images/ea2404d2-232c-4762-843e-f2c26a73157e/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KSDK/images/ea2404d2-232c-4762-843e-f2c26a73157e/ea2404d2-232c-4762-843e-f2c26a73157e_360x203.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d390d8f4a41751b407c4e8c2a4fa480d3faa610452f7336310fb0661899e8394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
qDPorNcy9MpOZH3Ihuoc29WytTkFSvcf
x-content-type-options
nosniff
last-modified
Thu, 09 Jun 2022 14:12:57 GMT
x-amz-request-id
4061YNYN0RHHSV51
etag
"75d63b73be71cb3264d94e0e041d633c"
x-amz-id-2
Gb8Gq4efyw8O+25AcylHOXzwY5wKPViQGW5M+vJuZcvgYTJbLrnU1aUEhLTtb8Wdpqb8n2YNBME=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=424336
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
21416
x-xss-protection
1; mode=block
expires
Sat, 17 Sep 2022 19:29:45 GMT
dd0105d6-6247-416a-843f-8f92650f1dc6_360x203.jpg
media.krem.com/assets/KREM/images/dd0105d6-6247-416a-843f-8f92650f1dc6/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/dd0105d6-6247-416a-843f-8f92650f1dc6/dd0105d6-6247-416a-843f-8f92650f1dc6_360x203.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d441b393af86dfeae0324a8d37e868ba6de264676a386d47b77d86fb1e6896c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
Um_SDRfVIQsTKkVG21ISEVykq9LcuAEz
x-content-type-options
nosniff
last-modified
Thu, 11 Aug 2022 20:04:52 GMT
x-amz-request-id
2DBE3546M1GJ3BMK
etag
"763715e0f7affb40ffb81a1d73be3ab2"
x-amz-id-2
y8x0I9TquyeTXirUeSZ0xgxZxo6QfAYouN8UbBcGmyeUS5EdjxrWbGwo3TXFjk1Np5Jg7l8AP6g=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=735305
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
23567
x-xss-protection
1; mode=block
expires
Wed, 21 Sep 2022 09:52:34 GMT
d3c2a017-951d-48ef-9e7c-d1d4cae7962c_16x9.jpg
media.krem.com/assets/CCT/images/d3c2a017-951d-48ef-9e7c-d1d4cae7962c/ 		744 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/CCT/images/d3c2a017-951d-48ef-9e7c-d1d4cae7962c/d3c2a017-951d-48ef-9e7c-d1d4cae7962c_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
36a56fb6fed7c6450e9d1197e028a37c969fccd9dcff8e92acb10aa6a810a5ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
1ipmZOGwsiC.oeHqzsu5yFwxNIFblGCy
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 19:43:16 GMT
x-amz-request-id
BRJ9QHEYAB6XJ8PW
etag
"fb4dd30d8bed18b31d2e750f2c4445bc"
x-amz-id-2
KGJA/QPZyO84Yjt5MBrdseGqwE3gGhwG9/4vOYk8/OwwW8Et1bCo40YCkTvB7szD1fNJ9gAc5Ko=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=141972
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
744
x-xss-protection
1; mode=block
expires
Wed, 14 Sep 2022 13:03:41 GMT
bfc38546-48a6-4738-af75-05e4ca33e610_16x9.jpg
media.krem.com/assets/KTHV/images/bfc38546-48a6-4738-af75-05e4ca33e610/ 		746 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KTHV/images/bfc38546-48a6-4738-af75-05e4ca33e610/bfc38546-48a6-4738-af75-05e4ca33e610_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8c2d56e955397368eef17022b35a746fe9f4e9c5674e7eb228a37a367cf26304
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
HyN70RD5uyIfeoPJd_8c5bqqccue1h5Q
x-content-type-options
nosniff
last-modified
Sun, 28 Aug 2022 03:10:49 GMT
x-amz-request-id
MV4VF77861JK1F36
etag
"b226cc2a9b26b36c336aea8be7475f89"
x-amz-id-2
+LbzUyN2GuWbdpDbcPlhU85WNPDWc0bT5m9o3nMRNobp9Crg3GcoxrHcSAb4QUajR4MSAVvNd8U=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=404987
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
746
x-xss-protection
1; mode=block
expires
Sat, 17 Sep 2022 14:07:16 GMT
b7a0ea47-d5cc-452d-af03-f0b3b25a752d_16x9.jpg
media.krem.com/assets/VERIFY/images/b7a0ea47-d5cc-452d-af03-f0b3b25a752d/ 		760 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/VERIFY/images/b7a0ea47-d5cc-452d-af03-f0b3b25a752d/b7a0ea47-d5cc-452d-af03-f0b3b25a752d_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cbfda2d2707bbbf9d46dffaf0eaf926c08336923a9b642b9c5f75d2c4821411f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
lxIaY1bKyrX7UtsEsJMArrLA5DZGZnA1
x-content-type-options
nosniff
last-modified
Fri, 09 Sep 2022 20:27:54 GMT
x-amz-request-id
ZN7PGPZPR16FBA0M
etag
"32ba7d6714fbcdc2313b7b55c9015a94"
x-amz-id-2
o37DqbZ2u2d7BcnyPDuOdiL0T++aFTop7z6afdhVQqgS61jSub9JLYlF5759d625r+B09s2P0f0=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1269615
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
760
x-xss-protection
1; mode=block
expires
Tue, 27 Sep 2022 14:17:44 GMT
c07161f2-1a30-4d44-8633-80b99de439ad_16x9.jpg
media.krem.com/assets/VERIFY/images/c07161f2-1a30-4d44-8633-80b99de439ad/ 		763 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/VERIFY/images/c07161f2-1a30-4d44-8633-80b99de439ad/c07161f2-1a30-4d44-8633-80b99de439ad_16x9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ea6cf67c3849fb713c3db5105450af0e75c3aae9bc4d61003dc9ce640df14a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
64U1Dm6.5dSBhyTZ3sFihvzHMcZ7ICmu
x-content-type-options
nosniff
last-modified
Fri, 09 Sep 2022 15:09:06 GMT
x-amz-request-id
N5WSYSR3XB277PAT
etag
"dedd6db5bfe01e4b921748627b87cbe2"
x-amz-id-2
jhweBxCHZax8yUuSc05j6R+2AjG2RULtnhI2w5SWoqk9x4UBoUdIk39w9wCj5cYujj0Itk6p68o=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1013605
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
763
x-xss-protection
1; mode=block
expires
Sat, 24 Sep 2022 15:10:54 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ 		387 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52995c7482cb8361e6abfee05a9ec892a3d85679cdcf995e7f2fe711c6ba0150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
Origin
https://www.krem.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:51:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
157166
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 00:04:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 17:51:17 GMT
2c8ca46a-db7c-41c4-a2c4-2011c302e14f_360x203.png
media.krem.com/assets/KREM/images/2c8ca46a-db7c-41c4-a2c4-2011c302e14f/ 		168 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.krem.com/assets/KREM/images/2c8ca46a-db7c-41c4-a2c4-2011c302e14f/2c8ca46a-db7c-41c4-a2c4-2011c302e14f_360x203.png
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.228.147 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-228-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5a9bc1d8593b78f4b3c087c8ce9b7e5db1a56a0e0d4971696455d47cb00467ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
last-modified
Sat, 24 Apr 2021 02:03:31 GMT
x-amz-request-id
E23218NBSF0F8RWM
etag
"356410e2e9b926f55aa1e75fa5abc456"
x-amz-id-2
tClitsgUt87Xl3MEUcsKgeVJv6KcrsUuUVZwDH3+U/FnkB3tN9xU5EuheoJLlNr7bSe7lA78wvA=
content-type
image/png
access-control-allow-origin
nope
cache-control
max-age=799358
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
172263
x-xss-protection
1; mode=block
expires
Thu, 22 Sep 2022 03:40:07 GMT
close.svg
www.krem.com/assets/shared-images/icons/ 		270 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krem.com/assets/shared-images/icons/close.svg
Requested by
Host: www.krem.com
URL: https://www.krem.com/modules.min_6.7.1.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
2774640b1d27c3aa4e178db75e4a77fd9ae7d9b01fa15e29de0a05bc21d3d829
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/modules.min_6.7.1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c56d0e"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=191082
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
201
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 02:42:11 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.27.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.27.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Sep 2022 21:37:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
VSHBUrwe+huqkxKbuHF+GQ==
age
2870
vary
Accept-Encoding
content-length
2950
x-ms-lease-status
unlocked
last-modified
Mon, 29 Nov 2021 20:30:50 GMT
server
cloudflare
etag
0x8D9B3772216FA2F
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b38454bf-701e-00d1-3f32-5a65b9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
749bc8de0ddbca4f-YUL
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.27.0/assets/ 		62 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.27.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
015f5facb5e29c35243f30c95568cd386d0783b71faae2bf75e9227126fc9786
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Sep 2022 21:37:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dJZB5/39qJiAk1Fn9A0JNQ==
age
2870
vary
Accept-Encoding
content-length
14866
x-ms-lease-status
unlocked
last-modified
Mon, 29 Nov 2021 20:30:51 GMT
server
cloudflare
etag
0x8D9B3772282CC5E
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
56be8c43-601e-008a-6f32-5a62c5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
749bc8de0dddca4f-YUL
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.27.0/assets/ 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.27.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.27.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Sep 2022 21:37:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ye6OeZcNyuFoWog7CYs00A==
age
2870
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Mon, 29 Nov 2021 20:31:07 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
312b83c4-201e-000e-3c32-5a34ed000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
749bc8de0ddeca4f-YUL
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
photo_6.7.1.js
www.krem.com/ 		303 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/photo_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
d0574ef27ece544cf460703990b1516d5a1fec90b20505a6efe0a746d60dfb94
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:26 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfd1ce1c2f"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=191299
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
331
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 02:45:48 GMT
lazy-image_6.7.1.js
www.krem.com/ 		937 B
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/lazy-image_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
0ce94b0ceedc1ebdd63aad9ead608cb9c165e6b96450e6554ed6c063d91c4268
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:24 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfd09cf3a9"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=230199
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
633
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 13:34:08 GMT
ad_6.7.1.js
www.krem.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/ad_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
bc5327543d927f2ce35e191597bdd054b35161f3d0eca221408de0d734210844
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:16 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfcbd81c3d"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=191408
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
3432
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 02:47:37 GMT
gallery_6.7.1.js
www.krem.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/gallery_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
f2ff936bbfc5f08e39063b192c55e5fe80b2d399546aa3fe5bf69e28ac290a94
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:20 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfce3a9aee"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=243733
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1307
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 17:19:42 GMT
video_6.7.1.js
www.krem.com/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/video_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
8764d22dd536cad4957e261de198f79f8ad6281c94ed147e6780d7473798f6e2
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:28 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfd2ff1933"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=191328
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
8079
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 02:46:17 GMT
taboola_6.7.1.js
www.krem.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/taboola_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
a33f8bfdaf0dad8862d21ddbd1b8632d93a56665a6ff11cd5b8101281d9eb291
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:28 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfd2ff42f2"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=241081
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1155
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 16:35:30 GMT
related-stories_6.7.1.js
www.krem.com/ 		323 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/related-stories_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
91537255b9ed401cb4d8ffb0ac0a45c27664d589e267faea625cdbb620d6a7f9
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:26 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfd1ce1c43"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=230758
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
338
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 13:43:27 GMT
raw-html_6.7.1.js
www.krem.com/ 		309 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/raw-html_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
a4c166f8e68b02873ac934e809004d03644d9bdc147c3f331a25564bacd1c6a8
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:26 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfd1ce1c35"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=216187
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
333
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 09:40:36 GMT
elections_6.7.1.js
www.krem.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/elections_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
5045d7ac1910d57be36ed1da8b6c3b70afefe86b5bc3aef0c22512d94cbd5344
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:20 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfce3a9c76"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=56399
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1243
x-xss-protection
1; mode=block
expires
Tue, 13 Sep 2022 13:17:28 GMT
election-single-race_6.7.1.js
www.krem.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/election-single-race_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
1ae14c2460103283ee523fd0fc9de22885eb3fedc78d4bcddcb0e50e5fea49dd
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:20 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfce3a9f63"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=154919
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1150
x-xss-protection
1; mode=block
expires
Wed, 14 Sep 2022 16:39:28 GMT
story-row_6.7.1.js
www.krem.com/ 		311 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/story-row_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
5611dfdb809d63de2291eb34a76f4f60372046f3b839e2e3445e22454b6e4a43
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:28 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfd2ff4b37"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=191307
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
334
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 02:45:56 GMT
watch-live_6.7.1.js
www.krem.com/ 		986 B
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/watch-live_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
afd6113212463b3fbcb3643886c37ea182a8fcf755eefde72b2a7e225bd1914c
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:28 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfd2ff49da"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=121471
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
609
x-xss-protection
1; mode=block
expires
Wed, 14 Sep 2022 07:22:00 GMT
mini-live-video_6.7.1.js
www.krem.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/mini-live-video_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
9ddc8427bde88dc7024989396b2908b195c3ae92640d7d3aee58b8b806827eea
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:26 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfd1ce15b9"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=191309
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1261
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 02:45:58 GMT
headline-list_6.7.1.js
www.krem.com/ 		319 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/headline-list_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
fb93a5b61fb0a0be71dc32b39aa81e8fcdd911f85b6099f93ed159b811c9acff
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:20 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfce3a973f"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=157216
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
337
x-xss-protection
1; mode=block
expires
Wed, 14 Sep 2022 17:17:45 GMT
newsletter-signup_6.7.1.js
www.krem.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/newsletter-signup_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
1ca898c0294069400fc7567f695c5a398502971d27bae4f44e4020ea21119436
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:26 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfd1ce0889"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=37706
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
2346
x-xss-protection
1; mode=block
expires
Tue, 13 Sep 2022 08:05:55 GMT
carousel_6.7.1.js
www.krem.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/carousel_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
86320424da24f35b6e52ed0ea628ab97823c8d55da8fa27ba8ef39d7df1629e3
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:16 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfcbd834b6"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=192121
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1042
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 02:59:30 GMT
notifications_6.7.1.js
www.krem.com/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/notifications_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
caf860fd1d429962b54066e653e2671181945a89dc2b7661bcca64a5783ecf97
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:26 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfd1ce0615"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=205106
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1565
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 06:35:55 GMT
firebase-app.js
www.krem.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/firebase-app.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
8a8756c03828ec93bcdab97d740ac771ef827017e3ab9f35900f8ff457bef04c
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:20 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfce3abd6b"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=191276
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
4533
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 02:45:25 GMT
firebase-messaging.js
www.krem.com/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/firebase-messaging.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
62dc829417192543497ddac9a07cb6bbb0404fd1f1325942a77577e3f40774a2
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:20 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfce3ae808"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=255482
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
11170
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 20:35:31 GMT
bem_6.7.1.js
www.krem.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/bem_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
ce3d6b893ee35084b21eb263ee53f4fb6b454bfcfcac2e6e40d68f92c00a8cf8
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:16 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfcbd835a1"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=191295
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1063
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 02:45:44 GMT
live-messages.js
www.krem.com/assets/js-libs/live-messages/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/assets/js-libs/live-messages/live-messages.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
1b7c00d19a3d05ae9cc1442d4ad09319c131495ceb20ecca91712e915b75f60b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c5631f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=230102
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
1348
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 13:32:31 GMT
modal_6.7.1.js
www.krem.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/modal_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
2b843bc230f7588da4a22cdc8cb3af85c71b9c5406e57fe71aa07084b30f5141
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:26 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfd1ce1aa7"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=191449
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1055
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 02:48:18 GMT
jquery-utils_6.7.1.js
www.krem.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/jquery-utils_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
77ad94e21ce9e28ed1d19e345b9c2d7082e617b82455e7dd43c5aaa924e91d46
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:22 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfcf6bc867"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=202348
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1381
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 05:49:57 GMT
jquery.js
www.krem.com/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/jquery.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
8e28938136c1dccb0e1d076b886dd0a0b00b51ac09ed77e0591a13fb0580b3f5
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:24 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfd09daa3c"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=121386
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
39803
x-xss-protection
1; mode=block
expires
Wed, 14 Sep 2022 07:20:35 GMT
app-badge_6.7.1.js
www.krem.com/ 		664 B
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/app-badge_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
ef145673525a43c144053a5645028c3069b079d98449904244ae8c319a5b4842
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:16 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfcbd83e98"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=154545
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
531
x-xss-protection
1; mode=block
expires
Wed, 14 Sep 2022 16:33:14 GMT
hls.min.js
amp.akamaized.net/players/9.1.8+premier/akamai/amp/core/libs/ 		314 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/core/libs/hls.min.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:141b:13::17d7:8280 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d30052e942167f1f7cc0b6b1268866a1d1c1ce2e543fd14faf6db97c16039aa6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:29 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 01:50:33 GMT
Server
AkamaiNetStorage
ETag
"c902fb111b3c35a23a71584a19fcd54a:1643334633.273064"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Access-Control-Allow-Credentials
false
live-video-banner_6.7.1.js
www.krem.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/live-video-banner_6.7.1.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
a9ae235ee3971530f38d44a8a5d156bde08d67fa2a9bd8f8dba7b21de9712371
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 29 Aug 2022 17:50:24 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfd09cf555"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=202405
date
Mon, 12 Sep 2022 21:37:29 GMT
x-content-type-options
nosniff
accept-ranges
bytes
content-length
808
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 05:50:54 GMT
signalr.min.js
www.krem.com/assets/js-libs/signalr/ 		118 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/assets/js-libs/signalr/signalr.min.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
c682f11f436b09c0f49e0f3c6ad3525000bec52c72754afa5692c16c9ece776f
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c4bb3c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=58263
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
32831
x-xss-protection
1; mode=block
expires
Tue, 13 Sep 2022 13:48:32 GMT
header
www.krem.com/ajax/content/ 		55 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/ajax/content/header
Requested by
Host: www.krem.com
URL: https://www.krem.com/common.min_6.7.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
1ce37d389247ef0d835c3ad5f3c4dc5e6a590bdb9097daea20f914118657d6fc
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

pragma
no-cache
cache-control
no-cache
Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=140
date
Mon, 12 Sep 2022 21:37:29 GMT
vary
Accept-Encoding
content-length
11692
x-xss-protection
1; mode=block
expires
Mon, 12 Sep 2022 21:39:49 GMT
negotiate
www.krem.com/tgnaMessage/ 		478 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/tgnaMessage/negotiate
Requested by
Host: www.krem.com
URL: https://www.krem.com/assets/js-libs/signalr/signalr.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
4281efa565e747bed4667e597cd0b06f6fef52812d7e461abf17cf4e56cea969
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.krem.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
max-age=567
date
Mon, 12 Sep 2022 21:37:29 GMT
vary
Accept-Encoding
content-length
583
x-xss-protection
1; mode=block
expires
Mon, 12 Sep 2022 21:46:56 GMT
293
www.krem.com/ajax/mail/getCampaignLists/ 		391 B
957 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/ajax/mail/getCampaignLists/293
Requested by
Host: www.krem.com
URL: https://www.krem.com/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
d2601e1341a019d61d7f3b1b3d8ebcc67bcacf689f04d07c622ca25cd2896597
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.krem.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=173
date
Mon, 12 Sep 2022 21:37:29 GMT
vary
Accept-Encoding
content-length
379
x-xss-protection
1; mode=block
expires
Mon, 12 Sep 2022 21:40:22 GMT
anchor
www.google.com/recaptcha/api2/ Frame A5BC 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhZY8UAAAAANQxx8Y6_JJZSJtONlMiM_yiKTah&co=aHR0cHM6Ly93d3cua3JlbS5jb206NDQz&hl=en&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&badge=inline&cb=f5lfdfdx8fpk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0103b84ff47702d572a411f057b22b0668099e9af340d061955cb31e63d52068
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_VSzctHOlvS65b8HINVrOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22966
content-security-policy
script-src 'report-sample' 'nonce-_VSzctHOlvS65b8HINVrOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
amp.min.css
amp.akamaized.net/players/9.1.8+premier/akamai/amp/core/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/core/amp.min.css
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=tegna&version=9.1.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:141b:13::17d7:8280 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
64751a151c60076c950a230ac692ac7ae5ccef6a53dc14ae8d57a594f4156ed0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:29 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 01:49:04 GMT
Server
AkamaiNetStorage
ETag
"27aaad56ad32202160dad3257fddb67e:1643334544.31618"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
957
react.min.js
amp.akamaized.net/players/9.1.8+premier/akamai/amp/react/libs/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/react/libs/react.min.js
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=tegna&version=9.1.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:141b:13::17d7:8280 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
68130f5af465db2a91fee676da2cf20e4882de672632d70633131990990eff57

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:29 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 01:50:51 GMT
Server
AkamaiNetStorage
ETag
"bb734f5a5b9a48012426778795833251:1643334651.083521"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
10142
arrow-white.svg
www.krem.com/assets/shared-images/icons/ 		632 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krem.com/assets/shared-images/icons/arrow-white.svg
Requested by
Host: www.krem.com
URL: https://www.krem.com/modules.min_6.7.1.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
84d04f4f1fc8216b85979099510b562e89084736527981f167aa46e1efb4b072
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/modules.min_6.7.1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 29 Aug 2022 17:49:44 GMT
x-powered-by
ASP.NET
etag
"1d8bbcfb8c56e78"
content-type
image/svg+xml
cache-control
max-age=196685
date
Mon, 12 Sep 2022 21:37:29 GMT
accept-ranges
bytes
content-length
632
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 04:15:34 GMT
negotiate
tgna-ux-east2.service.signalr.net/client/ 		282 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgna-ux-east2.service.signalr.net/client/negotiate?hub=tegnaonemessage&asrs.op=%2FtgnaMessage&asrs_request_id=7vmdYbwKAAA%3D
Requested by
Host: www.krem.com
URL: https://www.krem.com/assets/js-libs/signalr/signalr.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.62.59.39 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4afae613dc7eee833a9bfef326bb8ebeaaaeda3ca7f8351728703451effc6ebf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Referer
https://www.krem.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
Authorization
Bearer eyJhbGciOiJIUzI1NiIsImtpZCI6Ii0xNDM1NjU0NTU3IiwidHlwIjoiSldUIn0.eyJuYmYiOjE2NjMwMTgzMjMsImV4cCI6MTY2MzAyMTkyMywiaWF0IjoxNjYzMDE4MzIzLCJhdWQiOiJodHRwczovL3RnbmEtdXgtZWFzdDIuc2VydmljZS5zaWduYWxyLm5ldC9jbGllbnQvP2h1Yj10ZWduYW9uZW1lc3NhZ2UifQ.nVlv6tPFQHPzaSwEu3gAJ2W0FosmfxrRJbw5_4hiqgE
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:29 GMT
access-control-allow-credentials
true
content-length
282
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
negotiate
tgna-ux-east2.service.signalr.net/client/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tgna-ux-east2.service.signalr.net/client/negotiate?hub=tegnaonemessage&asrs.op=%2FtgnaMessage&asrs_request_id=7vmdYbwKAAA%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.62.59.39 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.krem.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-requested-with
access-control-allow-methods
POST
access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
styles__ltr.css
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame A5BC 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhZY8UAAAAANQxx8Y6_JJZSJtONlMiM_yiKTah&co=aHR0cHM6Ly93d3cua3JlbS5jb206NDQz&hl=en&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&badge=inline&cb=f5lfdfdx8fpk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:51:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 00:04:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 17:51:19 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame A5BC 		387 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhZY8UAAAAANQxx8Y6_JJZSJtONlMiM_yiKTah&co=aHR0cHM6Ly93d3cua3JlbS5jb206NDQz&hl=en&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&badge=inline&cb=f5lfdfdx8fpk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52995c7482cb8361e6abfee05a9ec892a3d85679cdcf995e7f2fe711c6ba0150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:51:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
157166
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 00:04:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 17:51:17 GMT
React.min.css
amp.akamaized.net/players/9.1.8+premier/akamai/amp/react/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/react/React.min.css
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=tegna&version=9.1.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:141b:13::17d7:8280 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
757ad58c6b674c76006228159758edd7b77dd30ff9cd969f54ea94bbd2c31d94

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:29 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 01:50:01 GMT
Server
AkamaiNetStorage
ETag
"2cf88cf1f0392847dfe224b5796eec23:1643334601.516643"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
5377
React.min.js
amp.akamaized.net/players/9.1.8+premier/akamai/amp/react/ 		97 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/react/React.min.js
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=tegna&version=9.1.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:141b:13::17d7:8280 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
057309ee1908b8030338c0e0d2dc370a40779620c7fd2c7235b2bb13d4d9a644

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:29 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 01:50:00 GMT
Server
AkamaiNetStorage
ETag
"bcb6b412456fe7b4836e18306fd8fed8:1643334600.120345"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
18849
utag.js
tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/ 		136 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.216.220 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d6193fd1c3e9595d88582fca012ec5f152451a05acb961b0aa654ddaea3e705a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:29 GMT
content-encoding
gzip
last-modified
Thu, 04 Aug 2022 20:52:53 GMT
server
AkamaiNetStorage
etag
"d518160955c2e6085e9b7e6a1cb3aa24:1659646373.596129"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
36201
expires
Mon, 12 Sep 2022 21:42:29 GMT
fontawesome-webfont.woff
amp.akamaized.net/players/9.1.8+premier/akamai/amp/react/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/react/fontawesome-webfont.woff
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/react/React.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:141b:13::17d7:8280 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2a536619d5ea5e13d08259acd4e46d5e829f8e2e3935b0d9003b9b36d1589725

Request headers

Referer
https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/react/React.min.css
Origin
https://www.krem.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:29 GMT
Last-Modified
Fri, 28 Jan 2022 01:50:00 GMT
Server
AkamaiNetStorage
ETag
"849abfea7388faeeb4edbc0b89288b85:1643334600.881525"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
font/woff
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
31156
amp.gif
amp.akamaized.net/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/amp.gif?prod=premier&prodver=9.1.8&platform=web&os=Windows&osver=10&browser=Chrome&browserver=105.0&url=https%3A%2F%2Fwww.krem.com%2F&event=create&&lic=tegna
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=tegna&version=9.1.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:141b:13::17d7:8280 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:29 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
amp.gif
amp.akamaized.net/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/amp.gif?prod=premier&prodver=9.1.8&platform=web&os=Windows&osver=10&browser=Chrome&browserver=105.0&url=https%3A%2F%2Fwww.krem.com%2F&event=start&&lic=tegna
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=tegna&version=9.1.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:141b:13::17d7:8280 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:29 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
live.m3u8
livevideo.tegnadigital.com/krem/v1/master/f9c1bf9ffd6ac86b6173a7c169ff6e3f4efbd693/KREM/elvs/ 		1013 B
1023 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo.tegnadigital.com/krem/v1/master/f9c1bf9ffd6ac86b6173a7c169ff6e3f4efbd693/KREM/elvs/live.m3u8
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.178 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24640a5b760e5fecac2d53f71a149d1d1ec52e23f6460f6111c400ed0c5bcf9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amzn-RequestId
4c995999-fe64-407c-a80f-903de05affee
Connection
keep-alive
Content-Length
324
Pragma
no-cache
Akamai-Mon-Iucid-Del
926974
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Mon, 12 Sep 2022 21:37:30 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A5BC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 10:20:50 GMT
x-content-type-options
nosniff
age
558999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 13 Sep 2022 10:20:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A5BC 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhZY8UAAAAANQxx8Y6_JJZSJtONlMiM_yiKTah&co=aHR0cHM6Ly93d3cua3JlbS5jb206NDQz&hl=en&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&badge=inline&cb=f5lfdfdx8fpk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 11:41:34 GMT
x-content-type-options
nosniff
age
554156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 06 Sep 2023 11:41:34 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A5BC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhZY8UAAAAANQxx8Y6_JJZSJtONlMiM_yiKTah&co=aHR0cHM6Ly93d3cua3JlbS5jb206NDQz&hl=en&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&badge=inline&cb=f5lfdfdx8fpk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 10:24:38 GMT
x-content-type-options
nosniff
age
299572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 10:24:38 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame A5BC 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=g8G8cw32bNQPGUVoDvt680GA
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhZY8UAAAAANQxx8Y6_JJZSJtONlMiM_yiKTah&co=aHR0cHM6Ly93d3cua3JlbS5jb206NDQz&hl=en&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&badge=inline&cb=f5lfdfdx8fpk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
41a7af34c3ce11b82aae8779426043729cca067fd28f9df87406c8b65857f278
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhZY8UAAAAANQxx8Y6_JJZSJtONlMiM_yiKTah&co=aHR0cHM6Ly93d3cua3JlbS5jb206NDQz&hl=en&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&badge=inline&cb=f5lfdfdx8fpk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 12 Sep 2022 21:37:30 GMT
sfp.js
native.sharethrough.com/assets/ 		266 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native.sharethrough.com/assets/sfp.js?utv=ut4.44.202107201712
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-104.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13d55cb1948ab33d0b0af34727c3ebfd303653587da015db61566b5524259868

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:10:39 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 19:10:32 GMT
server
AmazonS3
age
1612
etag
W/"12cc77a8f01b5536dc24e3508198ff31"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cae77502d3847ca96378af9649c50cb4.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
42wL6EsxQ9a3Y8gEZwkmD43ssn5CyFlduZ6clGrUVTEJF0fmfjk_kw==
expires
Mon, 12 Sep 2022 20:10:31 GMT
loader.js
cdn.taboola.com/libtrc/tegna-network1/ 		517 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tegna-network1/loader.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b03a82439732b9917b89d88a5aba10bc9b0a6d29723b757477cdf8b318bb8dc8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
iChbvKFo.o7ylW13iAl5uU7muEzH.1RV
content-encoding
gzip
etag
"299a3216859d0106dd2bcfab69bbdb03"
age
20453
x-cache
HIT
content-length
41809
x-amz-id-2
KLuQTIM3Zmj+H/vfv3Bkgr/3f52tX+YvwKnnytERTiO1IeMxyBx1NLkt9kEC+4ohICGsDZlg9Gg=
x-served-by
cache-yul12831-YUL
last-modified
Mon, 12 Sep 2022 15:56:15 GMT
server
AmazonS3
x-timer
S1663018650.082209,VS0,VE0
date
Mon, 12 Sep 2022 21:37:30 GMT
vary
Accept-Encoding
x-amz-request-id
RRMJGN6HTW1JV4S9
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
98
x-cache-hits
247
apstag.js
c.amazon-adsystem.com/aax2/ 		166 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-93.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8efa950be6d28aa1103053638a776ab8f2dcda011254bab316bc409018714e33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 12 Sep 2022 20:40:06 GMT
via
1.1 cfb94084ba0615910dd15548de7c4c5e.cloudfront.net (CloudFront), 1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
3445
etag
W/"350e165fc9b88312c43a9ba90eba4e3d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
IAD89-P2, EWR53-C3
content-encoding
gzip
x-amz-cf-id
7R_vQMMh9PbfsrQO1p_AvqWoGjQFH2ex1GAvfK3YpxPwonVX7DSDrw==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160138/3953/ 		453 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.205 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
422dbed7023e12248a74425e3d7c0f71c38537554a5d84dff9561dfaf588b116

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
last-modified
Tue, 14 Jun 2022 13:52:41 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=51256
accept-ranges
bytes
content-type
application/javascript
content-length
138236
expires
Tue, 13 Sep 2022 11:51:46 GMT
gpt.js
www.googletagservices.com/tag/js/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc1cab4f4c008ab655e0450ee31b87e6c7d0ed166910ccbdb81716b2a972d7cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28706
x-xss-protection
0
server
sffe
etag
"1332 / 348 of 1000 / last-modified: 1662980886"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 12 Sep 2022 21:37:30 GMT
ope-tegna.js
cdn.opecloud.com/ 		55 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.opecloud.com/ope-tegna.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.39.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-39-98.ewr53.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
a6fc122826a52466fa03f49abc2f73c6ed599d674b873f28586634371f08a1a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:43:45 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 07:48:28 GMT
server
nginx/1.22.0
age
50025
etag
W/"6315a9cc-da98"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 dee6858c751ff64f8ae28f155bee69b2.cloudfront.net (CloudFront)
cache-control
max-age=604800, public
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
USGIP1nXbx-Z-rO08kOeQZi-JIRmSccgozRqmUrC4PtBlM7CJf3tQw==
expires
Mon, 19 Sep 2022 07:43:45 GMT
pixel_1a6f8d7b
www.krem.com/akam/13/ 		0
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.krem.com/akam/13/pixel_1a6f8d7b
Requested by
Host: www.krem.com
URL: https://www.krem.com/akam/13/1a6f8d7b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.66.203.93 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-203-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 12 Sep 2022 21:37:30 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
max-age=0
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 12 Sep 2022 21:37:30 GMT
2.m3u8
livevideo.tegnadigital.com/krem/v1/manifest/f9c1bf9ffd6ac86b6173a7c169ff6e3f4efbd693/KREM/60864e9e-a147-4319-ba2d-8880ed2cbf20/ 		2 KB
1001 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo.tegnadigital.com/krem/v1/manifest/f9c1bf9ffd6ac86b6173a7c169ff6e3f4efbd693/KREM/60864e9e-a147-4319-ba2d-8880ed2cbf20/2.m3u8
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.178 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
50af25ed5fe0e1d378d58cc5c52f6bc5acc2a6a6a5dfda65be919d66dbe2b2c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amzn-RequestId
38887b72-0ec7-4c06-af76-e2f3e80ae9b6
Connection
keep-alive
Content-Length
302
Pragma
no-cache
Akamai-Mon-Iucid-Del
926974
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Mon, 12 Sep 2022 21:37:30 GMT
bframe
www.google.com/recaptcha/api2/ Frame BAB8 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=g8G8cw32bNQPGUVoDvt680GA&k=6LdhZY8UAAAAANQxx8Y6_JJZSJtONlMiM_yiKTah
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
719014a849ea69bcab280d4f6e923f8475b9668e0a4bd8d78453e2d58728500c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZauZjYAo82vaGmawtvNCNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1116
content-security-policy
script-src 'report-sample' 'nonce-ZauZjYAo82vaGmawtvNCNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
load.js
widget.perfectmarket.com/tegna-network1/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/tegna-network1/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tegna-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb23194757af50253fa1a25fac3b459e71dfb7bf7c4c3db6f78c4eb5c00d1af7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
irXmLzTuKE.9uiwgUoDG5dkaNJEwkYJk
content-encoding
gzip
etag
"52c3326c810d12d4efa39b7768032b1e"
age
58
x-cache
HIT, HIT
content-length
1582
x-amz-id-2
CdcDDN4FGB86t7ETMoESmky93TuusTVqbbGN/ns2UeXC42zfMpu0fo1ha93tO35GpPwPvz9mRHs=
x-served-by
cache-sna10746-LGB, cache-yul12830-YUL
last-modified
Mon, 27 Sep 2021 04:50:59 GMT
server
AmazonS3
x-timer
S1663018650.253992,VS0,VE1
date
Mon, 12 Sep 2022 21:37:30 GMT
vary
Accept-Encoding,,
x-amz-request-id
PVQ8VY0GVM7G12ZH
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
impl.20220912-34-RELEASE.js
cdn.taboola.com/libtrc/ 		682 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220912-34-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tegna-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
c23cfc9f0714dc2a044f943226120d3dad076ee293af28f24dd3da9963455aaa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
eEyRu5k_S_UQhJLppRJ6VcQPBuzKpXDZ
content-encoding
br
etag
"77190bda3d8952e43fa38db7fd437d77"
age
21437
x-cache
HIT
content-length
144475
x-amz-id-2
OIAGfEFDjjryYmsJZ9mgolVQ2kTlQWA2LkOaX1mrKYxNWud9PhOgChQHju6z2hWQtYCSuXVCfj0=
x-served-by
cache-yul12831-YUL
last-modified
Mon, 12 Sep 2022 15:39:26 GMT
server
AmazonS3-br
x-timer
S1663018650.229179,VS0,VE0
date
Mon, 12 Sep 2022 21:37:30 GMT
vary
Accept-Encoding
x-amz-request-id
6G87ZTSMKK180JTE
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
35
x-cache-hits
55817
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tegna-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 18:51:07 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
9985
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
JFK50-P1
x-amz-cf-id
F_0I7Qz0jUAyoGL2k_iPTDDPFqWAUVPJlBUPf_vSU1vo24W06auJew==
live-31_01371.ts
livevideo01.krem.com/hls/live/2017156/elvs/20220808T103539/live-3/00256/ 		535 KB
536 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo01.krem.com/hls/live/2017156/elvs/20220808T103539/live-3/00256/live-31_01371.ts
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.166.107 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-166-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2bb43f2b5ebee89480723c12e775778897acf6a62060d2a264179866b390d46b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:30 GMT
Akamai-Path-Timestamp
i=1663018627.733;xi=1663018627.753;xo=1663018629.555;s=1663018629.628;
Akamai-Mon-Iucid-Ing
2017156
Connection
keep-alive
X-Akamai-Live-Origin-QoS
d=7000;t=1663018627.739
Content-Length
548208
Pragma
no-cache
Akamai-Mon-Iucid-Del
283193
Last-Modified
Mon, 12 Sep 2022 21:37:07 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535958
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Tue, 12 Sep 2023 21:36:48 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3276&u=https%3A%2F%2Fwww.krem.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-93.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
9cd45efc611f266f6124d77b4a19d3dce2f303130a499ec52e4f2e69952a9242

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 16:55:35 GMT
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
server
Server
age
16915
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.krem.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
EWR53-C3
content-length
1174
x-amz-cf-id
4f1KzKDyvvLKZXz0NtwCMBPSWLIR1ouyld2PBokIEoCcL2tet64IEg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-93.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 00:56:15 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
74476
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
via
1.1 a5e3b467ea385e6efe6a1a3ce283b4c0.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-C3
content-type
application/javascript
x-amz-cf-id
t5-muYOS-ljLI20DuGbrlrnUjeXWSapyYBXgspH32pZF7Mu-PDIx2A==
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/19962895/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:22:09 GMT
via
1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
922
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
JFK50-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
9PLz-sus-lBd8R6MUzum8ztv-oXtdRjEOh-Pj67kDhqFSq48nygGrg==

Redirect headers

location
/internal-c2/default/cs.js
date
Mon, 12 Sep 2022 21:37:30 GMT
via
1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
content-length
0
x-amz-cf-id
TT9fIzJI0AgQZDr250DyAZIbhvra82ZuVsl-tZM2fi0wZ9NeIfae6A==
x-cache
Miss from cloudfront
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=19962895&comscorekw=home&category=home&templatetype=index&ns__t=1663018650271&ns_c=UTF-8&c8=Spokane%27s%20Leading%20Local%20News%3A%20Weather%2C%20Traffic...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=19962895&comscorekw=home&category=home&templatetype=index&ns__t=1663018650271&ns_c=UTF-8&c8=Spokane%27s%20Leading%20Local%20News%3A%20Weather%2C%20Traffi...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=19962895&comscorekw=home&category=home&templatetype=index&ns__t=1663018650271&ns_c=UTF-8&c8=Spokane%27s%20Leading%20Local%20News%3A%20Weather%2C%20Traffic%2C%20Sports%20and%20more%20%7C%20Spokane%2C%20Washington%20%7C%20KREM.com%20%7C%20krem.com&c7=https%3A%2F%2Fwww.krem.com%2F&c9=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:30 GMT
via
1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
x-amz-cf-id
NhWyX6Me6BIWhLbMeoaRY9z3OyjYZdUGdefC3j9CDCnQ1dB56E6wdg==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=19962895&comscorekw=home&category=home&templatetype=index&ns__t=1663018650271&ns_c=UTF-8&c8=Spokane%27s%20Leading%20Local%20News%3A%20Weather%2C%20Traffic%2C%20Sports%20and%20more%20%7C%20Spokane%2C%20Washington%20%7C%20KREM.com%20%7C%20krem.com&c7=https%3A%2F%2Fwww.krem.com%2F&c9=
date
Mon, 12 Sep 2022 21:37:30 GMT
via
1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
content-length
0
x-amz-cf-id
MTxCbKmEC-0cJ9a3PQyEK0YXcbLsxJZfUf3iAosJjghsGUgUgAdQ3Q==
x-cache
Miss from cloudfront
styles__ltr.css
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame BAB8 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=g8G8cw32bNQPGUVoDvt680GA&k=6LdhZY8UAAAAANQxx8Y6_JJZSJtONlMiM_yiKTah
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:51:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13571
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 00:04:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 17:51:19 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame BAB8 		387 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=g8G8cw32bNQPGUVoDvt680GA&k=6LdhZY8UAAAAANQxx8Y6_JJZSJtONlMiM_yiKTah
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52995c7482cb8361e6abfee05a9ec892a3d85679cdcf995e7f2fe711c6ba0150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:51:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
157166
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 00:04:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 17:51:17 GMT
pubads_impl_2022090601.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191312
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133157
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 08:35:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 10 Sep 2023 16:28:58 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		240 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.krem.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
886ef02ac431850954b10c96be1437cea255bfebf6d06b2cd838f7f7d7bc94f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129
x-xss-protection
0
expires
Mon, 12 Sep 2022 21:37:30 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4318
date
Mon, 12 Sep 2022 20:25:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 12 Sep 2022 22:25:32 GMT
92f5ae10-79bd-0137-5653-06659b33d47c
tag.simpli.fi/sifitag/ 		0
0
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=tegna/krem-redesign-desktop/202208042052&cb=1663018650326
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.216.220 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
date
Mon, 12 Sep 2022 21:37:30 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Mon, 12 Sep 2022 21:47:30 GMT
ats.js
ats.rlcdn.com/ 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.119.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-119-113.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:22:44 GMT
content-encoding
br
age
51287
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
via
1.1 982cb64cb92f3401b208c338dbeb40ba.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
EWR52-C3
content-type
application/x-javascript
x-amz-cf-id
OxmNNWgrnhWiIvhf8azzw2tGMgDEdwCy_TaCAFQnlhw8zr0ewTWf6w==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 11:00:45 GMT
server
cloudflare
age
1431
etag
W/"b17c28d6fd88a6b12feea5c52e9a7485"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
749bc8e4c97a7156-YUL
x-amz-request-id
YZJBPEQ7VMQ1D2MM
x-amz-id-2
dA3qpjCNQNr+M/A/o0QbA4zcwPbBMzgAg0MKlys6GCEtRTTZWQl7oRWE2d7SilKLxGO2pJblfXo/1TvwBnDAVg==
pmk-202010011.25.js
widget.perfectmarket.com/tegna-network1/ 		112 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/tegna-network1/pmk-202010011.25.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/tegna-network1/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84407c6f08c25295974f2fd83d9c545b13644b8205d99a6292ed830f1dd355c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
Qo1peYYTtyvIaeuKpWGoOm.0ZpWkI.aq
content-encoding
gzip
etag
"30d8b753a81910685fdcc47dbd0b792e"
age
25795866
x-cache
HIT, HIT
content-length
31156
x-amz-id-2
bEPmH6lD3VC7kN0c5+UgPGt0th6sCRxEeZX5IqdZ9N7Jh9M0nZVDPTidLh0QXKZQE4QBsa68dkg=
x-served-by
cache-sna10730-LGB, cache-yul12830-YUL
last-modified
Mon, 27 Sep 2021 04:50:58 GMT
server
AmazonS3
x-timer
S1663018650.345935,VS0,VE0
date
Mon, 12 Sep 2022 21:37:30 GMT
vary
Accept-Encoding,,
x-amz-request-id
WZZ2N5CCQ1HMMJQ0
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
33520, 6864
pbfs.gif
tagger.opecloud.com/simplifi/
Redirect Chain
  • https://tagger.opecloud.com/tegna/v2/pixel.gif?url=https%3A%2F%2Fwww.krem.com%2F&ref=&tref=&tz=0&screen=1600x1200x24&visiturl=https%3A%2F%2Fwww.krem.com%2F&uspstatus=uspoptoutsalenoconsent&e=%5B%7B...
  • https://tagger.opecloud.com/tegna/v2/pixel.gif?e=%5B%7B%22pageType%22%3A%22index%22%2C%22section%22%3A%22home%22%2C%22callLetters%22%3A%22KREM%22%2C%22siteId%22%3A%22293%22%2C%22platform%22%3A%22de...
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-d4MbwwL%2BtzdywBaRgCof3H8%2FxVE%2F1To%3D&source=tegna
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm=&state=2-d4MbwwL%2BtzdywBaRgCof3H8%2FxVE%2F1To%3D&source=tegna&google_tc=
  • https://tagger.opecloud.com/dbm/opecs.gif?state=2-d4MbwwL%2BtzdywBaRgCof3H8%2FxVE%2F1To%3D&source=tegna&google_gid=CAESEC9JYtLv-zAHwmXjBK9o_yY&google_cver=1
  • https://um.simpli.fi/1plusx?state=2-OHyD%2BKG8%2Bw7oCEnRb%2FwuAq%2FzKVj08sA%3D&source=tegna
  • https://tagger.opecloud.com/simplifi/pbfs.gif?puid=0F544501480B4ED1A98BD63E61B44B8D&state=2-OHyD%2BKG8%2Bw7oCEnRb%2FwuAq%2FzKVj08sA%3D&source=tegna
35 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tagger.opecloud.com/simplifi/pbfs.gif?puid=0F544501480B4ED1A98BD63E61B44B8D&state=2-OHyD%2BKG8%2Bw7oCEnRb%2FwuAq%2FzKVj08sA%3D&source=tegna
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
35.156.34.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-34-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
51
expires
0

Redirect headers

date
Mon, 12 Sep 2022 21:37:31 GMT
x-content-type-options
nosniff
server
openresty
location
https://tagger.opecloud.com/simplifi/pbfs.gif?puid=0F544501480B4ED1A98BD63E61B44B8D&state=2-OHyD%2BKG8%2Bw7oCEnRb%2FwuAq%2FzKVj08sA%3D&source=tegna
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 11 Sep 2022 21:37:31 GMT
b
sb.scorecardresearch.com/ 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663018650341&ns_c=UTF-8&c7=https%3A%2F%2Fwww.krem.com%2F&c8=Spokane%27s%20Leading%20Local%20News%3A%20Weather%2C%20Traffic%2C%20Sports%20and%20more%20%7C%20Spokane%2C%20Washington%20%7C%20KREM.com%20%7C%20krem.com&c9=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:30 GMT
via
1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
x-amz-cf-id
zBsrvowCy3JpD2J-TaEdYSDr13L-u1P6UE8Pp5t9SNo0kc_mhNqFGg==
x-cache
Miss from cloudfront
json
trc.taboola.com/tegna-krem/trc/3/ 		88 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/tegna-krem/trc/3/json?tim=21%3A37%3A30.372&lti=deflated&data=%7B%22id%22%3A540%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662998168912%2C%22vi%22%3A1663018650370%2C%22cv%22%3A%2220220912-34-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.krem.com%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22ccpa_ps%22%3A%221YNY%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.krem.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5171%2C%22nsid%22%3A%22tegna-network1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A9%2C%22uim%22%3A%22thumbnails-o%3Apub%3Dtegna-network1%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Main%20Column%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Main%20Column%20Thumbnails%22%2C%22cd%22%3A4097.21875%2C%22mw%22%3A1140%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Main%20Column%20Thumbnails%3Dthumbnails-o%3Apub%3Dtegna-network1%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220912-34-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cbe1d2471825f42f02126ad100e6d2c9826b1518454f083c608a299b3a568a21

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
542
date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
server
nginx
x-timer
S1663018650.392040,VS0,VE542
x-served-by
cache-yul12831-YUL
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
reload
www.google.com/recaptcha/api2/ Frame BAB8 		39 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LdhZY8UAAAAANQxx8Y6_JJZSJtONlMiM_yiKTah
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e80c069425cf656ae0f04568d76ce7cc5898cf550a02d1253861f19c39cd1c8e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=g8G8cw32bNQPGUVoDvt680GA&k=6LdhZY8UAAAAANQxx8Y6_JJZSJtONlMiM_yiKTah
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24298
x-xss-protection
1; mode=block
expires
Mon, 12 Sep 2022 21:37:30 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.70 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216620.ip-141-95-98.eu
Software
/
Resource Hash
1885898359398d90bb99d5aed959fba805f143cd1474253531a5298f58eb53c2

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:29 GMT
transfer-encoding
chunked
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-72904025-1&cid=1086046727.1663018650&jid=515825383&gjid=1611105747&_gid=2101824895.1663018650&_u=YGBAgAABBAAAAE~&z=549333948
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 12 Sep 2022 21:37:30 GMT
content-type
text/plain
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=348046418&t=pageview&_s=1&dl=https%3A%2F%2Fwww.krem.com%2F&ul=en-us&de=UTF-8&dt=Spokane%27s%20Leading%20Local%20News%3A%20Weather%2C%20Traffic%2C%20Sports%20and%20more%20%7C%20Spokane%2C%20Washington%20%7C%20KREM.com%20%7C%20krem.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABB~&jid=515825383&gjid=1611105747&cid=1086046727.1663018650&tid=UA-72904025-1&_gid=2101824895.1663018650&cd5=index&cd10=https%3A%2F%2Fwww.krem.com%2F&cd14=Spokane%2C%20WA&cd15=Spokane%27s%20Leading%20Local%20News%3A%20Weather%2C%20Traffic%2C%20Sports%20and%20more%20%7C%20Spokane%2C%20Washington%20%7C%20KREM.com%20%7C%20krem.com&cd19=home&cd27=false&cd30=false&cd33=desktop&cd35=https%3A%2F%2Fwww.krem.com%2F&cd36=index&cd39=false&cd45=Spokane%27s%20Leading%20Local%20News%3A%20Weather%2C%20Traffic%2C%20Sports%20and%20more%20%7C%20Spokane%2C%20Washington%20%7C%20KREM.com&cd47=0&cd49=KREM&z=387727053
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 12:45:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31945
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
geo.privacymanager.io/ 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-52.ewr53.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 07:37:15 GMT
via
1.1 bae9b5cf91e37b01cfae8886aa7bf606.cloudfront.net (CloudFront), 1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
age
50415
x-amzn-requestid
a3e94409-1c7f-4eef-b18a-1aedc1b35a23
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-631ee1ab-0d9baec76e32ce432b3a664e;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
IAD55-P4, EWR53-P1
x-amz-apigw-id
YVgyzFJeDoEFpBA=
content-length
30
x-amz-cf-id
NT8pUpsB1VS3EpZTGs1cc-QvMGvKlxNwntl-c2J6IqkXG8EEdXx2Cw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame BAB8 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 11:25:58 GMT
x-content-type-options
nosniff
age
555092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 13 Sep 2022 11:25:58 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame BAB8 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 01:09:05 GMT
x-content-type-options
nosniff
age
246505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sat, 17 Sep 2022 01:09:05 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame BAB8 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:25:16 GMT
x-content-type-options
nosniff
age
191534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sat, 17 Sep 2022 16:25:16 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BAB8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 11:41:34 GMT
x-content-type-options
nosniff
age
554156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 06 Sep 2023 11:41:34 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BAB8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 06:12:55 GMT
x-content-type-options
nosniff
age
314675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 09 Sep 2023 06:12:55 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BAB8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 10:24:38 GMT
x-content-type-options
nosniff
age
299572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 10:24:38 GMT
payload
www.google.com/recaptcha/api2/ Frame BAB8 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/api2/payload?p=06ANYolqsqSHiOV6BoKWqXJEu9mxRpkPkup3QApdXZWcO7HT75tp7t04DI0BemIYvLRyZeoYaHrf4bDf_wEU7d-e1YSj-Acrr5iuHfbNBBmmOFNPtldn-gQpZoXCaDtJMUYIkB3dIb_rsE_w2mIBUUOFJOsVA3KGOYMJTOb-X4pOG931dJcxWrNT-k86My8DoBR2pDkUTcQZm3RElx5XILuqtmOean_nk6fw&k=6LdhZY8UAAAAANQxx8Y6_JJZSJtONlMiM_yiKTah
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ed7f26ed6ad4423e3a8bd3184c87c613719f395393c22a62871869670b6a402a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=g8G8cw32bNQPGUVoDvt680GA&k=6LdhZY8UAAAAANQxx8Y6_JJZSJtONlMiM_yiKTah
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:30 GMT
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21732
x-xss-protection
1; mode=block
expires
Mon, 12 Sep 2022 21:37:30 GMT
live-31_01371.ts
livevideo01.krem.com/hls/live/2017156/elvs/20220808T103539/live-3/00256/ 		535 KB
536 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo01.krem.com/hls/live/2017156/elvs/20220808T103539/live-3/00256/live-31_01371.ts
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.166.107 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-166-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2bb43f2b5ebee89480723c12e775778897acf6a62060d2a264179866b390d46b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:30 GMT
Akamai-Path-Timestamp
i=1663018627.733;xi=1663018627.753;xo=1663018629.555;s=1663018629.628;
Akamai-Mon-Iucid-Ing
2017156
Connection
keep-alive
X-Akamai-Live-Origin-QoS
d=7000;t=1663018627.739
Content-Length
548208
Pragma
no-cache
Akamai-Mon-Iucid-Del
283193
Last-Modified
Mon, 12 Sep 2022 21:37:07 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535958
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Tue, 12 Sep 2023 21:36:48 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-72904025-1&cid=1086046727.1663018650&jid=515825383&_u=YGBAgAABBAAAAE~&z=786878940
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-72904025-1&cid=1086046727.1663018650&jid=515825383&_u=YGBAgAABBAAAAE~&z=786878940
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
72a3a9ee-05dc-432c-956c-1fb306b42fd2
https://www.krem.com/ 		80 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.krem.com/72a3a9ee-05dc-432c-956c-1fb306b42fd2
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
524cc652a805b8988047b0fba23da52e0d059e8fbd6fb24933c6bd30a871af9a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
81463
Content-Type
text/javascript
bid
c.amazon-adsystem.com/e/dtb/ 		224 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.krem.com%2F&pid=DY9fHcKPMJx5X&cb=0&ws=1600x1200&v=22.8.252032&t=1000&slots=%5B%7B%22sd%22%3A%22front_universal%22%2C%22s%22%3A%5B%221140x250%22%2C%221140x600%22%2C%22970x250%22%2C%22728x90%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F32805352%2Fwa-spokane-KREM-B3354_DesktopTablet%2Ffront_universal%2Fhome%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-93.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
101917a8e7bbf5a3b3efa6b55482953cd2b66244d18826544fd265cc9ea9760f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
ZAGXPZZDDJ00TDTCFYNY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
224
x-amz-cf-id
tthqp7KO-DAKvfjH38aO3KX9k_tMcuG6fNV_7awrsq2DwOAo7m27sg==
targeting
tegna.profiles.tagger.opecloud.com/v1/ 		98 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tegna.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.krem.com%2F&fpid=ae8e460c-8bff-4416-9d55-a67bfab48a7b
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.221.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-221-162.eu-central-1.compute.amazonaws.com
Software
akka-http/10.2.4 /
Resource Hash
922f2e6a9addce02f48cd495377a00419a47e684e37f82e43368a12eb79fc146

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.4
cache-control
no-cache
content-type
application/json
bid
c.amazon-adsystem.com/e/dtb/ 		224 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.krem.com%2F&pid=DY9fHcKPMJx5X&cb=1&ws=1600x1200&v=22.8.252032&t=1000&slots=%5B%7B%22sd%22%3A%22masthead_sponsor%22%2C%22s%22%3A%5B%22112x38%22%5D%2C%22sn%22%3A%22%2F32805352%2Fwa-spokane-KREM-B3354_DesktopTablet%2Fmasthead_sponsor%2Fhome%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-93.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
d2afcc83c9ccebf5a65be4b7df246cb0b3e12eda2ad01a58203e7a8b9ea42cda
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
7K0GZV5CTDEE1VY795GC
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
224
x-amz-cf-id
TkKCwLQxZKnCxRdfAMAhreXlD2jkv8iQ7cRRCLwhSsiQIVQV_tAnSg==
targeting
tegna.profiles.tagger.opecloud.com/v1/ 		98 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tegna.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.krem.com%2F&fpid=ae8e460c-8bff-4416-9d55-a67bfab48a7b
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.221.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-221-162.eu-central-1.compute.amazonaws.com
Software
akka-http/10.2.4 /
Resource Hash
922f2e6a9addce02f48cd495377a00419a47e684e37f82e43368a12eb79fc146

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.4
cache-control
no-cache
content-type
application/json
bid
c.amazon-adsystem.com/e/dtb/ 		224 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.krem.com%2F&pid=DY9fHcKPMJx5X&cb=2&ws=1600x1200&v=22.8.252032&t=1000&slots=%5B%7B%22sd%22%3A%22exit_interstitial_display%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F32805352%2Fwa-spokane-KREM-B3354_DesktopTablet%2Fexit_interstitial_display%2Fhome%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-93.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
e26cb87b85034491ec908ba9123151eb055af496fa57facbf732e6a51093c4ee
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
PSJ7QRTRJT6WJP986G8X
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
224
x-amz-cf-id
7dY0871n6ooHTSbCPL7L5Gw9wTHPh4TaXR9gLW3p34b0HhVppZKYXg==
targeting
tegna.profiles.tagger.opecloud.com/v1/ 		98 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tegna.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.krem.com%2F&fpid=ae8e460c-8bff-4416-9d55-a67bfab48a7b
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.221.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-221-162.eu-central-1.compute.amazonaws.com
Software
akka-http/10.2.4 /
Resource Hash
922f2e6a9addce02f48cd495377a00419a47e684e37f82e43368a12eb79fc146

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.4
cache-control
no-cache
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		36 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=645685&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22349b22ffa5428b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.krem.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.3%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224b69ed98a9338c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22645685%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22645685%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be9c0db85b0ec582c023f514537652ffc57435b2e05f5b174bf0916482210ca1

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEIPlD3tbEyyg2%2Fhs5RZXDp2l4jRpo%2Fu0o1McRTMUJmMlA9t9dr5WUbEijK%2BFiMa2lFQs2jEh9oZsP3bqb%2BKJpLWMt%2BDgf9eIFCbjcrT0m3LkXoRSvaA99hv1bt2%2FoD9gKjRO682"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.krem.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
749bc8e74ab2a235-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cdb
bidder.criteo.com/ 		18 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.3&cb=43939017984
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/ 		19 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.20.3&referrer=https%3A%2F%2Fwww.krem.com%2F&tmax=950&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.67.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-67-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:30 GMT
accept-ch
user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
hb.undertone.com/ 		0
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3009&domain=krem.com&ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-89.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:30 GMT
via
1.1 8ca36406fe3aa11c1641e5bc917c8a74.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.krem.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-id
Wy-eUbXC3Tp42Kwe0d-iOkctLkSele4OiEYZFFfLV29oQfKAxZFCyg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
v2
e.serverbid.com/api/ 		16 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
v1
btlr.sharethrough.com/universal/ 		590 B
943 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.20.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-20-69.compute-1.amazonaws.com
Software
/
Resource Hash
952ba4adc4b70f62795f966e6703cb95a4ce7efa24db0db8123457960e7ebd08

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.krem.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
406
/
hb.emxdgt.com/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=950&ts=1663018650719&src=pbjs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.27.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-27-177.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
bid
c.amazon-adsystem.com/e/dtb/ 		224 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.krem.com%2F&pid=DY9fHcKPMJx5X&cb=3&ws=1600x1200&v=22.8.252032&t=1000&slots=%5B%7B%22sd%22%3A%22front_atf%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F32805352%2Fwa-spokane-KREM-B3354_DesktopTablet%2Ffront_atf%2Fhome%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-93.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
2736ed3ceff4234abe41c094fd96ff44fcc4b27e42479fb1485ba931bad90f2f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:30 GMT
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
ES75MHJ5R1293JJ1AW8K
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
224
x-amz-cf-id
vdM9W40XKlKKypVTD1yd2W81oN4YFews-Au1munXLlc3fsbhn0oIgQ==
targeting
tegna.profiles.tagger.opecloud.com/v1/ 		98 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tegna.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.krem.com%2F&fpid=ae8e460c-8bff-4416-9d55-a67bfab48a7b
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.221.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-221-162.eu-central-1.compute.amazonaws.com
Software
akka-http/10.2.4 /
Resource Hash
922f2e6a9addce02f48cd495377a00419a47e684e37f82e43368a12eb79fc146

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.4
cache-control
no-cache
content-type
application/json
bid
c.amazon-adsystem.com/e/dtb/ 		224 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.krem.com%2F&pid=DY9fHcKPMJx5X&cb=4&ws=1600x1200&v=22.8.252032&t=1000&slots=%5B%7B%22sd%22%3A%22front_high_impact%22%2C%22s%22%3A%5B%221x1%22%2C%221x2%22%2C%22728x90%22%2C%22960x66%22%2C%22970x66%22%2C%22970x90%22%2C%22970x250%22%2C%221140x286%22%2C%221140x600%22%2C%221140x635%22%5D%2C%22sn%22%3A%22%2F32805352%2Fwa-spokane-KREM-B3354_DesktopTablet%2Ffront_high_impact%2Fhome%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-93.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
a6cbdbab9f2d1b6844d55a59d7d9d391a33f69f2bf07e9ef93936bbe8cec78a7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
RGYK745PV2AVP8B0CMGH
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
224
x-amz-cf-id
47jmfHCN6p8cdFALmlSpXqfKZp4oAcZ6eG50El-6gCPPfzf55K-zJQ==
targeting
tegna.profiles.tagger.opecloud.com/v1/ 		98 B
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tegna.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.krem.com%2F&fpid=ae8e460c-8bff-4416-9d55-a67bfab48a7b
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.221.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-221-162.eu-central-1.compute.amazonaws.com
Software
akka-http/10.2.4 /
Resource Hash
922f2e6a9addce02f48cd495377a00419a47e684e37f82e43368a12eb79fc146

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.4
cache-control
no-cache
content-type
application/json
/
hb.emxdgt.com/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=950&ts=1663018650741&src=pbjs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.27.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-27-177.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
hb.undertone.com/ 		0
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3009&domain=krem.com&ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-89.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:30 GMT
via
1.1 8ca36406fe3aa11c1641e5bc917c8a74.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.krem.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-id
ZngxHvnkI6uyF82kdohfT1NP9Stllw4nL78iP1obrDy5dmhKjQLlEQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=645675&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2224eb1f2087259a4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.krem.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.3%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22256aa9fe7768a91%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22645675%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4737a3f0a700f88914d3934681339c4a66bda5892eca4d5179be5a600634fec7

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fAQHs53vfFwEbmWLkR6K3eMKb15%2FvVgtqhP7l2ikhBHwsf6SDUa19h8Eyawiz5DqnyfhwxDc8QfNw0PB0RI4SOommZM6gpD2Xd9bzVVC1C9KeCoFi8FH76PQ6jrsZoJrzxFgooB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.krem.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
749bc8e74ab6a235-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
v2
e.serverbid.com/api/ 		16 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
cdb
bidder.criteo.com/ 		18 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.3&cb=18664107265
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
v1
btlr.sharethrough.com/universal/ 		744 B
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.20.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-20-69.compute-1.amazonaws.com
Software
/
Resource Hash
8d5905d56eaddfcfd2ad9010e85e0a9f26f4c83619904f720458221a3cb20892

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.krem.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
465
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.20.3&referrer=https%3A%2F%2Fwww.krem.com%2F&tmax=950&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.67.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-67-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:30 GMT
accept-ch
sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v2
e.serverbid.com/api/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
fa991ac885bc28ef5e6b507226f33cbe1440b900f392889fad55c8233c492c70

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
725
cygnus
htlb.casalemedia.com/ 		37 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=645678&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2236bb236da471fac%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.krem.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.3%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2237faa8a198e0245%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22645678%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22645678%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22645678%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30310e3eb203e5a03b6a7e02501555707bb3cc566181ac8627e9e81ade02a350

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBi9ry1G5vP6vMkG4eBoYqC4O1X6zWQZ71oGMKC9%2F5vFjOGRvmxIkijqLj82p1dvtPVXx%2Bzt6Uc1E3umUqHiCVY773VP%2FqiLbYpcZaWy6HDYddWNutqzsMy9n19hllc1Xkj2LBqC"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.krem.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
749bc8e74ab4a235-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		18 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.3&cb=15288934438
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
hb
hb.undertone.com/ 		0
791 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3009&domain=krem.com&ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-89.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:30 GMT
via
1.1 8ca36406fe3aa11c1641e5bc917c8a74.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.krem.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-id
5azb48Uh7kMfmag4ZoO-1hjf3pcGknG4WKAutgTeyFwA8Bbi1d-fvA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		636 B
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.20.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-20-69.compute-1.amazonaws.com
Software
/
Resource Hash
7157f95ac60255fd0b3a4313619f99df621b30aa2367b4e40c58d1829403c3f1

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 21:37:30 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.krem.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
433
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.20.3&referrer=https%3A%2F%2Fwww.krem.com%2F&tmax=950&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.67.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-67-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:30 GMT
accept-ch
sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
hb.emxdgt.com/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=950&ts=1663018650756&src=pbjs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.27.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-27-177.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
688.json
id5-sync.com/g/v2/ 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/688.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
12eaf12ad06a7495a5b4a115419a07496ffa59392719ca44fe14e5dbb55fc494
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:30 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
live-31_01372.ts
livevideo01.krem.com/hls/live/2017156/elvs/20220808T103539/live-3/00256/ 		502 KB
503 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo01.krem.com/hls/live/2017156/elvs/20220808T103539/live-3/00256/live-31_01372.ts
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.166.107 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-166-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b6f011768d084149789c6539aa4371a66b160bcf6bbcc2070bfee3074491f0fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:30 GMT
Akamai-Path-Timestamp
i=1663018633.734;xi=1663018633.750;xo=1663018635.045;s=1663018635.112;
Akamai-Mon-Iucid-Ing
2017156
Connection
keep-alive
X-Akamai-Live-Origin-QoS
d=7000;t=1663018633.736
Content-Length
514368
Pragma
no-cache
Akamai-Mon-Iucid-Del
283193
Last-Modified
Mon, 12 Sep 2022 21:37:13 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535944
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Tue, 12 Sep 2023 21:36:34 GMT
live-31_01373.ts
livevideo01.krem.com/hls/live/2017156/elvs/20220808T103539/live-3/00256/ 		531 KB
532 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo01.krem.com/hls/live/2017156/elvs/20220808T103539/live-3/00256/live-31_01373.ts
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.166.107 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-166-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7441ad18eef773549975f65ce556417437960880e120ad41d54a67fbe3b23c3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:30 GMT
Akamai-Path-Timestamp
i=1663018639.742;xi=1663018639.762;xo=1663018641.594;s=1663018641.670;
Akamai-Mon-Iucid-Ing
2017156
Connection
keep-alive
X-Akamai-Live-Origin-QoS
d=7000;t=1663018639.747
Content-Length
543884
Pragma
no-cache
Akamai-Mon-Iucid-Del
283193
Last-Modified
Mon, 12 Sep 2022 21:37:19 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535993
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Tue, 12 Sep 2023 21:37:23 GMT
live-31_01374.ts
livevideo01.krem.com/hls/live/2017156/elvs/20220808T103539/live-3/00256/ 		546 KB
547 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo01.krem.com/hls/live/2017156/elvs/20220808T103539/live-3/00256/live-31_01374.ts
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.166.107 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-166-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8d020750646e6e36a1d543e66c28b7a2c2eb8b7382693706f7112acadee39f57

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:30 GMT
Akamai-Path-Timestamp
i=1663018645.746;xi=1663018645.762;xo=1663018647.648;s=1663018647.732;
Akamai-Mon-Iucid-Ing
2017156
Connection
keep-alive
X-Akamai-Live-Origin-QoS
d=7000;t=1663018645.749
Content-Length
559488
Pragma
no-cache
Akamai-Mon-Iucid-Del
283193
Last-Modified
Mon, 12 Sep 2022 21:37:25 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535948
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Tue, 12 Sep 2023 21:36:38 GMT
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.9.4/ 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.9.4/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220912-34-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42563be911565fd363167dff5b610f5ee8a1906d1a8f6a25ec9e4f7183ecf240

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:30 GMT
via
1.1 33c5e667811ab5c0b32f883d38ab0a84.cloudfront.net (CloudFront), 1.1 varnish
age
570596
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
30376
x-served-by
cache-yul12831-YUL
last-modified
Tue, 06 Sep 2022 07:06:43 GMT
server
AmazonS3
x-timer
S1663018651.978054,VS0,VE0
etag
"bb32c4047dcba4a14695639e75de7712"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
YUL62-C2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
6gt4Mq3t5hmAjbH5V8oc1yIh-DpP76N8me5iMPbrhlSVmC8YrhELSg==
x-cache-hits
77117
feed-card-placeholder.20220912-34-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20220912-34-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tegna-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11e9a4537ecd77e88b370181e85f35beb65df2ad974b3327a760e3bbcf3e7622

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
.AitXRu8K4eyC_6yoDszk8IXAbheQRCn
content-encoding
gzip
etag
"f1f85ba4aa651bc50ca066be38b9b2f5"
age
20604
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
hwO4dHEGdmMJdJFCx0svA/Mh0QihUvxeLOC4YQa48n/LGy+S+wMAhjDmVGuJyfXqMUg4Mri3ub8=
x-served-by
cache-yul12831-YUL
last-modified
Mon, 12 Sep 2022 15:53:43 GMT
server
AmazonS3
x-timer
S1663018651.978003,VS0,VE0
date
Mon, 12 Sep 2022 21:37:30 GMT
vary
Accept-Encoding
x-amz-request-id
ZHW1RFP1HJHZ4ZPV
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
8
x-cache-hits
35268
378bb21d-a3d2-4980-8fd5-211a8b92e61f.css
cdn.taboola.com/static/37/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/static/37/378bb21d-a3d2-4980-8fd5-211a8b92e61f.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tegna-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b41bf82b7fcf28ff777e3ee2735df3763a0424d119ce578645e32af670db9699

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
sOSE6KZxaKkHEKpOUZS9dUpkWzvnpLNh
content-encoding
gzip
etag
"de94e1d7365c8ca777e6a488bc365087"
age
6629
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
731
x-amz-id-2
meGg3oZtpNGNDFkSmNuB2Od20ZjR+HcE+IzSouTufARcgB5g69P0+j+6h40OsH9O1iyC+t8XyHI=
x-served-by
cache-yul12831-YUL
last-modified
Tue, 23 Jan 2018 13:15:44 GMT
server
AmazonS3
x-timer
S1663018651.981568,VS0,VE0
date
Mon, 12 Sep 2022 21:37:30 GMT
vary
Accept-Encoding
x-amz-request-id
5QCWH88NWJ0HNFGE
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
text/css
abp
8
x-cache-hits
10
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
58
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
mNc0QtgGEk5fjAEs86GntrS7BlEyDR/AohLDyBTk/uNsgQOkRrtnlEkJn1cYLIkWHL896HRkEbs=
x-served-by
cache-yul12831-YUL
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1663018651.981873,VS0,VE0
date
Mon, 12 Sep 2022 21:37:30 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
3FDSYTBK3X1PQKQQ
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
8
x-cache-hits
1588
userx.20220912-34-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220912-34-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tegna-network1/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7aab757e2070b49383573d06e611b14aef47a68f97808c4510381adf87aa0730

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
QMBie9MlDyLXWuzuhlt9noTtlBIicMuc
content-encoding
gzip
etag
"56c5b3c3f2233e7732172ac8f86d97d7"
age
20306
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5399
x-amz-id-2
PTS8pU191keosoNcZecODsjwdfvtcsALLPyemGEhdAvsIc9JKLrj62hM7dCzb+aes/Nxc4Xs/8I=
x-served-by
cache-yul12831-YUL
last-modified
Mon, 12 Sep 2022 15:56:29 GMT
server
AmazonS3
x-timer
S1663018651.998238,VS0,VE0
date
Mon, 12 Sep 2022 21:37:30 GMT
vary
Accept-Encoding
x-amz-request-id
BDNTDG7QNRWNFFE2
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
8
x-cache-hits
25566
debug
us-trc-events.taboola.com/tegna-krem/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/tegna-krem/log/2/debug?tim=21%3A37%3A30.970&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&llvl=2&id=9957&cv=20220912-34-RELEASE&lt=deflated&pct=1
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18482
debug
us-trc-events.taboola.com/tegna-krem/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/tegna-krem/log/2/debug?tim=21%3A37%3A30.971&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&llvl=2&id=5396&cv=20220912-34-RELEASE&lt=deflated&pct=1
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18482
social
us-trc-events.taboola.com/tegna-krem/log/3/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/tegna-krem/log/3/social?route=US:US:V&lti=deflated&ri=1c7583401cf22f3226c5b86ff1a73053&sd=v2_6bd6d3f74de46a6e6c43b9ff4d2c9c68_38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a_1663018650_1663018650_CIi3jgYQqaw_GIKWi52zMCABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjg0Mbs38-HxldwAQ&ui=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&pi=/&wi=-5107484169175870262&pt=home&vi=1663018650370&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.krem.com%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Spokane%27s%20Leading%20Local%20News%3A%20Weather%2C%20Traffic%2C%20Sports%20and%20more%20%7C%20Spokane%2C%20Washington%20%7C%20KREM.com%20%7C%20krem.com%22%2C%22sec%22%3A%22undefined%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=21%3A37%3A31.026&id=9307&llvl=2&cv=20220912-34-RELEASE&
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
124f4da8104d8dc0b52f20a861a6f588.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/124f4da8104d8dc0b52f20a861a6f588.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef19081a99395e5f8d62012f1afe053640256cdcdde6c92468c3e3c4e6c27b4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 varnish, 1.1 varnish
age
441919
edge-cache-tag
596015924768760811873262455669709624381,540013304239534656238456105590696977722,29ecf9b93bbf306179626feeda1fab70
cache-tag
596015924768760811873262455669709624381,540013304239534656238456105590696977722,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
483
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/124f4da8104d8dc0b52f20a861a6f588.jpg
content-length
17646
x-request-id
ca7b8e7b3d54b3e623b51c903579b5bd
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Tue, 06 Sep 2022 12:56:38 GMT
server
nginx
x-timer
S1663018651.071646,VS0,VE2
etag
"9020232d1a8ffd84f93e560ff1d29e8f"
x-served-by
cache-iad-kiad7000146-IAD, cache-iad-kcgs7200162-IAD, cache-sna10750-LGB, cache-iad-kjyo7100169-IAD, cache-yul12831-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
11.-DARYL-KATZ-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www3.forbes.com/wp-content/uploads/2020/04/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www3.forbes.com/wp-content/uploads/2020/04/11.-DARYL-KATZ-1.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5dbecd08aaddade91c15bdebefddf7f9300ee4110978f4907a8a1b8b1a8ff5fa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 varnish, 1.1 varnish
age
2404869
edge-cache-tag
323146923731702009472735952844330094588,540013304239534656238456105590696977722,29ecf9b93bbf306179626feeda1fab70
cache-tag
323146923731702009472735952844330094588,540013304239534656238456105590696977722,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
196
expiration
expiry-date="Fri, 26 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www3.forbes.com/wp-content/uploads/2020/04/11.-DARYL-KATZ-1.jpg
content-length
8302
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Tue, 26 Jul 2022 09:05:51 GMT
server
nginx
x-timer
S1663018651.071655,VS0,VE0
etag
"6988c6594baa6faa82454e5bc8e330af"
x-served-by
cache-iad-kcgs7200049-IAD, cache-iad-kjyo7100051-IAD, cache-sna10750-LGB, cache-iad-kcgs7200033-IAD, cache-yul12831-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 1, 5
895cdd821ef8fb82bc73d28e6c5c9471.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/895cdd821ef8fb82bc73d28e6c5c9471.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0891a9c5e3d016072c695fdde85edb2d2287f37d28ea2be103b0b2736df4d84a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 varnish, 1.1 varnish
age
4949980
edge-cache-tag
338781684265224517909661984995351499085,540013304239534656238456105590696977722,29ecf9b93bbf306179626feeda1fab70
cache-tag
338781684265224517909661984995351499085,540013304239534656238456105590696977722,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
1225
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/895cdd821ef8fb82bc73d28e6c5c9471.jpg
content-length
20926
x-request-id
66d4260b3b85532b583c009df8037eb6
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Sat, 16 Jul 2022 17:39:30 GMT
server
nginx
x-timer
S1663018651.071628,VS0,VE2
etag
"10b3f539da2c967266386e2d07aa2457"
x-served-by
cache-iad-kiad7000155-IAD, cache-iad-kjyo7100152-IAD, cache-bur-kbur8200125-BUR, cache-iad-kjyo7100052-IAD, cache-yul12831-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
925d3cae4d45bc4f512e28af6b16f141.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/925d3cae4d45bc4f512e28af6b16f141.jpeg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5e067459bd03478aaa96ef1ab08cfa1232562e8448770df7a149317415039ffd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 varnish, 1.1 varnish
age
519775
edge-cache-tag
345209742483227158261593286527984426714,441326658986685637957213755838494944928,29ecf9b93bbf306179626feeda1fab70
cache-tag
345209742483227158261593286527984426714,441326658986685637957213755838494944928,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
3687
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/925d3cae4d45bc4f512e28af6b16f141.jpeg
content-length
51898
x-request-id
fedd1eee0b0b023a3ba44e26fb0720fc
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Tue, 06 Sep 2022 20:40:14 GMT
server
nginx
x-timer
S1663018651.072195,VS0,VE0
etag
"cadc6e9d8b6b458c571583c9e97e99f0"
x-served-by
cache-iad-kiad7000037-IAD, cache-iad-kjyo7100114-IAD, cache-chi-klot8100115-CHI, cache-iad-kiad7000052-IAD, cache-yul12831-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 3122
a53730df0fbe1e7ef77833b9d639e254.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a53730df0fbe1e7ef77833b9d639e254.jpeg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fac9be34606c02015807b30f40c2cf0bd1f99b0da18cab68b0891b4198b3fd66

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 varnish, 1.1 varnish
age
3573659
edge-cache-tag
543806118800846545784464066503326267229,441326658986685637957213755838494944928,29ecf9b93bbf306179626feeda1fab70
cache-tag
543806118800846545784464066503326267229,441326658986685637957213755838494944928,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
241
expiration
expiry-date="Mon, 29 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a53730df0fbe1e7ef77833b9d639e254.jpeg
content-length
42828
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Fri, 29 Jul 2022 14:32:51 GMT
server
nginx
x-timer
S1663018651.071642,VS0,VE0
etag
"54a55e560c411f2b45b0d2276e509db2"
x-served-by
cache-iad-kcgs7200069-IAD, cache-iad-kiad7000154-IAD, cache-sna10746-LGB, cache-iad-kiad7000024-IAD, cache-yul12831-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 1, 5
a228bf42c733d97eb39b3f27fa61d437.jpeg
images.taboola.com/taboola/image/fetch/h_245,w_440,c_fill,g_xy_center,x_437,y_266/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_245,w_440,c_fill,g_xy_center,x_437,y_266/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a228bf42c733d97eb39b3f27fa61d437.jpeg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ddc7e5655ecdbc13976ff2cea2e8d9b03c3c19799aea8192023c955c390890f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 varnish, 1.1 varnish
age
7595879
edge-cache-tag
490553155331671799185294438360068835590,464911941188642892170376756312006009306,29ecf9b93bbf306179626feeda1fab70
cache-tag
490553155331671799185294438360068835590,464911941188642892170376756312006009306,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
46
expiration
expiry-date="Fri, 24 Jun 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT, HIT, HIT
x-debug
/taboola/image/fetch/h_245,w_440,c_fill,g_xy_center,x_437,y_266/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a228bf42c733d97eb39b3f27fa61d437.jpeg
content-length
14846
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Tue, 24 May 2022 02:38:13 GMT
server
nginx
x-timer
S1663018651.072634,VS0,VE0
etag
"c94bf07af93fba4a177fe316d98df1e4"
x-served-by
cache-iad-kcgs7200047-IAD, cache-iad-kjyo7100071-IAD, cache-chi-kigq8000027-CHI, cache-iad-kcgs7200036-IAD, cache-yul12831-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 220
a57193a46caaa1428383da38c5f256b3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a57193a46caaa1428383da38c5f256b3.png
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2c125ba7b20c741ae39f933cc99aa056fddfb3a6ffa0870148e38dc9c4930f6a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 varnish, 1.1 varnish
age
531414
edge-cache-tag
298087165207406182127059402500291592765,540013304239534656238456105590696977722,29ecf9b93bbf306179626feeda1fab70
cache-tag
298087165207406182127059402500291592765,540013304239534656238456105590696977722,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
141
x-cache
MISS, MISS, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a57193a46caaa1428383da38c5f256b3.png
content-length
11702
x-request-id
ab72eda46192c40fc13807729d5967d2
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Mon, 05 Sep 2022 11:44:16 GMT
server
nginx
x-timer
S1663018651.116167,VS0,VE1
etag
"d85864a2cf8e82d94673d7dfc9d98154"
x-served-by
cache-iad-kiad7000126-IAD, cache-iad-kjyo7100040-IAD, cache-chi-kigq8000032-CHI, cache-iad-kcgs7200051-IAD, cache-yul12831-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 1
648f6030f631e1a3e0be3519a121abf9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/648f6030f631e1a3e0be3519a121abf9.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
20d23ba20cc59ab7945552b0e03ed0f7e5f2e548e546fee028a4db0cd6ff41f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 varnish, 1.1 varnish
age
5979808
edge-cache-tag
432522569507906781793134825095645960921,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag
432522569507906781793134825095645960921,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
42
expiration
expiry-date="Thu, 07 Jul 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/648f6030f631e1a3e0be3519a121abf9.jpg
content-length
15804
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Mon, 06 Jun 2022 19:38:50 GMT
server
nginx
x-timer
S1663018651.116990,VS0,VE1
etag
"1f769be3f1b2ecff44950d441ab62e56"
x-served-by
cache-iad-kjyo7100152-IAD, cache-iad-kcgs7200035-IAD, cache-chi-kigq8000039-CHI, cache-iad-kiad7000164-IAD, cache-yul12831-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1, 1
ecc87a9e77cc1ec1eacb620833c89bc8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ecc87a9e77cc1ec1eacb620833c89bc8.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
16f4c9b7e8034ebc491786b863309b794c6ac9b0da67daaa9e9d142c8d68b89b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 varnish, 1.1 varnish
age
1845855
edge-cache-tag
544905988180311333113199222737713205234,301357617025449185841900537448619923022,29ecf9b93bbf306179626feeda1fab70
cache-tag
544905988180311333113199222737713205234,301357617025449185841900537448619923022,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
678
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ecc87a9e77cc1ec1eacb620833c89bc8.jpg
content-length
18672
x-request-id
4a2efe468be450aa31567649d0db5efd
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Thu, 18 Aug 2022 08:52:23 GMT
server
nginx
x-timer
S1663018651.118526,VS0,VE1
etag
"4b6ad1f0fbb08e663e8ad5df2da3ec50"
x-served-by
cache-iad-kiad7000035-IAD, cache-iad-kjyo7100039-IAD, cache-sna10749-LGB, cache-iad-kjyo7100077-IAD, cache-yul12831-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
41d53fe912f0a61867b14bad9a0dbe78.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/41d53fe912f0a61867b14bad9a0dbe78.png
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b93d936b09e1c858ab10da8d45569bd1958e5b25f15eccd52858fa2178550581

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 varnish, 1.1 varnish
age
3044706
edge-cache-tag
390166115985705841554845168263181871092,441326658986685637957213755838494944928,29ecf9b93bbf306179626feeda1fab70
cache-tag
390166115985705841554845168263181871092,441326658986685637957213755838494944928,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
150
req-referer
https://www.kgw.com/
x-cache
MISS, MISS, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/41d53fe912f0a61867b14bad9a0dbe78.png
content-length
19006
x-request-id
7685e563cfe3863797d13bd8e53e11cb
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sun, 31 Jul 2022 00:27:37 GMT
server
nginx
x-timer
S1663018651.118498,VS0,VE1
etag
"df8baa82c46e1213df19d54ccbbbebbe"
x-served-by
cache-iad-kiad7000114-IAD, cache-iad-kjyo7100131-IAD, cache-lga21928-LGA, cache-iad-kjyo7100152-IAD, cache-yul12831-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 1
1ad7de40be71ffea21ff86933ed29994.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ad7de40be71ffea21ff86933ed29994.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0f5c16bd3d388a235c72c2305e4730db931061938926ac7e43aa460b6d399a18

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 varnish, 1.1 varnish
age
631941
edge-cache-tag
577727792899738969581702979241474929494,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag
577727792899738969581702979241474929494,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
1527
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ad7de40be71ffea21ff86933ed29994.jpg
content-length
7182
x-request-id
b9a8192ba7063b00486bc711411562af
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Mon, 05 Sep 2022 10:55:24 GMT
server
nginx
x-timer
S1663018651.118488,VS0,VE1
etag
"a9da232018aa9a25992c71792de2f7f4"
x-served-by
cache-iad-kjyo7100137-IAD, cache-iad-kjyo7100089-IAD, cache-chi-klot8100026-CHI, cache-iad-kiad7000125-IAD, cache-yul12831-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
083c15c681909d175670a1c5b83b46af.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/083c15c681909d175670a1c5b83b46af.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8b9f4c5bbbd62caf717e9c06835b800a203ae49ca9d4fedce99a42e9913c3812

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 varnish, 1.1 varnish
age
3554660
edge-cache-tag
457226403568797556716024843994388863047,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag
457226403568797556716024843994388863047,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
70
expiration
expiry-date="Fri, 19 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/083c15c681909d175670a1c5b83b46af.jpg
content-length
8870
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Tue, 19 Jul 2022 18:39:05 GMT
server
nginx
x-timer
S1663018651.118465,VS0,VE0
etag
"22411804112a1453416e7fdaf0198a3e"
x-served-by
cache-iad-kcgs7200082-IAD, cache-iad-kiad7000141-IAD, cache-lga21969-LGA, cache-iad-kiad7000110-IAD, cache-yul12831-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1, 6
3beb1cbf0ef1a27de6e7d77a7787dd5d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3beb1cbf0ef1a27de6e7d77a7787dd5d.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9ed5a82a0d155e5c8dfa3083247c02088a3e2dcccc2c2fe1493919f9ab5d0952

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 varnish, 1.1 varnish
age
4604358
edge-cache-tag
591518918629634741277687926542920709055,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
cache-tag
591518918629634741277687926542920709055,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
64
expiration
expiry-date="Sun, 24 Jul 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3beb1cbf0ef1a27de6e7d77a7787dd5d.jpg
content-length
8864
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 23 Jun 2022 09:38:02 GMT
server
nginx
x-timer
S1663018651.129217,VS0,VE1
etag
"2a8f181f96a107e7afb872847cfa2876"
x-served-by
cache-iad-kcgs7200059-IAD, cache-iad-kiad7000086-IAD, cache-lga21965-LGA, cache-iad-kiad7000172-IAD, cache-yul12831-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 2, 1
4e8302f7-ef54-4d97-b65b-7e0eb54a6ed1_1140x641.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.krem.com/assets/KREM/images/4e8302f7-ef54-4d97-b65b-7e0eb54a6ed1/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.krem.com/assets/KREM/images/4e8302f7-ef54-4d97-b65b-7e0eb54a6ed1/4e8302f7-ef54-4d97-b65b-7e0eb54a6ed1_1140x641.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0132527390be1574aa87ca893255bc9e782492897b2b9c861c5ef8c1b195ffc3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
34
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 varnish, 1.1 varnish
age
351723
edge-cache-tag
507889640716720280840471712123414598317,441326658986685637957213755838494944928,29ecf9b93bbf306179626feeda1fab70
cache-tag
507889640716720280840471712123414598317,441326658986685637957213755838494944928,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
1052
x-cache
MISS, MISS, MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.krem.com/assets/KREM/images/4e8302f7-ef54-4d97-b65b-7e0eb54a6ed1/4e8302f7-ef54-4d97-b65b-7e0eb54a6ed1_1140x641.jpg
content-length
34768
x-request-id
5686da514fd1951ab664edb9a789a31c
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 08 Sep 2022 19:50:23 GMT
server
nginx
x-timer
S1663018651.137882,VS0,VE34
etag
"2cd67ed12370c8ecacc697a9a2f9db38"
x-served-by
cache-iad-kjyo7100139-IAD, cache-iad-kiad7000042-IAD, cache-chi-klot8100034-CHI, cache-iad-kiad7000032-IAD, cache-yul12831-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 0
b533d065-0107-4659-a4a6-2423eafd0ced_1140x641.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.krem.com/assets/KGW/images/b533d065-0107-4659-a4a6-2423eafd0ced/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.krem.com/assets/KGW/images/b533d065-0107-4659-a4a6-2423eafd0ced/b533d065-0107-4659-a4a6-2423eafd0ced_1140x641.jpg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4ae607602dde3f97af0951b6c1ee7ea9eb06ec6b4e9d89fe9065db8c9ccd4087

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
19
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 varnish, 1.1 varnish
age
330370
edge-cache-tag
448101784830486485036365047228818356258,441326658986685637957213755838494944928,29ecf9b93bbf306179626feeda1fab70
cache-tag
448101784830486485036365047228818356258,441326658986685637957213755838494944928,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
654
x-cache
MISS, MISS, MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_378%2Cw_680%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.krem.com/assets/KGW/images/b533d065-0107-4659-a4a6-2423eafd0ced/b533d065-0107-4659-a4a6-2423eafd0ced_1140x641.jpg
content-length
16026
x-request-id
fd7af33f295c51cad14c639a91bf33eb
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Fri, 09 Sep 2022 01:38:53 GMT
server
nginx
x-timer
S1663018651.138120,VS0,VE19
etag
"ee0df8cae6c1c6c9419ac412fdaedf49"
x-served-by
cache-iad-kjyo7100033-IAD, cache-iad-kiad7000046-IAD, cache-chi-kigq8000139-CHI, cache-iad-kjyo7100115-IAD, cache-yul12831-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AAD7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.205 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-205.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40305
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 21:37:31 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Sep 2022 08:49:16 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame FC4E
Redirect Chain
  • https://eb2.3lift.com/sync?us_privacy=1YNY&
  • https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
4988f3a131ed7f2d201b4e74ef5bf14ab237a421096487c9ac45b34a19404a60

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
458
content-type
text/html; charset=utf-8
date
Mon, 12 Sep 2022 21:37:31 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 12 Sep 2022 21:37:31 GMT
location
/sync?us_privacy=1YNY&&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
2000210.html
sync.serverbid.com/ss/ Frame 1F63 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2000210.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-99.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dfbebe61b59d122f656a1e968a56f023bae266057f6138950214a971dd9ae620

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
53569
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 06:44:43 GMT
etag
W/"e0a2ffda3ba4c2e59fae557b277a7f63"
last-modified
Sun, 11 Sep 2022 17:21:41 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
x-amz-cf-id
RgjgBkwRIz8_X2vXKHwOm6anpCs50PTiq20FcZdlISpsGJOIDvPERg==
x-amz-cf-pop
EWR53-P1
x-cache
Hit from cloudfront
check.html
biddr.brealtime.com/ Frame A4EB 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
3983
CF-Cache-Status
HIT
CF-RAY
749bc8e9ea698c7d-EWR
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 12 Sep 2022 21:37:31 GMT
Expires
Mon, 12 Sep 2022 22:37:31 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
FcmrJ//FXPhOzCJxosf3rECtkg2kUmB7JIX2XYhWKwAQKS9MZ4r/yfkL7tgxbuiaYLIuIQdASUI=
x-amz-request-id
VDDD90BHT5GBQC4S
ixmatch.html
js-sec.indexww.com/um/ Frame EB79 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.248 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-248.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 21:37:31 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
2000210.html
sync.serverbid.com/ss/ Frame C4B4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2000210.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-99.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dfbebe61b59d122f656a1e968a56f023bae266057f6138950214a971dd9ae620

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
53569
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 06:44:43 GMT
etag
W/"e0a2ffda3ba4c2e59fae557b277a7f63"
last-modified
Sun, 11 Sep 2022 17:21:41 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
x-amz-cf-id
IuCvJg_SwGQmzEZN9R7Q9uKPYol7G6pg-pv_Ui93Ehfc2ZuWpw68xg==
x-amz-cf-pop
EWR53-P1
x-cache
Hit from cloudfront
check.html
biddr.brealtime.com/ Frame 2734 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
3983
CF-Cache-Status
HIT
CF-RAY
749bc8e9ee7d8c12-EWR
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 12 Sep 2022 21:37:31 GMT
Expires
Mon, 12 Sep 2022 22:37:31 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
FcmrJ//FXPhOzCJxosf3rECtkg2kUmB7JIX2XYhWKwAQKS9MZ4r/yfkL7tgxbuiaYLIuIQdASUI=
x-amz-request-id
VDDD90BHT5GBQC4S
sync
eb2.3lift.com/ Frame C3C3
Redirect Chain
  • https://eb2.3lift.com/sync?us_privacy=1YNY&
  • https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
4988f3a131ed7f2d201b4e74ef5bf14ab237a421096487c9ac45b34a19404a60

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
458
content-type
text/html; charset=utf-8
date
Mon, 12 Sep 2022 21:37:31 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 12 Sep 2022 21:37:31 GMT
location
/sync?us_privacy=1YNY&&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync.html
cdn.undertone.com/js/ Frame 9CA1 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2162:e00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
34290
content-encoding
gzip
content-type
text/html
date
Mon, 12 Sep 2022 12:06:02 GMT
etag
W/"690b8831dd941a438fb4bc8230f5d150"
last-modified
Thu, 23 Jun 2022 12:50:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 b9bb8c8d0c6ea9da42e05e460c141e76.cloudfront.net (CloudFront)
x-amz-cf-id
O42TXEAZbBkZb1xwtllggZyzpEcSNliV0sTCpE1C9jCGI6EKQg1iOA==
x-amz-cf-pop
EWR52-C3
x-amz-replication-status
COMPLETED
x-amz-version-id
p2Mlr2XRRx_BAA4Q4UMvSF8IHgqXyHE8
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame CE4F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.248 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-248.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 21:37:31 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame EEF7 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
4787
CF-Cache-Status
HIT
CF-RAY
749bc8e9ea9678df-EWR
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 12 Sep 2022 21:37:31 GMT
Expires
Mon, 12 Sep 2022 22:37:31 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
a1sAHjkC1w1O8YnV4L+nwXQ69xQ/LAp8eqN1B1pjo01SXdfkyHPeCfg62J4Prh75SwZt3PA0HEo=
x-amz-request-id
8HFSHYCYBEV7GGYX
2000210.html
sync.serverbid.com/ss/ Frame 519E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2000210.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-99.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dfbebe61b59d122f656a1e968a56f023bae266057f6138950214a971dd9ae620

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
53569
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 06:44:43 GMT
etag
W/"e0a2ffda3ba4c2e59fae557b277a7f63"
last-modified
Sun, 11 Sep 2022 17:21:41 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
x-amz-cf-id
n1gphrqSjHIVGIVrVLxqBxoDzDAwu0OF-baEK-pNq6KWW3qhFSjFDQ==
x-amz-cf-pop
EWR53-P1
x-cache
Hit from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D7D6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.205 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-205.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40305
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 21:37:31 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Sep 2022 08:49:16 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame C5F4 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2162:e00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
34290
content-encoding
gzip
content-type
text/html
date
Mon, 12 Sep 2022 12:06:02 GMT
etag
W/"690b8831dd941a438fb4bc8230f5d150"
last-modified
Thu, 23 Jun 2022 12:50:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 b9bb8c8d0c6ea9da42e05e460c141e76.cloudfront.net (CloudFront)
x-amz-cf-id
S5LDlXdzXsYiliQKP1br2RgEyz6Szfm-G3NAFsuH7Wkx8iKLaE4oZg==
x-amz-cf-pop
EWR52-C3
x-amz-replication-status
COMPLETED
x-amz-version-id
p2Mlr2XRRx_BAA4Q4UMvSF8IHgqXyHE8
x-cache
Hit from cloudfront
sync
eb2.3lift.com/ Frame 915E
Redirect Chain
  • https://eb2.3lift.com/sync?us_privacy=1YNY&
  • https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
4988f3a131ed7f2d201b4e74ef5bf14ab237a421096487c9ac45b34a19404a60

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
458
content-type
text/html; charset=utf-8
date
Mon, 12 Sep 2022 21:37:31 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 12 Sep 2022 21:37:31 GMT
location
/sync?us_privacy=1YNY&&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BC4D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.205 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-205.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40305
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 21:37:31 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Sep 2022 08:49:16 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame 143E 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2162:e00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
34290
content-encoding
gzip
content-type
text/html
date
Mon, 12 Sep 2022 12:06:02 GMT
etag
W/"690b8831dd941a438fb4bc8230f5d150"
last-modified
Thu, 23 Jun 2022 12:50:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 b9bb8c8d0c6ea9da42e05e460c141e76.cloudfront.net (CloudFront)
x-amz-cf-id
Vsy7SAN6s85g60DNkIdlzmjRyGT2-GcS0NTAXWu3mm-DkClCbj9Rdw==
x-amz-cf-pop
EWR52-C3
x-amz-replication-status
COMPLETED
x-amz-version-id
p2Mlr2XRRx_BAA4Q4UMvSF8IHgqXyHE8
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame A3DC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.248 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-248.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Sep 2022 21:37:31 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sharethrough&us_privacy=1YNY
  • https://creativecdn.com/cm-notify?pi=sharethrough&us_privacy=1YNY&tc=1
  • https://match.sharethrough.com/sync/v1?source_id=PNoZYBiDuXiYZvaVd8ixzJNL&source_user_id=Qqm1WMvcgGOkNCUxBBU6&pi=sharethrough&us_privacy=1YNY&tc=1
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=PNoZYBiDuXiYZvaVd8ixzJNL&source_user_id=Qqm1WMvcgGOkNCUxBBU6&pi=sharethrough&us_privacy=1YNY&tc=1
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
34.201.85.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-85-55.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=PNoZYBiDuXiYZvaVd8ixzJNL&source_user_id=Qqm1WMvcgGOkNCUxBBU6&pi=sharethrough&us_privacy=1YNY&tc=1
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT, Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=&us_privacy=1YNY
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=&us_privacy=1YNY&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEMlRVN0dQMDBBQUEzVllMa2kydw&gdpr=0&gdpr_consent=&us_privacy=1YNY&bee_sync_partners=pm%2Csyn%2Cpp%2Csas%2Cshr&bee_sync...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Csyn%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD2TU7GP00AAA3VYLki2w&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Csas%2Cshr&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAD2TU7GP00AAA3VYLki2w&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cshr%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp,sas,shr&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAD2TU7GP00AAA3VYLki2w
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAD2TU7GP00AAA3VYLki2w
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
34.201.85.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-85-55.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAD2TU7GP00AAA3VYLki2w
Date
Mon, 12 Sep 2022 21:37:32 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=b75dfde1-b8ce-42f6-8fe8-e9417cbd954a&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy=1YNY&us_privacy=1YNY
  • https://x.bidswitch.net/ul_cb/sync?ssp=sharethrough&user_id=b75dfde1-b8ce-42f6-8fe8-e9417cbd954a&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy=1YNY&us_privacy=1YNY
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=840b9800-7fd1-40bd-a695-2bd7ac05ae93&gdpr=0&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=sharethrough&user_id=17osx15X5LXiVHPVylUJ0
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=840b9800-7fd1-40bd-a695-2bd7ac05ae93&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=840b9800-7fd1-40bd-a695-2bd7ac05ae93&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
34.201.85.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-85-55.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=840b9800-7fd1-40bd-a695-2bd7ac05ae93&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Date
Mon, 12 Sep 2022 21:37:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://c.us1.dyntrk.com/adx/dstct/us.php?dynk=d4s3t4c3t&callback=https://match.sharethrough.com/sync/v1?source_id=d5VvCLuDuN8u3E6oruPETyjE&source_user_id=%USERID%&us_privacy=1YNY
  • https://match.sharethrough.com/sync/v1?source_id=d5VvCLuDuN8u3E6oruPETyjE
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=d5VvCLuDuN8u3E6oruPETyjE
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
34.201.85.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-85-55.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Mon, 12 Sep 2022 21:37:31 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://match.sharethrough.com/sync/v1?source_id=d5VvCLuDuN8u3E6oruPETyjE
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
sync
ups.analytics.yahoo.com/ups/58280/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58280/sync?uid=f9631220-0087-4898-b6ea-0659e15676c2&_origin=1&us_privacy=1YNY
  • https://ups.analytics.yahoo.com/ups/58280/sync?uid=f9631220-0087-4898-b6ea-0659e15676c2&_origin=1&us_privacy=1YNY&verify=true
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58280/sync?uid=f9631220-0087-4898-b6ea-0659e15676c2&_origin=1&us_privacy=1YNY&verify=true
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58280/sync?uid=f9631220-0087-4898-b6ea-0659e15676c2&_origin=1&us_privacy=1YNY&verify=true
date
Mon, 12 Sep 2022 21:37:31 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=s&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DxTFJbLbs37tyhbKsPP9VC2cm%26source_user_id%3D%24UID&us_privacy=1YNY
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=807ffc0a
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=807ffc0a
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
34.201.85.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-85-55.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=807ffc0a
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
3Gubrd59Sb2xhJRcEMC4HT2QYdvQqBt83GpLy5zsgI-uvlviUXZBfQ==
pixel
cm.g.doubleclick.net/ 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_dbm&gdpr=0&gdpr_consent=&google_hm=Yjc1ZGZkZTEtYjhjZS00MmY2LThmZTgtZTk0MTdjYmQ5NTRh&us_privacy=1YNY
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58280/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58280/sync?uid=b75dfde1-b8ce-42f6-8fe8-e9417cbd954a&_origin=1&us_privacy=1YNY
  • https://ups.analytics.yahoo.com/ups/58280/sync?uid=b75dfde1-b8ce-42f6-8fe8-e9417cbd954a&_origin=1&us_privacy=1YNY&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58280/sync?uid=b75dfde1-b8ce-42f6-8fe8-e9417cbd954a&_origin=1&us_privacy=1YNY&verify=true
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58280/sync?uid=b75dfde1-b8ce-42f6-8fe8-e9417cbd954a&_origin=1&us_privacy=1YNY&verify=true
date
Mon, 12 Sep 2022 21:37:31 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X&us_privacy=1YNY
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=211975278567969
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=211975278567969
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
34.201.85.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-85-55.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=211975278567969
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
sync
ssbsync.smartadserver.com/api/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=47&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.179 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
iu3
s.amazon-adsystem.com/ Frame 3428
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&dcc=t
394 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
949999ff27f09352cf096e7cd2174d977228c47ae93acf6c9a63cd154633342c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
394
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 12 Sep 2022 21:37:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
W8QXHW4HHDXRS5RE7V75

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 12 Sep 2022 21:37:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
WKFTWMR39DN8BTHQCZ7R
wou0q1dvzqajqlxs9slx.mp4
cdn.taboola.com/libtrc/static/video/v1653514843/ 		855 KB
856 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1653514843/wou0q1dvzqajqlxs9slx.mp4
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
383cc7b48a111e1cc1da508a0f4c8f0a3dfce255a83328a76d68932d0bbb7b41

Request headers

Referer
https://www.krem.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
ZV3zdfbeIE1eCb1XRE_GIMq1p4jgwfPn
via
1.1 varnish
etag
"b2f3b70f45b3875e2cd2cb83f17a26e4"
age
47
x-cache
HIT
Content-Range
bytes 0-875584/875585
x-amz-replication-status
COMPLETED
Content-Length
875585
x-amz-id-2
C0eJ6XXy+WAmCg8e8bw2waUAQf9QDYRHxvtNqFd3CPwZduiGPhVmKWQsYwTkWyI6sIWJd1TSS7M=
x-served-by
cache-yul12831-YUL
last-modified
Wed, 25 May 2022 21:40:50 GMT
server
AmazonS3
x-timer
S1663018651.118791,VS0,VE1
date
Mon, 12 Sep 2022 21:37:31 GMT
x-amz-request-id
34568Y4JCSRF4BNG
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
8
x-cache-hits
0
9.gif
id5-sync.com/c/688/429/0/
Redirect Chain
  • https://id5-sync.com/i/688/8.gif?id5id=ID5*IPbiz0F205FAwCvkEYIAm2gkd1_o4aX062bXuKc9IVciwPQfqRMd_hYZKCoS9dVM&o=api&gdpr_consent=undefined&gdpr=false
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/688/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F688%2F2%2F7%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/688/2/7/2.gif?puid=6740448256026770921&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOO8h8ETp-hGRrPK8bEprY35JfCnSR2Hg43YOO1w&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F688%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/688/3/6/3.gif?puid=20d5631f-a69c-4400-9e92-25efa6b072ff&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=a2c2f461-deb4-4461-8898-1773ade8bb97&ttl=%%TTL%%
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F688%2F429%2F4%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/688/429/4/5.gif?puid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F688%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/688/434/3/6.gif?puid=5c63b8fc-35f1-4969-a16b-e4efe07de565&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F688%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/688/429/2/7.gif?puid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F688%2F108%2F1%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/688/108/1/8.gif?puid=1ae18a8f-69ba-4fa5-9048-7e4f69043c66&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F688%2F429%2F0%2F9.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/688/429/0/9.gif?puid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/688/429/0/9.gif?puid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
HTTP/1.1
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/c/688/429/0/9.gif?puid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent=
date
Mon, 12 Sep 2022 21:37:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.krem.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.krem.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3091401030922614&correlator=2467007223465222&eid=31068458%2C31069443%2C44768258%2C31068883%2C44752585&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=32805352%2Cwa-spokane-KREM-B3354_DesktopTablet%2Cfront_high_impact%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C1x2%7C728x90%7C960x66%7C970x66%7C970x90%7C970x250%7C1140x286%7C1140x600%7C1140x635&ifi=1&adks=227989892&sfv=1-0-38&fsapi=false&prev_scp=refresh%3DFalse%26pwtsid%3D51febaefbb97b84%26pwtbst%3D1%26pwtecp%3D0.49%26pwtpid%3Dconsumable%26pwtpubid%3D160138%26pwtprofid%3D3953%26pwtverid%3D7%26pwtsz%3D970x250%26pwtplt%3Ddisplay%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%261plus-x%3D2r%252C33%252C1q%252C22%252C1r%252C34%252Ca%252C2t%252C1t%252C2u%252C1u%252C1c%252C3i%252C30%252C31%252C3r%252C32&eri=1&cust_params=video_included%3DFalse%26ttid%3D%26pgtype%3Dindex%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.krem.com%252F&ppid=ae8e460c-8bff-4416-9d55-a67bfab48a7b&sc=1&cookie_enabled=1&abxe=1&dt=1663018651165&lmt=1663018651&dlt=1663018649016&idt=1499&adxs=436&adys=1157&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.krem.com%2F&frm=20&vis=1&psz=1140x60&msz=788x60&fws=4&ohw=1600&ga_vid=1086046727.1663018650&ga_sid=1663018651&ga_hid=348046418&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85c5556d91b6ff6a9e926a8be1d139c075b2a82d2f7dbfec8ac3c501eae8c2d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9781
x-xss-protection
0
google-lineitem-id
5659085183
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138345552064
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AA7E 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:31 GMT
expires
Tue, 12 Sep 2023 21:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3091401030922614&correlator=2093841124474303&eid=31068458%2C31069443%2C44768258%2C31068883%2C44752585&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=32805352%2Cwa-spokane-KREM-B3354_DesktopTablet%2Cmasthead_sponsor%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=112x38&ifi=2&adks=2393057965&sfv=1-0-38&fsapi=false&prev_scp=refresh%3DFalse%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%261plus-x%3D2r%252C33%252C1q%252C22%252C1r%252C34%252Ca%252C2t%252C1t%252C2u%252C1u%252C1c%252C3i%252C30%252C31%252C3r%252C32&eri=1&cust_params=video_included%3DFalse%26ttid%3D%26pgtype%3Dindex%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.krem.com%252F&ppid=ae8e460c-8bff-4416-9d55-a67bfab48a7b&sc=1&cookie_enabled=1&abxe=1&dt=1663018651188&lmt=1663018651&dlt=1663018649016&idt=1499&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.krem.com%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=644&ohw=1600&ga_vid=1086046727.1663018650&ga_sid=1663018651&ga_hid=348046418&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f0c0c8dce16bb942156ecc7fc060ce5a8804228424ef17d212f86f0681f92bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12299
x-xss-protection
0
google-lineitem-id
6053957011
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138396610983
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3091401030922614&correlator=3585968341263181&eid=31068458%2C31069443%2C44768258%2C31068883%2C44752585&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=32805352%2Cwa-spokane-KREM-B3354_DesktopTablet%2Cexit_interstitial_display%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=3&adks=2620037181&sfv=1-0-38&fsapi=false&prev_scp=refresh%3DFalse%261plus-x%3D2r%252C33%252C1q%252C22%252C1r%252C34%252Ca%252C2t%252C1t%252C2u%252C1u%252C1c%252C3i%252C30%252C31%252C3r%252C32%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cust_params=video_included%3DFalse%26ttid%3D%26pgtype%3Dindex%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.krem.com%252F&ppid=ae8e460c-8bff-4416-9d55-a67bfab48a7b&sc=1&cookie_enabled=1&abxe=1&dt=1663018651249&lmt=1663018651&dlt=1663018649016&idt=1499&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.krem.com%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=1086046727.1663018650&ga_sid=1663018651&ga_hid=348046418&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1201cda3c05b0b9cba26561b85fdab43d24dba74960330269610d0553906618a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9548
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3091401030922614&correlator=227017832289974&eid=31068458%2C31069443%2C44768258%2C31068883%2C44752585&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=32805352%2Cwa-spokane-KREM-B3354_DesktopTablet%2Cfront_universal%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1140x250%7C1140x600%7C970x250%7C728x90%7C1x1&ifi=4&adks=416635853&sfv=1-0-38&fsapi=false&prev_scp=refresh%3DFalse%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%261plus-x%3D2r%252C33%252C1q%252C22%252C1r%252C34%252Ca%252C2t%252C1t%252C2u%252C1u%252C1c%252C3i%252C30%252C31%252C3r%252C32&eri=1&cust_params=video_included%3DFalse%26ttid%3D%26pgtype%3Dindex%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.krem.com%252F&ppid=ae8e460c-8bff-4416-9d55-a67bfab48a7b&sc=1&cookie_enabled=1&abxe=1&dt=1663018651303&lmt=1663018651&dlt=1663018649016&idt=1499&adxs=230&adys=30&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.krem.com%2F&frm=20&vis=1&psz=1600x-1&msz=1140x-1&fws=516&ohw=1600&ga_vid=1086046727.1663018650&ga_sid=1663018651&ga_hid=348046418&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b373ba6150393be9f68785c239df92bc75b03c084d7f9a1e9116ba5a6ef23920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12375
x-xss-protection
0
google-lineitem-id
6070410692
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138404107035
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3091401030922614&correlator=3925424880981808&eid=31068458%2C31069443%2C44768258%2C31068883%2C44752585&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=32805352%2Cwa-spokane-KREM-B3354_DesktopTablet%2Cfront_atf%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=5&adks=1124529942&sfv=1-0-38&fsapi=false&prev_scp=refresh%3DFalse%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%261plus-x%3D2r%252C33%252C1q%252C22%252C1r%252C34%252Ca%252C2t%252C1t%252C2u%252C1u%252C1c%252C3i%252C30%252C31%252C3r%252C32&eri=1&cust_params=video_included%3DFalse%26ttid%3D%26pgtype%3Dindex%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.krem.com%252F&ppid=ae8e460c-8bff-4416-9d55-a67bfab48a7b&sc=1&cookie_enabled=1&abxe=1&dt=1663018651382&lmt=1663018651&dlt=1663018649016&idt=1499&adxs=1040&adys=162&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.krem.com%2F&frm=20&vis=1&psz=360x310&msz=360x310&fws=4&ohw=1600&ga_vid=1086046727.1663018650&ga_sid=1663018651&ga_hid=348046418&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0cc554a1074b21476a1c5183f8d58a59cc61e18fc32c99b3df2c3048a56e1cd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9444
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
78944548d2909bc65713ad586777137f5a3725e7eea74ae4d51b41d5edd628b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 21:49:00 GMT
server
nginx
etag
W/"630fd74c-a143"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 13 Sep 2022 21:37:31 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 706C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssq9xzCZFTL_9IIk-dyCgWmE1czU99oWgWXsnm_JK3jw_dbsm8ag_E5f3N8XNex-xZayXfXN5P2lPyy9jBWN8VLune3eXg95dgaHxL-DARpHEJ_PkLMdeshc69YreRitjfkhE_LhEBZQSfVyND6OpgmxzkShyw6MFjep_zKkDVXQAR7Az52-blMzvG7NWdsuokyFkKOkhApCosfd58zbEcfNvInLgZYs8SNHtMs53TeS5Vd_LOfdrVAtKyJ0rhi_kwJs3FOrUoWh6ONAc__Jy8Sv6grjMDYyVUHt_ddylmwyT3gEnBk6o1F5egve0u3OQmfesvo1ulXIrr7krqcLQr1zT2JLBcLPghdBIIi7AvduA4lBP8l49ND&sai=AMfl-YSw1QSmg1G3aoWdAoikhi3g4JqKfAAD37GpN7h9Gm_7KzbNPxDsAHZCBFcgOljzOe32TK4n9dzYMe-H7vz1n2LH_8_C9Q-4HiSiiAbPkOMWScjs1IwUOOTn106pow&sig=Cg0ArKJSzKhn5wNCTtxhEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 706C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:36:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:36:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 706C 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44876
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662981969255015"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 21:37:31 GMT
l
www.google.com/ads/measurement/ Frame 706C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTvHD9CasyY6DKfOm0eCDbHTgWcrEJXZjFWQd526YUYcBggqp8WErGZD2n-1b3qIRqJ3eYc7sDJNFjattxl9eTxAlvXAg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
7210338555586140309
tpc.googlesyndication.com/simgad/ Frame 706C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7210338555586140309
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
692888892426f3a2260fc2d189f5348fe3df95e28a0b861459996733a4049c98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 10:02:45 GMT
x-content-type-options
nosniff
age
214486
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4664
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 22:41:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 10 Sep 2023 10:02:45 GMT
pubcid.min.js
sync.serverbid.com/id/ Frame 1F63 		58 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/id/pubcid.min.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-99.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77255410684dbbba858c6fabae907a3e8ab1b2a85e43a0ca144fd723d1400327

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/ss/2000210.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:37:30 GMT
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
last-modified
Tue, 17 May 2022 13:13:32 GMT
server
AmazonS3
age
28802
etag
"6347b683934f37cb70a4ee686f0c036a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
59798
x-amz-cf-id
mKoXdpVpP1-z9mGxO-B6ky-GQPltDnUUYCW2znyBXW25-oAFa2eTyg==
pubcid.min.js
sync.serverbid.com/id/ Frame C4B4 		58 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/id/pubcid.min.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-99.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77255410684dbbba858c6fabae907a3e8ab1b2a85e43a0ca144fd723d1400327

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/ss/2000210.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:37:30 GMT
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
last-modified
Tue, 17 May 2022 13:13:32 GMT
server
AmazonS3
age
28802
etag
"6347b683934f37cb70a4ee686f0c036a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
59798
x-amz-cf-id
ydihpjPw9dDFIe5ebdedd8tFhQn5aNvAwh2t-YrzQXsFOW2VZaF25w==
pubcid.min.js
sync.serverbid.com/id/ Frame 519E 		58 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/id/pubcid.min.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-99.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77255410684dbbba858c6fabae907a3e8ab1b2a85e43a0ca144fd723d1400327

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/ss/2000210.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:37:30 GMT
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
last-modified
Tue, 17 May 2022 13:13:32 GMT
server
AmazonS3
age
28802
etag
"6347b683934f37cb70a4ee686f0c036a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
59798
x-amz-cf-id
xnbTrbaCKBd8BR0DYgywA03PrzvSmc4DbevlmihSI1HRGaVIdLP0dQ==
st
imprnjmp.taboola.com/ Frame 6E6C 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7oqoCFgNbSF7ciR5n2gRbSF7ciR5n2gUAAAAGBvQHJOUbDic2k3Ot3Gw2a9FuOHMLV7vNWrkaLjajhW1iXI6MQFK-4XBiMznXys1msxbthjO3cLXbrJWr4WIzWtgmxuXICiPGcpkMaoGEZfb7DmqG027Q8M2ut90gKrreFrvDafa8oQJNp8Pnutfrfr-71vJy2zV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAJhsC0SEHQvvtpsvLYfYHAAAAAAgAAAAACYAA4GQJgAdZ6cn_________f8wAfeaNzP____-NQg_Agw_AgxAAAMDFEAAG4Vev66Y-EYFiESMAAACASpzM2qNJnVBZVP3___dbAVwBAAQMzoguM2XpDkq8hQEAAACMLdDD4vebHXaN3-2y_________3-z_7N_NCEbAIA04UkUe7VfQACAtV9AAAC2cQMAeAuACzqCVgwGqyOI3XI4OwAAAIC7____fz0Qm5hsI8_MNxq5TLOFbWXbmDYT58xmGlk2zo1tuD3eAqcLrdUh2b4SYZn9voOa4bQbNHyz6203iIqut8XucJo9B_FBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0v4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggzw8VoNvEs3CrjaOIWrSyDtXI5WrkVo8Vy47KZLDbfYi16fUwPx3KycSy8KBhQsRfJ0yKdKDa-1XAzGiw2Nstk5plMZhvXxDib2RwL32aw2kzEEs3JIp3ILvvaxGQbeWa-0chlmi1sK9vGtJk4ZzbTyLJxbmzDfWe4GM0mnoVbZRxN3KKVZbBWLkcrt2K0WG5cNpPF5lusRa-P6eFYTjaOhb8xm20Gi-FsNdg3ZrPNYDGcrQb7DpPpmfqcjcbD9-8xubymazJ9cxgULoPFu1KdVtqC5KDNXkVOl2amLOqMyud35DUoPAeP6jOsKZ7PcC0knk2-B6Milggu0ono5bM73FrLy20RS5Smi3SiL_rdLsPD5_JXxBLB6SKdCP1ul0X9R4cYLeeq2Vyx2swVw8UqAQAAAAAAAAAsYcq8CQAAAMBpELPNcrhb50Esl4vhaLVcgAfrFN2fcnsWpeze3N1cD8kauCsq5eLGjxXo5bM73FrLy21lgAdrBebNnwlirVbLGgAAQAAbAABAgFs3b4HoUPz___9_HAAAgIwcPQAAAP0-EFUD3Oi1Qg__QKsGAw!&cmcv=&pix=undefined&cb=1663018651501&uv=3223&tms=1663018651501&abt=inc_all_video_vA!nrlc_vA!ntvc_vB!spa2_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=e788bfd9-9333-478f-8573-958134a6b89d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
59dee9fb5c137ac06664d0610323bf40a94b268cc026cb438a0dab2608d0bec6

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Mon, 12 Sep 2022 21:37:31 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12831-YUL
x-timer
S1663018652.522925,VS0,VE20
sync
us-match.taboola.com/ Frame 2D0E 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V7oqoCFgNbSF7ciR5n2gRbSF7ciR5n2gUAAAAGBvQHJOUbDic2k3Ot3Gw2a9FuOHMLV7vNWrkaLjajhW1iXI6MQFK-4XBiMznXys1msxbthjO3cLXbrJWr4WIzWtgmxuXICiPGcpkMaoGEZfb7DmqG027Q8M2ut90gKrreFrvDafa8oQJNp8Pnutfrfr-71vJy2zV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAJhsC0SEHQvvtpsvLYfYHAAAAAAgAAAAACYAA4GQJgAdZ6cn_________f8wAfeaNzP____-NQg_Agw_AgxAAAMDFEAAG4Vev66Y-EYFiESMAAACASpzM2qNJnVBZVP3___dbAVwBAAQMzoguM2XpDkq8hQEAAACMLdDD4vebHXaN3-2y_________3-z_7N_NCEbAIA04UkUe7VfQACAtV9AAAC2cQMAeAuACzqCVgwGqyOI3XI4OwAAAIC7____fz0Qm5hsI8_MNxq5TLOFbWXbmDYT58xmGlk2zo1tuD3eAqcLrdUh2b4SYZn9voOa4bQbNHyz6203iIqut8XucJo9B_FBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0v4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggzw8VoNvEs3CrjaOIWrSyDtXI5WrkVo8Vy47KZLDbfYi16fUwPx3KycSy8KBhQsRfJ0yKdKDa-1XAzGiw2Nstk5plMZhvXxDib2RwL32aw2kzEEs3JIp3ILvvaxGQbeWa-0chlmi1sK9vGtJk4ZzbTyLJxbmzDfWe4GM0mnoVbZRxN3KKVZbBWLkcrt2K0WG5cNpPF5lusRa-P6eFYTjaOhb8xm20Gi-FsNdg3ZrPNYDGcrQb7DpPpmfqcjcbD9-8xubymazJ9cxgULoPFu1KdVtqC5KDNXkVOl2amLOqMyud35DUoPAeP6jOsKZ7PcC0knk2-B6Milggu0ono5bM73FrLy20RS5Smi3SiL_rdLsPD5_JXxBLB6SKdCP1ul0X9R4cYLeeq2Vyx2swVw8UqAQAAAAAAAAAsYcq8CQAAAMBpELPNcrhb50Esl4vhaLVcgAfrFN2fcnsWpeze3N1cD8kauCsq5eLGjxXo5bM73FrLy21lgAdrBebNnwlirVbLGgAAQAAbAABAgFs3b4HoUPz___9_HAAAgIwcPQAAAP0-EFUD3Oi1Qg__QKsGAw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
bcf53d6a19c31ebd93ac0517d1d7248fefba8e3234ced423becbdb7ecc991f08

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 12 Sep 2022 21:37:31 GMT
machineid
3107
server
nginx
st
us-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7oqoCFgNbSF7ciR5n2gRbSF7ciR5n2gUAAAAGBvQHJOUbDic2k3Ot3Gw2a9FuOHMLV7vNWrkaLjajhW1iXI6MQFK-4XBiMznXys1msxbthjO3cLXbrJWr4WIzWtgmxuXICiPGcpkMaoGEZfb7DmqG027Q8M2ut90gKrreFrvDafa8oQJNp8Pnutfrfr-71vJy2zV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAJhsC0SEHQvvtpsvLYfYHAAAAAAgAAAAACYAA4GQJgAdZ6cn_________f8wAfeaNzP____-NQg_Agw_AgxAAAMDFEAAG4Vev66Y-EYFiESMAAACASpzM2qNJnVBZVP3___dbAVwBAAQMzoguM2XpDkq8hQEAAACMLdDD4vebHXaN3-2y_________3-z_7N_NCEbAIA04UkUe7VfQACAtV9AAAC2cQMAeAuACzqCVgwGqyOI3XI4OwAAAIC7____fz0Qm5hsI8_MNxq5TLOFbWXbmDYT58xmGlk2zo1tuD3eAqcLrdUh2b4SYZn9voOa4bQbNHyz6203iIqut8XucJo9B_FBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0v4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggzw8VoNvEs3CrjaOIWrSyDtXI5WrkVo8Vy47KZLDbfYi16fUwPx3KycSy8KBhQsRfJ0yKdKDa-1XAzGiw2Nstk5plMZhvXxDib2RwL32aw2kzEEs3JIp3ILvvaxGQbeWa-0chlmi1sK9vGtJk4ZzbTyLJxbmzDfWe4GM0mnoVbZRxN3KKVZbBWLkcrt2K0WG5cNpPF5lusRa-P6eFYTjaOhb8xm20Gi-FsNdg3ZrPNYDGcrQb7DpPpmfqcjcbD9-8xubymazJ9cxgULoPFu1KdVtqC5KDNXkVOl2amLOqMyud35DUoPAeP6jOsKZ7PcC0knk2-B6Milggu0ono5bM73FrLy20RS5Smi3SiL_rdLsPD5_JXxBLB6SKdCP1ul0X9R4cYLeeq2Vyx2swVw8UqAQAAAAAAAAAsYcq8CQAAAMBpELPNcrhb50Esl4vhaLVcgAfrFN2fcnsWpeze3N1cD8kauCsq5eLGjxXo5bM73FrLy21lgAdrBebNnwlirVbLGgAAQAAbAABAgFs3b4HoUPz___9_HAAAgIwcPQAAAP0-EFUD3Oi1Qg__QKsGAw!&cmcv=&pix=31589837&cb=1663018651501&uv=3223&tms=1663018651501&abt=inc_all_video_vA!nrlc_vA!ntvc_vB!spa2_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1663018648804.8!ts:1663018651501&mntl=2
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-length
0
server
nginx
xuid
eb2.3lift.com/ Frame 915E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a2c2f461-deb4-4461-8898-1773ade8bb97&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=a2c2f461-deb4-4461-8898-1773ade8bb97&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=a2c2f461-deb4-4461-8898-1773ade8bb97&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame 915E
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 915E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO834LNaEZeLq5TpXATi4RI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO834LNaEZeLq5TpXATi4RI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO834LNaEZeLq5TpXATi4RI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 915E
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D
date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 915E
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3925327059705463040423&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3925327059705463040423&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=696198a4-dc0f-457a-af19-d83de666f4d4&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=696198a4-dc0f-457a-af19-d83de666f4d4&_noobservation=1&_expected_cookie=e4cf503...
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=696198a4-dc0f-457a-af19-d83de666f4d4&_noobservation=1&_expected_cookie=e4cf503f8d76f79a1506d1b76129ca42
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
749bc8f15e8fa1e7-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=696198a4-dc0f-457a-af19-d83de666f4d4&_noobservation=1&_expected_cookie=e4cf503f8d76f79a1506d1b76129ca42
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
749bc8f05d19a1e7-YYZ
content-length
0
xuid
eb2.3lift.com/ Frame 915E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3925327059705463040423&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=840b9800-7fd1-40bd-a695-2bd7ac05ae93
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=840b9800-7fd1-40bd-a695-2bd7ac05ae93
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=252556e4-8972-4825-a50b-9b9115fa0160&ssp=triplelift&expires=30&user_group=5&bsw_param=840b9800-7fd1-40bd-a695-2bd7ac05ae93
  • https://eb2.3lift.com/xuid?mid=2409&xuid=840b9800-7fd1-40bd-a695-2bd7ac05ae93&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=840b9800-7fd1-40bd-a695-2bd7ac05ae93&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=840b9800-7fd1-40bd-a695-2bd7ac05ae93&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 12 Sep 2022 21:37:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 915E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3925327059705463040423?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-1LpqFjVE2oTgkxT._e8BqielKK0yid.VWqEkPVeKxA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-1LpqFjVE2oTgkxT._e8BqielKK0yid.VWqEkPVeKxA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 12 Sep 2022 21:37:31 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-1LpqFjVE2oTgkxT._e8BqielKK0yid.VWqEkPVeKxA--~A&dongle=0883
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 915E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3925327059705463040423
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
c.gif
c.bing.com/ Frame 915E 		42 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3925327059705463040423&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:30 GMT
etag
"de363c295b2d81:0"
last-modified
Wed, 17 Aug 2022 23:56:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5250C830745443D1982EF94ADFDD16DC Ref B: YTO01EDGE0812 Ref C: 2022-09-12T21:37:31Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 915E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=sLxirMxaRNIjUTPSKkSe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5ONGHQ2LSJV4GC...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=sLxirMxaRNIjUTPSKkSe
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=sLxirMxaRNIjUTPSKkSe
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=sLxirMxaRNIjUTPSKkSe
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame FC4E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a2c2f461-deb4-4461-8898-1773ade8bb97&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=a2c2f461-deb4-4461-8898-1773ade8bb97&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=a2c2f461-deb4-4461-8898-1773ade8bb97&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame FC4E
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame FC4E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO834LNaEZeLq5TpXATi4RI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO834LNaEZeLq5TpXATi4RI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO834LNaEZeLq5TpXATi4RI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FC4E
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D
date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame FC4E
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3925327059705463040423&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3925327059705463040423&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=696198a4-dc0f-457a-af19-d83de666f4d4&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=696198a4-dc0f-457a-af19-d83de666f4d4&_noobservation=1&_expected_cookie=df549f1...
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=696198a4-dc0f-457a-af19-d83de666f4d4&_noobservation=1&_expected_cookie=df549f10a127003547161493242c2907
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
749bc8f13e69a1e7-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=696198a4-dc0f-457a-af19-d83de666f4d4&_noobservation=1&_expected_cookie=df549f10a127003547161493242c2907
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
749bc8f02cdca1e7-YYZ
content-length
0
xuid
eb2.3lift.com/ Frame FC4E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3925327059705463040423&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8514218752795873796&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=840b9800-7fd1-40bd-a695-2bd7ac05ae93&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=840b9800-7fd1-40bd-a695-2bd7ac05ae93&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=840b9800-7fd1-40bd-a695-2bd7ac05ae93&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 12 Sep 2022 21:37:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame FC4E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3925327059705463040423?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-1LpqFjVE2oTgkxT._e8BqielKK0yid.VWqEkPVeKxA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-1LpqFjVE2oTgkxT._e8BqielKK0yid.VWqEkPVeKxA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 12 Sep 2022 21:37:31 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-1LpqFjVE2oTgkxT._e8BqielKK0yid.VWqEkPVeKxA--~A&dongle=0883
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame FC4E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3925327059705463040423
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
c.gif
c.bing.com/ Frame FC4E 		42 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3925327059705463040423&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:30 GMT
etag
"de363c295b2d81:0"
last-modified
Wed, 17 Aug 2022 23:56:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3361099519EB4D9FB1E6C263BD7118B0 Ref B: YTO01EDGE0812 Ref C: 2022-09-12T21:37:31Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame FC4E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=9-ix6QKcq2Ib3Qgz91hZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5HEWWS6BWKFFWG...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=9-ix6QKcq2Ib3Qgz91hZ
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=9-ix6QKcq2Ib3Qgz91hZ
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=9-ix6QKcq2Ib3Qgz91hZ
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame C3C3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a2c2f461-deb4-4461-8898-1773ade8bb97&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=a2c2f461-deb4-4461-8898-1773ade8bb97&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=a2c2f461-deb4-4461-8898-1773ade8bb97&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame C3C3
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame C3C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO834LNaEZeLq5TpXATi4RI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO834LNaEZeLq5TpXATi4RI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO834LNaEZeLq5TpXATi4RI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C3C3
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkyNTMyNzA1OTcwNTQ2MzA0MDQyMw%3D%3D
date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame C3C3
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3925327059705463040423&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3925327059705463040423&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=696198a4-dc0f-457a-af19-d83de666f4d4&_noobservation=1
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=696198a4-dc0f-457a-af19-d83de666f4d4&_noobservation=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
749bc8f08d5ca1e7-YYZ
content-length
43
content-type
image/gif

Redirect headers

date
Mon, 12 Sep 2022 21:37:31 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 6AE643BF2CCC455C97186E9F216AFC22 Ref B: YTO01EDGE0810 Ref C: 2022-09-12T21:37:32Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=696198a4-dc0f-457a-af19-d83de666f4d4&_noobservation=1
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXogbQC3fx1irTC7cF5ZA==
xuid
eb2.3lift.com/ Frame C3C3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3925327059705463040423&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=1821034a-12a8-42b3-8b1d-acccf684ecee&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=840b9800-7fd1-40bd-a695-2bd7ac05ae93&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=840b9800-7fd1-40bd-a695-2bd7ac05ae93&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=840b9800-7fd1-40bd-a695-2bd7ac05ae93&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 12 Sep 2022 21:37:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame C3C3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3925327059705463040423?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-1LpqFjVE2oTgkxT._e8BqielKK0yid.VWqEkPVeKxA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-1LpqFjVE2oTgkxT._e8BqielKK0yid.VWqEkPVeKxA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 12 Sep 2022 21:37:31 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-1LpqFjVE2oTgkxT._e8BqielKK0yid.VWqEkPVeKxA--~A&dongle=0883
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame C3C3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3925327059705463040423
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
c.gif
c.bing.com/ Frame C3C3 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3925327059705463040423&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:30 GMT
etag
"de363c295b2d81:0"
last-modified
Wed, 17 Aug 2022 23:56:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 55DFBEFD6B954D45B921FA9FCDB46CF1 Ref B: YTO01EDGE0812 Ref C: 2022-09-12T21:37:31Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame C3C3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=ZTQbFeJQMV3vJfNj1D20&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LJKFCYSGMVFFC...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZTQbFeJQMV3vJfNj1D20
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZTQbFeJQMV3vJfNj1D20
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&&ld=1
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZTQbFeJQMV3vJfNj1D20
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usermatch
r.casalemedia.com/ Frame 0CE2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07b3319d5a741f1ca29867ca20eea04e4254d196841a7887143c720c564e007

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
749bc8ed7a06f97d-YYZ
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 21:37:31 GMT
dropped-udsids
241|230|45|39|18|196|111|152
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Hrdxs%2F2MZVqfs%2BGWsZ%2Bqv63EimA%2FGsMF7dLDSY1QpfJbetN5TrAXD98EVpaaL15EsKpbKObH%2BjSXBP9WQolORIIpgMgt58Qr73aZq4rhwLsNlb%2FzBjHSUmLt%2BZqwo%2FKt9LD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
749bc8ecbab95473-YYZ
content-type
text/html; charset=iso-8859-1
date
Mon, 12 Sep 2022 21:37:31 GMT
expires
0
location
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yxA50mgXW%2BEXZCvCRcK1S5625XZpgygF9vyV3KwEblY2VXulBu8dQMXteY7XFFTej38EjEBo5r1x%2BzTXRP4s6ykuakJHP2dQBlvIVU1R3IWNqMhPKDGWUqEJVClD5C55pFKOorHQHUXXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D63A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 21:37:31 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 12 Sep 2022 21:37:31 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
getuidnb
ib.adnxs.com/ Frame 9CA1 		43 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:31 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b1dff338-017c-4b61-a12b-c682fd8c4875
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 9CA1
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21314d99-b3a7-458c-8e3f-a316f81d65b0
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21314d99-b3a7-458c-8e3f-a316f81d65b0
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
Q2RkKb-rYhpwpElgup9O6eyc5cM5-2kKBOsbU_GbFyHHGqdLcIgeyw==

Redirect headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21314d99-b3a7-458c-8e3f-a316f81d65b0
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame 9CA1
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-uIK0yS1E2uFT7pr82qeiWvTtuAU478a0~A
0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-uIK0yS1E2uFT7pr82qeiWvTtuAU478a0~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
zxh91-Ak1JfhmbxcxpjPD75S0-fRBdzzlDZQ4D0EDvqpKOIWzBXlJQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-uIK0yS1E2uFT7pr82qeiWvTtuAU478a0~A
date
Mon, 12 Sep 2022 21:37:31 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 9CA1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=a2c2f461-deb4-4461-8898-1773ade8bb97&ttl=1665610652
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=a2c2f461-deb4-4461-8898-1773ade8bb97&ttl=1665610652
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
GCyB-n2AXhvl4aYlQlszqChg0rKsdfa4k7w1-b3Qhcf66M0vEOqEnQ==

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=a2c2f461-deb4-4461-8898-1773ade8bb97&ttl=1665610652
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
249
sync
usr.undertone.com/userPixel/ Frame 9CA1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L7ZAD81Z-1G-2SMX
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L7ZAD81Z-1G-2SMX
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
UgWEgv8G9HeLuECBfeP-5YuO8neLvMu0h0DcR3bqv5K_jS2zLkE6IA==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L7ZAD81Z-1G-2SMX
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
undertone
cs.admanmedia.com/sync/ Frame 9CA1 		9 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.214.206.142 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:31 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
sync
usr.undertone.com/userPixel/ Frame 9CA1
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=a357b7e2-e2b0-4b8a-928a-c3d6af9c94d4&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=579dcdc4504b0fce&is_secure=true&networkId=17100&version=1&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAF3WaMSvO5RwMGhflSAAAAAAA&expiration=1663105052&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D0C65799C-ADAA-4108-A890-30B257FC431D
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=0C65799C-ADAA-4108-A890-30B257FC431D
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=0C65799C-ADAA-4108-A890-30B257FC431D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
5Qo074iiSRy5KuDJsO2_CH5dD8VAmHMrlzB-wqhAia6-cZmhIjAqFQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=0C65799C-ADAA-4108-A890-30B257FC431D
date
Mon, 12 Sep 2022 21:37:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame 9CA1
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpa...
  • https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341
0
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
A9PNpJ7DfLpnr8X33oRr7Hmq284MX-JmBrIOm4SYa7m4L4PvVrLK1w==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341
date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
usr.undertone.com/userPixel/ Frame 9CA1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-KkoRqS5E2uGnx3nv8tQ1h2dIBuj7REjgzwr0uAM-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-KkoRqS5E2uGnx3nv8tQ1h2dIBuj7REjgzwr0uAM-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
-2QNE38vlGA8A_xb3O5wFPVIL-r5sspEzud1yZYOmOJXx710ljAWDw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-KkoRqS5E2uGnx3nv8tQ1h2dIBuj7REjgzwr0uAM-~A
date
Mon, 12 Sep 2022 21:37:31 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
t.gif
cw.addthis.com/ Frame 9CA1 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=abf8624aa8e747ea847fab19c4fff796
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 12 Sep 2022 21:37:31 GMT
demconf.jpg
dpm.demdex.net/ Frame 9CA1
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Server
34.214.92.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-92-193.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v036-0e26c1f61.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
rXeqXhkNRsc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v036-0760c9e34.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
1ihtpImPQb4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame 9CA1 		62 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/15597?id=a6inav80s9tudcj0jnuelpimu
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif
396846.gif
idsync.rlcdn.com/ Frame 9CA1
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=a6inav80s9tudcj0jnuelpimu
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=3f9a55d8-7e4f-4f8f-bbc3-3c22362a243a
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=3f9a55d8-7e4f-4f8f-bbc3-3c22362a243a
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 12 Sep 2022 21:37:32 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=3f9a55d8-7e4f-4f8f-bbc3-3c22362a243a
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usermatch.gif
beacon.krxd.net/ Frame 9CA1 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=a6inav80s9tudcj0jnuelpimu
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.42.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-42-95.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1663018651
x-served-by
beacon-n030-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
getuidnb
ib.adnxs.com/ Frame C5F4 		43 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:31 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
04def786-9ea2-4749-bfb4-7ba9ebd4824e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame C5F4
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21314d99-b3a7-458c-8e3f-a316f81d65b0
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21314d99-b3a7-458c-8e3f-a316f81d65b0
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
LJEoKKLa1zP9R_wR55mAu3jWzcXHss432r3WcjhfuOR7TII6bpWXIw==

Redirect headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21314d99-b3a7-458c-8e3f-a316f81d65b0
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame C5F4
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-uIK0yS1E2uFT7pr82qeiWvTtuAU478a0~A
0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-uIK0yS1E2uFT7pr82qeiWvTtuAU478a0~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
6jqAyFpXDhhRVM4s3kGxTlk8wyvGSxHtdIgmXFm2mVeZgUSoieXGNQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-uIK0yS1E2uFT7pr82qeiWvTtuAU478a0~A
date
Mon, 12 Sep 2022 21:37:31 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame C5F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
sync
usr.undertone.com/userPixel/ Frame C5F4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L7ZAD81Z-1D-BY0G
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L7ZAD81Z-1D-BY0G
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
I6m3w9Ff8NMmn0RVzBK6sS7NCdqaecDmkyPpnJBwumcp-j3wdUDONw==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L7ZAD81Z-1D-BY0G
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
Expires
0
undertone
cs.admanmedia.com/sync/ Frame C5F4 		9 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.214.206.142 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:31 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
sync
usr.undertone.com/userPixel/ Frame C5F4
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1a2f2bc6-a0f2-4bed-b2e7-72ecf0af5216&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6407947eb979105c&is_secure=true&networkId=17100&version=1&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFz-Z30_6faAMSnnEtAAAAAAA&expiration=1663105052&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D0C65799C-ADAA-4108-A890-30B257FC431D
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=0C65799C-ADAA-4108-A890-30B257FC431D
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=0C65799C-ADAA-4108-A890-30B257FC431D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
mXapd08r_idDKQTttp5Sh2K6hD1TbK9TOvfNxbMW08lIrXhADZrr2g==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=0C65799C-ADAA-4108-A890-30B257FC431D
date
Mon, 12 Sep 2022 21:37:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame C5F4
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341
0
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
ad9HnsjbLGTL1H15pVEUoLufBFVlpKiFQxz-8SEbnb6swOcmhwTc9Q==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341
date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
usr.undertone.com/userPixel/ Frame C5F4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-KkoRqS5E2uGnx3nv8tQ1h2dIBuj7REjgzwr0uAM-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-KkoRqS5E2uGnx3nv8tQ1h2dIBuj7REjgzwr0uAM-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
NKCiYxiPpc_maU2sDBQKZ56C6332dk1dAENjdU5mfDN9gMxgviqQvA==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-KkoRqS5E2uGnx3nv8tQ1h2dIBuj7REjgzwr0uAM-~A
date
Mon, 12 Sep 2022 21:37:31 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
t.gif
cw.addthis.com/ Frame C5F4 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=abf8624aa8e747ea847fab19c4fff796
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 12 Sep 2022 21:37:31 GMT
demconf.jpg
dpm.demdex.net/ Frame C5F4
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Server
34.214.92.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-92-193.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v036-0f4a4ce87.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
n0x++OCqRGM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v036-0a2a79607.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
JSl+DnFGRrk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame C5F4 		62 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/15597?id=a6inav80s9tudcj0jnuelpimu
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif
458249.gif
idsync.rlcdn.com/ Frame C5F4
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=a6inav80s9tudcj0jnuelpimu
  • https://pippio.com/api/sync?pid=5324&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIm83-mAYSBAgCEABCAEoA
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIm83-mAYSBAgCEABCAEoA&google_gid=CAESEDe5beBZdiHhzI-dS-NCNPk&google_cver=1
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=c594603f-d022-48aa-bb8c-dcd229c131a5
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=c594603f-d022-48aa-bb8c-dcd229c131a5
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=c594603f-d022-48aa-bb8c-dcd229c131a5
date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
usermatch.gif
beacon.krxd.net/ Frame C5F4 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=a6inav80s9tudcj0jnuelpimu
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.42.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-42-95.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1663018651
x-served-by
beacon-n038-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usermatch
r.casalemedia.com/ Frame 3074
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c91c9064748c1a4d94ce2d7dbbbc930aceb7f147bbb9faf94fbaef4a39dba20

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
749bc8ed7a04f97d-YYZ
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 21:37:31 GMT
dropped-udsids
230|45|241|39|88|218|73|57
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZ6FLJW2RnszRAYZ3dL4QUPTPcg2IewmQyFL53CPBmjFCt%2FuFLDCONzLt4%2ByMRFzU0ku%2BnZgNmYSp0fB%2BOHc2uW%2FCteD8hLkO7HSV%2BbNfzOnc5ED%2BBJyvDwN5b3bGnenvbtw"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
749bc8ecbabb5473-YYZ
content-type
text/html; charset=iso-8859-1
date
Mon, 12 Sep 2022 21:37:31 GMT
expires
0
location
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T84NjIWjel58ll22THnPn8dEAQYuUXHJe%2FamIbh8K1HGmSDkT2FtXWOTAH%2BdV6hulSTM30lRlvcCkqjypfW2BCASIgE8%2F6JZzFAcuLvRpRhQF0BQNaHy1vXg0q2cutFNTI3V2WzwdD%2BV3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B610
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 21:37:31 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 12 Sep 2022 21:37:31 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
getuidnb
ib.adnxs.com/ Frame 143E 		43 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:31 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
0f1ac9fe-92f2-4e46-8ad3-a3d2f76fa1d4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 143E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21314d99-b3a7-458c-8e3f-a316f81d65b0
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21314d99-b3a7-458c-8e3f-a316f81d65b0
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
obOhTKVarMjTsCoUUFojgNisbr9uBSvF4TiPGrAZypIMppdgYG6V8Q==

Redirect headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=21314d99-b3a7-458c-8e3f-a316f81d65b0
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame 143E
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-uIK0yS1E2uFT7pr82qeiWvTtuAU478a0~A
0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-uIK0yS1E2uFT7pr82qeiWvTtuAU478a0~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
GesIKfa_4QD53-YDRXLjMr3vLFa0CV37COpOT9DYIUJu5kj_R4jzRQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-uIK0yS1E2uFT7pr82qeiWvTtuAU478a0~A
date
Mon, 12 Sep 2022 21:37:31 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 143E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=a2c2f461-deb4-4461-8898-1773ade8bb97&ttl=1665610651
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=a2c2f461-deb4-4461-8898-1773ade8bb97&ttl=1665610651
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
iAEjas-uLjQT3DvTXzmbeUPloDM5jgWMJG4UDSh4CUwpcq2Cv2sQPg==

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=a2c2f461-deb4-4461-8898-1773ade8bb97&ttl=1665610651
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
249
sync
usr.undertone.com/userPixel/ Frame 143E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L7ZAD86L-U-LLYM
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L7ZAD86L-U-LLYM
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
srjzCjyEgqwTodwlDiKttfc5XV82XW4m2_LVwzF5cUnYpMhV_K8aAw==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L7ZAD86L-U-LLYM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
undertone
cs.admanmedia.com/sync/ Frame 143E 		9 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.214.206.142 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:31 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
sync
usr.undertone.com/userPixel/ Frame 143E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2617dbac-cce6-4337-b447-62fc0b76992c&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6e0383f3976e1082&is_secure=true&networkId=17100&version=1&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHJavbwZXOgAMpBOU6AAAAAAA&expiration=1663105052&nuid=0C65799C-ADAA-4108-A890-30B257FC431D&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D0C65799C-ADAA-4108-A890-30B257FC431D
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=0C65799C-ADAA-4108-A890-30B257FC431D
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=0C65799C-ADAA-4108-A890-30B257FC431D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
l8-gVLRznYmJm4babigh0vB3-0mv1ZOuO9YEnor4kyl8f6OVL4UwAA==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=0C65799C-ADAA-4108-A890-30B257FC431D
date
Mon, 12 Sep 2022 21:37:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame 143E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpa...
  • https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341
0
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
2pVLwAZd04UtIoOkoYHlcVb5jFACSYrDQA-uRemoGLQ9ZGpGVSGcwQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341
date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
usr.undertone.com/userPixel/ Frame 143E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-KkoRqS5E2uGnx3nv8tQ1h2dIBuj7REjgzwr0uAM-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-KkoRqS5E2uGnx3nv8tQ1h2dIBuj7REjgzwr0uAM-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
B72EeD0vaqdYO3SzjlAU-CVNuYt6PET1aR8voSoWK9WxDhFTNoXy2Q==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-KkoRqS5E2uGnx3nv8tQ1h2dIBuj7REjgzwr0uAM-~A
date
Mon, 12 Sep 2022 21:37:31 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
t.gif
cw.addthis.com/ Frame 143E 		0
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=abf8624aa8e747ea847fab19c4fff796
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 12 Sep 2022 21:37:31 GMT
demconf.jpg
dpm.demdex.net/ Frame 143E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Server
34.214.92.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-92-193.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v036-0c205b163.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
XXcrdQHYRc8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v036-0bd01bae4.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
fu1sA7wuTfg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=a6inav80s9tudcj0jnuelpimu
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame 143E 		62 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/15597?id=a6inav80s9tudcj0jnuelpimu
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif
362358.gif
idsync.rlcdn.com/ Frame 143E
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=a6inav80s9tudcj0jnuelpimu
  • https://idsync.rlcdn.com/1000.gif?memo=CITSGBIlCiEIARCakQEaGWE2aW5hdjgwczl0dWRjajBqbnVlbHBpbXUQABoNCJvN_pgGEgUI6AcQAEIASgA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEzSzdmy4bZpheS1EGT37ok&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEzSzdmy4bZpheS1EGT37ok&google_cver=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEzSzdmy4bZpheS1EGT37ok&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 143E 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=a6inav80s9tudcj0jnuelpimu
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.42.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-42-95.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
private, no-cache, no-store
x-request-time
D=23 t=1663018651
x-served-by
beacon-n027-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usermatch
r.casalemedia.com/ Frame 63F0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
993e52f75aa4cf5cba577a72078bd34de791fae9ae7e115fee8a4246c731ad76

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
749bc8ed7a05f97d-YYZ
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 21:37:31 GMT
dropped-udsids
45|241|39|230|40|18|123|64
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kolAg2gD3bPmHYovasMrysTRsopoSCs1jNe8SNnnD%2BGlI%2Fel22nEMKoCHP1%2BmcAtqKZkh5xD9TCssgp2sM8YfJOqH6Usz58r1X816nIJAWV%2F9lsPotICatijiOvlfzeey3j"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
749bc8ecbabc5473-YYZ
content-type
text/html; charset=iso-8859-1
date
Mon, 12 Sep 2022 21:37:31 GMT
expires
0
location
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WA2%2BggdIj%2BLFxHrIaVft02XPtwb%2BB7ITDNKytV%2BANl1uM%2BU18Ay4XUxhmAIqJRnp1o3ZmyDmCnycJSgreuwDWoUsIqlU8d68iSIandXcmgKzSO8b7OimBLaSNSW7ndKrwYwwyLVjTZuvTw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A000
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 21:37:31 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 12 Sep 2022 21:37:31 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AB89 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.205 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-205.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40305
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 21:37:31 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Sep 2022 08:49:16 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
sync
vid.vidoomy.com/ Frame B39E 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 21:37:31 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
HIT
x-77-nzt
AZySJBaW5db/mU0NAA
x-77-nzt-ray
a3ZbbpF41E0
x-77-pop
newyorkUSNY
x-accel-expires
@1663183618
x-age
871833
x-cache
HIT
rid
match.adsrvr.org/track/ Frame 1F63 		109 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
6116a3eccd508afc2aa0006a9dec8d5fd326a318d6e4064807d1253cfd65a7a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 12 Oct 2022 21:37:31 GMT
cookie
cm.adform.net/ Frame 1F63
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F585%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D1b117908-8cf5-4723-a303-61311bb487c...
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F585%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D1b117908-8cf5-4723-a303-61311bb487cb%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F585%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D1b117908-8cf5-4723-a303-61311bb487cb%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID
date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usersync
x.serverbid.com/ Frame 1F63
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID&sovrn_retry=true
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FTkxeLZHR3PtEe5nScqbdRwo
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FTkxeLZHR3PtEe5nScqbdRwo
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Mon, 12 Sep 2022 21:37:31 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FTkxeLZHR3PtEe5nScqbdRwo
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usersync
x.serverbid.com/ Frame 1F63
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24EMXUID&b64_redi...
  • https://cs.emxdgt.com/umcheck?apnxid=6740448256026770921&redirect=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=$EMXUID&b64_redirect=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bm...
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=6740448256026770921brt53451663018651931712bd
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=6740448256026770921brt53451663018651931712bd
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=6740448256026770921brt53451663018651931712bd
date
Mon, 12 Sep 2022 21:37:31 GMT
content-length
0
content-type
text/html
i.gif
e.serverbid.com/udb/9969/sync/ Frame 1F63
Redirect Chain
  • https://p.rfihub.com/cm?pub=42786&in=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=978477409158715723
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=978477409158715723
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=978477409158715723
Date
Mon, 12 Sep 2022 21:37:31 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
x.serverbid.com/ Frame 1F63
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yx.mm01KsayL.r.TyKhWBAAA%262923
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yx.mm01KsayL.r.TyKhWBAAA%262923
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCtV8RVvMy8DzToKCRepg7RYNYFkhDTC69RH2B245qIBA2PRN5%2F2K%2FA7l%2FXNBxcXqM2tGrsrQEQlBYZQgcrufR40g0zre%2FVJGalE6x2NbdkTcGjsiatTOidgLKt9kppKi0xI49hByqIj9A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yx.mm01KsayL.r.TyKhWBAAA%262923
cache-control
no-cache
cf-ray
749bc8edefd0cab4-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
usersync
x.serverbid.com/ Frame 1F63
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D&ox_sc=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=5382a571-0a97-4a06-8f36-7cc48eea876f
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=5382a571-0a97-4a06-8f36-7cc48eea876f
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=5382a571-0a97-4a06-8f36-7cc48eea876f
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
jo6u3f1do666pctmnlmcre859k2s5dls
pbs.gif
sync.colossusssp.com/ Frame 1F63 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.colossusssp.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.2.111.121 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:31 GMT
Server
nginx
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
getuid
sync.smartadserver.com/ Frame 1F63
Redirect Chain
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usersync
x.serverbid.com/ Frame 1F63
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6740448256026770921
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6740448256026770921
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:31 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
65501513-e0df-4bab-9095-a5b2ad66b5cf
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6740448256026770921
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
x.serverbid.com/ Frame 1F63
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=20006cfe-7779-4bd8-bdbb-2bc987eb53d3
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=20006cfe-7779-4bd8-bdbb-2bc987eb53d3
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:31 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-iad-2-5-194
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=20006cfe-7779-4bd8-bdbb-2bc987eb53d3
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 1F63
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
date
Mon, 12 Sep 2022 21:37:31 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie
cm.adform.net/ Frame C4B4
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F696%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0c505aca-d6ee-4f5c-b4ba-e9c94c879ea...
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F696%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0c505aca-d6ee-4f5c-b4ba-e9c94c879ea0%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F696%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0c505aca-d6ee-4f5c-b4ba-e9c94c879ea0%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID
date
Mon, 12 Sep 2022 21:37:30 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usersync
x.serverbid.com/ Frame C4B4
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID&sovrn_retry=true
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FTkxeLZHR3PtEe5nScqbdRwo
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FTkxeLZHR3PtEe5nScqbdRwo
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Mon, 12 Sep 2022 21:37:31 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FTkxeLZHR3PtEe5nScqbdRwo
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usersync
x.serverbid.com/ Frame C4B4
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24EMXUID&b64_redi...
  • https://cs.emxdgt.com/umcheck?apnxid=6740448256026770921&redirect=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=$EMXUID&b64_redirect=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bm...
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=6740448256026770921brt53451663018651931712bd
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=6740448256026770921brt53451663018651931712bd
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=6740448256026770921brt53451663018651931712bd
date
Mon, 12 Sep 2022 21:37:31 GMT
content-length
0
content-type
text/html
i.gif
e.serverbid.com/udb/9969/sync/ Frame C4B4
Redirect Chain
  • https://p.rfihub.com/cm?pub=42786&in=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=978477409158715722
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=978477409158715722
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=978477409158715722
Date
Mon, 12 Sep 2022 21:37:31 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
x.serverbid.com/ Frame C4B4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yx.mm01KsayL.r.TyKhWBAAA%262923
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yx.mm01KsayL.r.TyKhWBAAA%262923
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2Fu6kzX%2Bi6Q05XcwRpT0X5OT51De7LFDNqcWhuRL31lk93jaetisTCj2x9LMc0BbtkLU5S0qyrnOOZ4gLF0kn3IfplnUnL44fRtT9KfOT2ZCKik1HFn0IGCvD8diSHIfkbDv1uSdASAlpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yx.mm01KsayL.r.TyKhWBAAA%262923
cache-control
no-cache
cf-ray
749bc8edefd9cab4-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
usersync
x.serverbid.com/ Frame C4B4
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D&ox_sc=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=5382a571-0a97-4a06-8f36-7cc48eea876f
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=5382a571-0a97-4a06-8f36-7cc48eea876f
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=5382a571-0a97-4a06-8f36-7cc48eea876f
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
vc50846n0cfl3lokhtfp1h0q127pu7t0
pbs.gif
sync.colossusssp.com/ Frame C4B4 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.colossusssp.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.2.111.121 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:31 GMT
Server
nginx
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
getuid
sync.smartadserver.com/ Frame C4B4
Redirect Chain
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usersync
x.serverbid.com/ Frame C4B4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6740448256026770921
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6740448256026770921
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:31 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f341a2a4-e334-4309-874e-f91d852a501a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6740448256026770921
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
x.serverbid.com/ Frame C4B4
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=22408f9d-3775-47ec-8bd7-6341adfe631c
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=22408f9d-3775-47ec-8bd7-6341adfe631c
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-107
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=22408f9d-3775-47ec-8bd7-6341adfe631c
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame C4B4
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
date
Mon, 12 Sep 2022 21:37:31 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0C8B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.205 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-205.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40305
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 21:37:31 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Sep 2022 08:49:16 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
sync
vid.vidoomy.com/ Frame F2EF 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 21:37:31 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
HIT
x-77-nzt
AZySJBZ3Jar/mU0NAA
x-77-nzt-ray
OgXGMkKwZWQ
x-77-pop
newyorkUSNY
x-accel-expires
@1663183618
x-age
871833
x-cache
HIT
rid
match.adsrvr.org/track/ Frame C4B4 		0
0
cookie
cm.adform.net/ Frame 519E
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F689%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc334e879-c81b-40a9-83e7-1a00900a3b8...
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F689%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc334e879-c81b-40a9-83e7-1a00900a3b88%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F689%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc334e879-c81b-40a9-83e7-1a00900a3b88%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%253D%26uid%3D%24UID
date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usersync
x.serverbid.com/ Frame 519E
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID&sovrn_retry=true
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FTkxeLZHR3PtEe5nScqbdRwo
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FTkxeLZHR3PtEe5nScqbdRwo
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Mon, 12 Sep 2022 21:37:31 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FTkxeLZHR3PtEe5nScqbdRwo
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usersync
x.serverbid.com/ Frame 519E
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24EMXUID&b64_redi...
  • https://cs.emxdgt.com/umcheck?apnxid=6740448256026770921&redirect=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=$EMXUID&b64_redirect=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bm...
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=6740448256026770921brt53451663018651931712bd
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=6740448256026770921brt53451663018651931712bd
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=6740448256026770921brt53451663018651931712bd
date
Mon, 12 Sep 2022 21:37:31 GMT
content-length
0
content-type
text/html
i.gif
e.serverbid.com/udb/9969/sync/ Frame 519E
Redirect Chain
  • https://p.rfihub.com/cm?pub=42786&in=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=2809753606263793905
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=2809753606263793905
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=2809753606263793905
Date
Mon, 12 Sep 2022 21:37:31 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
x.serverbid.com/ Frame 519E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yx.mm01KsayL.r.TyKhWBAAA%262923
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yx.mm01KsayL.r.TyKhWBAAA%262923
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qD5SNmitooQt5zcwQ9gyjiRthEfl2PhAmfVIqbVZUtWAQV%2FnjPgeWY62wyXxvj%2B9QSfaLhkcAJQZ2zMZhr2Q%2F7T%2BG3egz6M3sCB%2F%2FTujyc1N2xjshUJCXI3b%2Fpcj8rKcnRH60DF2pq0oxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yx.mm01KsayL.r.TyKhWBAAA%262923
cache-control
no-cache
cf-ray
749bc8edefd5cab4-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
usersync
x.serverbid.com/ Frame 519E
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D&ox_sc=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=5382a571-0a97-4a06-8f36-7cc48eea876f
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=5382a571-0a97-4a06-8f36-7cc48eea876f
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=5382a571-0a97-4a06-8f36-7cc48eea876f
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
3i9hrql1d5ukv8v57mqfkfg1n7hqe2li
pbs.gif
sync.colossusssp.com/ Frame 519E 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.colossusssp.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.2.111.121 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:31 GMT
Server
nginx
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
getuid
sync.smartadserver.com/ Frame 519E
Redirect Chain
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usersync
x.serverbid.com/ Frame 519E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6740448256026770921
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6740448256026770921
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:31 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
7a300bda-9c28-4810-9a6f-10b61a4f27ae
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6740448256026770921
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
x.serverbid.com/ Frame 519E
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=5c63b8fc-35f1-4969-a16b-e4efe07de565
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=5c63b8fc-35f1-4969-a16b-e4efe07de565
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-12
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=5c63b8fc-35f1-4969-a16b-e4efe07de565
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 519E
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
date
Mon, 12 Sep 2022 21:37:31 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C180 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.205 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-205.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40305
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 21:37:31 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Sep 2022 08:49:16 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
sync
vid.vidoomy.com/ Frame 2E2B 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 21:37:31 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
HIT
x-77-nzt
AZySJBYgqhv/mU0NAA
x-77-nzt-ray
dlKF6cR0CUU
x-77-pop
newyorkUSNY
x-accel-expires
@1663183618
x-age
871833
x-cache
HIT
rid
match.adsrvr.org/track/ Frame 519E 		109 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
6df3647d2d3f91436d59e8e77a14d9787a5b4a6bd4f642ee238d0f6782cc86cb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 12 Oct 2022 21:37:31 GMT
wou0q1dvzqajqlxs9slx.mp4
cdn.taboola.com/libtrc/static/video/v1653514843/ 		855 KB
856 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1653514843/wou0q1dvzqajqlxs9slx.mp4
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
383cc7b48a111e1cc1da508a0f4c8f0a3dfce255a83328a76d68932d0bbb7b41

Request headers

Referer
https://www.krem.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
ZV3zdfbeIE1eCb1XRE_GIMq1p4jgwfPn
via
1.1 varnish
etag
"b2f3b70f45b3875e2cd2cb83f17a26e4"
age
47
x-cache
HIT
Content-Range
bytes 0-875584/875585
x-amz-replication-status
COMPLETED
Content-Length
875585
x-amz-id-2
C0eJ6XXy+WAmCg8e8bw2waUAQf9QDYRHxvtNqFd3CPwZduiGPhVmKWQsYwTkWyI6sIWJd1TSS7M=
x-served-by
cache-yul12831-YUL
last-modified
Wed, 25 May 2022 21:40:50 GMT
server
AmazonS3
x-timer
S1663018652.631833,VS0,VE1
date
Mon, 12 Sep 2022 21:37:31 GMT
x-amz-request-id
34568Y4JCSRF4BNG
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
8
x-cache-hits
0
view
securepubads.g.doubleclick.net/pcs/ Frame 01E2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXCbS7Gu7Q0b2LqniMIVtUeXyj7ABSJmIFBmW2lK4XNMO5-fiGo2hlPJ1vGgpIDNjX3FufIHHJcqrergv_K4s5nIjw2FD1p-FeqhrhEFGOrjBc7KO0E-SWDY11I6Q7fR_yXaqYztWrAOKNaxTN8o-HVPsRQCzcsq8XeqBGq7VMkFSUSm7XbYuhbgBb88VPy0rQgsd5kYCKD_FI5OypJm5aEuEmRop5IAjtsZuMEjBwiZtR_1DIWrlrwXU3v_zuPgrpoxUi7Ee5BbsDIKhGlaLPngmraZfE8TKk7xaMUNSEB50uaiUwbyfx_YyCZCVY4FttuUEp4ZsG9N9ZXetJ340l5KbX0LdlaGKR8IerQRyJojHk3rVLnFo&sai=AMfl-YTX3uwdBidr-o5ZasWS9u9cx8rQLbUm-hBJytxOzLo0xTaaMZHZQ7Y_VQCUBqST4PsAgz4ASZNsVKbx6JG3ld8_Um09mJhSG-dhXfydByi56qoSUcRfF3gks2uf6gM&sig=Cg0ArKJSzJh68vKBdd6nEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 01E2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:36:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:36:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 01E2 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44876
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662981969255015"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 21:37:31 GMT
l
www.google.com/ads/measurement/ Frame 01E2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRbVdq2dY3q_NiJLgmVyhZhE8J39awFyNJheEK9yT9-zhgCi4JmmZZRLmBZ7ru5azXVB5oC6bp0UTKLmMGElieOSpjCCA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
15261253814662068254
tpc.googlesyndication.com/simgad/ Frame 01E2 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15261253814662068254
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2c147b11fdac151e5b3a8d2ee27dcffa51e8e5b44fabf35d717e24cbdc3e8ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 05:30:05 GMT
x-content-type-options
nosniff
age
58046
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122296
x-xss-protection
0
last-modified
Fri, 09 Sep 2022 17:20:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Sep 2023 05:30:05 GMT
pr
s.amazon-adsystem.com/v3/ Frame A2C3 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2bce58b585870033e6cb6d0b76e05c70a999fe619b491c0b6bed8c145e316973
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
4315
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 12 Sep 2022 21:37:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
PF72FD06YSM2911R60YN
PugMaster
image6.pubmatic.com/AdServer/ Frame AAD7 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52462304&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f0a53507e02a1dd35fd5f290808ce97724ddd684000173f9a6773849966cf13f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
view
securepubads.g.doubleclick.net/pcs/ Frame 973D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrx3S2CFcPR67QzK2NEfHXpOSAuzfU4IvEnaCpkNpdljvPkJLBlgqoyomqhIFw1RfP71J3BL6NsUY5wdqucg4Jo7V_hGpEEM936rHyCp1pi-QoJyQKXt7qH2Ry8wdBij1WS8JevzUYZLOEkpR9ZIiomFPDhl8EnTXP47jnTsC9QoDqsERmVE5so5MSgEe1XGTep516z6-4o3rmzHaqUeNfJU3BrHjnPjY-RD4MS3SraX75dAhgJuXlGfExSLVKXPg41-ZPIvAVSIAkB4j8e3yjG-lMyPqkyZ20vmVqVXSvY4LndxgSVfl1wFBPiELpJtttOj4i0TqMUmHKpA_0ULClHmlhwJqBxdBnbztatJVhQqJY7LlJb6SFlbZ_PA&sai=AMfl-YRU7jjmd7iZrWcWVU0SRVJrz7XztuR_oUvnhWAyEsW4_BYuZd9Fw2ZcUqkJBuKJjO-Psw7Iy5nCTBghOF0hPpAHQG8z2zXvRULC76LbmzIRCmaOEQbe6DuEfTuvCwk&sig=Cg0ArKJSzFoc2pIH2m8DEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
unit.js
yummy.consumable.com/9770/cnsmbl-video-970x250/widget/ Frame 973D 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yummy.consumable.com/9770/cnsmbl-video-970x250/widget/unit.js?cb=1663018650805
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-128.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f61bde985d3c7077b89abd56a64a198a67d59427a25757d0cea9c5041541292

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:36:41 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 13:13:57 GMT
server
AmazonS3
age
51
etag
W/"88db43fee976bad2c0f81312862452b3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
juRmgpSXp8eBGPgPkb_ppmnspvTaM3tOjGdQyRjK4Dg_fvMDydNgcw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 973D 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44876
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662981969255015"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 21:37:31 GMT
i
x.serverbid.com/rtb/ Frame 973D 		35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/rtb/i?s=6611&a=b14693782ffb08e0e3799fe7b6fb79733d998554a1677851b05a83ac8420697832fe3b678f979fc0&n=198&dnt=0&r=27578&l=22502&p=175&d=www.krem.com&rf=0&i2=CA&kdn=consumable&ksi=2000210&kau=9770&i=e1bda2a5640d30d6&sc=0.0&dr=80bb6c63640eae46&bd=12f4ec6a2379c0ef&adt=1&ts=1663018650805&ip=149.56.153.181&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F105.0.5195.102%20Safari%2F537.36&w=1
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
wt
t.pubmatic.com/ 		17 B
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.pubmatic.com/wt?pubid=160138&purl=https%3A%2F%2Fwww.krem.com%2F&tst=1663018652&iid=3b69193f-494c-43bb-a117-49abd2cee485-edddu&bidid=51febaefbb97b84&pid=3953&pdvid=7&slot=front_high_impact&au=front_high_impact&bc=consumable&pn=consumable&en=0.49&eg=0.49&kgpv=.*front_high_impact.*%40.*%40.*&piid=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.121 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
content-length
17
content-type
text/plain; charset=utf-8
usermatch
ssum-sec.casalemedia.com/ Frame 758C 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c5b05029261606eee551b3c39e0700f3ecc65c7c2425b2b92beef8f2c73cbd0

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
749bc8edefcccab4-YYZ
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 21:37:31 GMT
dropped-udsids
241|39|45|230|3|65|17|176
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofxxcX6EmQdtoZiUZYZpvf8ZYjt%2F3ViCPWgF7Pn122hkkWo3DXCa245Wkc7B2QV2jvflpj235iuQzulsR3JzohVq7JjoZTsPsZBUfqgcsBKlCwDoRa7Hhd8gSRcmi6quaZtbM6gVYj%2BiRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame E5E6 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
822b5bcc947ebe9b3f5fb324aaaa035781f66de21a2aeb0f64e376382cc9ef69

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
749bc8edefd2cab4-YYZ
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 21:37:31 GMT
dropped-udsids
230|45|241|39|11|65|111|4
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tx1U0Vp5IO%2BrhucEg6cBlltUr3s7rU1WmTPrIbglkJmPoTWiZC8lMAl0xNamLfxuzGqSxHjyDol4hfFyOa1VFekDqqOBuDM0%2FSnzNRWkv1WCiR%2BDowfojtGjLDFcUqceH1a7aVfEuRx7KA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
publishertag.prebid.113.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1532d"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 13 Sep 2022 21:37:31 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 08BE 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a55a3a8954de155283c948422632dab6b33e6463b73e2ebc57273957a8f43c2c

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
749bc8edefd7cab4-YYZ
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 21:37:31 GMT
dropped-udsids
45|241|39|230|81|57|17|10
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLGyaKsa%2FMx6Gl6q1biq%2FX5lgqb%2BRzXboDZfpiNusEiunfYBzZMVHQwSl3f5RI4JAQDTMRWICGKsspj9kLjwuhUAEVWCiteROPKTo1VKnbXTbYz3OefB3A7CeN6hMMfcVHzBrmqwD5KeKw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 706C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstivLYir2Ao7jbTZwtYYZBddnZVoldbULcBPmAhuBj4SbcCQqNAnB-xZULbHj6xZOs0cMg_W8wEQIWi_cpn0oz2bScqjtW3sCbaZiDabLK_P1cpRsj7Mgu753NNR7ukBt6c82MvaD-gyIoxeEMUj_LtA2A5Lq8ubTPTd-7TKzUJkQIIv1rWQVy2yubXwDXJjy83kTVSI77oeGErm7yfaKh0UT85BmV1P4Blej503K_PagPwKcRLbqkE1rCbLtbqNnm7dugFn2pBdReAeD-o6EPfL9egSkSjGp4bWIfh2WWF1Ojh-WIkEyZR_NPe9JJsPa_Q8fxd-55eHdPonLw-OEWG_8IVJPShuOAmAJXKpBcLXLNYtQFJQsq-GGw&sai=AMfl-YSZLgAvndabD-Hwv6Qu2fP-kKpa1dCktIzJtamXzS0s_qFbxAnx6xhqCkqiBIWSY_DSZ8tYrk7iLhrE_DSb1I0OuQrMWJ-BI0j1Sw_amCEKbrsIUSKRP70JDXNzHg&sig=Cg0ArKJSzFSnQwXH4KNeEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 12 Sep 2022 21:37:31 GMT
truncated
/ Frame 706C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f41ea718fb594c8b1f7c7dc4b0bb0f6defd066c0996d95a14b9df132349078b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
usersync
x.serverbid.com/ Frame 1F63 		35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=22&dpui=939bee39-5c52-4625-b1ce-b6b9c37f0000
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
container.html
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 19AD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:31 GMT
expires
Tue, 12 Sep 2023 21:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usersync
x.serverbid.com/ Frame C4B4 		35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=22&dpui=939bee39-5c52-4625-b1ce-b6b9c37f0000
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
usersync
x.serverbid.com/ Frame 519E 		35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=22&dpui=939bee39-5c52-4625-b1ce-b6b9c37f0000
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
syncframe
gum.criteo.com/ Frame F095 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.krem.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
17b6c419a7f65afd0e75266dcace486b79ceae9242177feaa960dda92816c4cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:31 GMT
server
Kestrel
server-processing-duration-in-ticks
840144
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame D63A 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b6173d6f54fba912266ad51fd3664d5729e638c7fbbfb4ffca36b2e06905855b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 20:46:19 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=21935
content-type
text/html; charset=UTF-8
content-length
9379
expires
Tue, 13 Sep 2022 03:43:07 GMT
usync.js
eus.rubiconproject.com/ Frame A000 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b6173d6f54fba912266ad51fd3664d5729e638c7fbbfb4ffca36b2e06905855b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 20:46:19 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=21935
content-type
text/html; charset=UTF-8
content-length
9379
expires
Tue, 13 Sep 2022 03:43:07 GMT
usync.js
eus.rubiconproject.com/ Frame B610 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b6173d6f54fba912266ad51fd3664d5729e638c7fbbfb4ffca36b2e06905855b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 20:46:19 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=21935
content-type
text/html; charset=UTF-8
content-length
9379
expires
Tue, 13 Sep 2022 03:43:07 GMT
ecm3
s.amazon-adsystem.com/ Frame A2C3
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1663018652146
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5640700947
  • https://sync.1rx.io/usersync/tradedesk/a2c2f461-deb4-4461-8898-1773ade8bb97
  • https://sync.targeting.unrulymedia.com/csync/RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-aa4e4e25-838b-4a7b-b968-9280...
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
2X8X2D2R95HN034HS2VJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005
Date
Mon, 12 Sep 2022 21:37:32 GMT
Connection
keep-alive
Content-Type
text/html
ETag
RXaa4e4e25838b4a7bb968928038c26e99005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
ecm3
s.amazon-adsystem.com/ Frame A2C3
Redirect Chain
  • https://usync.vrtcal.com/i?ssp=1822&surl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvrtcal.com%26id%3D%24%24VRTCALUSER%24%24
  • https://s.amazon-adsystem.com/ecm3?ex=vrtcal.com&id=83505946c1600b64e9f989f38ad6b6ad
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vrtcal.com&id=83505946c1600b64e9f989f38ad6b6ad
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
JJB098KFNH8TTKZCE20D
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=vrtcal.com&id=83505946c1600b64e9f989f38ad6b6ad
date
Mon, 12 Sep 2022 21:37:32 GMT
server
Apache/2.4.7 (Ubuntu)
x-powered-by
PHP/5.5.9-1ubuntu4.26
content-length
1
content-type
text/html
ecm3
s.amazon-adsystem.com/ Frame A2C3
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=807ffc0a
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=807ffc0a
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
5Q3PSTTJ3FW95DAPMM83
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=807ffc0a
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
K6EbE7JXQaTgp4HFhqqDrOYahIupbQo-zLbhDTN4VTcvakycjMo1YA==
ecm3
s.amazon-adsystem.com/ Frame A2C3
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$UIDbrt53451663018651931712bd
  • https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=6740448256026770921brt53451663018651931712bd
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=6740448256026770921brt53451663018651931712bd
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
J1QM393GKK003H79ZDRS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d02a522e-ed89-4766-981e-e1c49956e192
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=6740448256026770921brt53451663018651931712bd
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame A2C3
Redirect Chain
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=1b01c2e2-c056-47f0-bd84-7b927b71d75d
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=1b01c2e2-c056-47f0-bd84-7b927b71d75d
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
52M3JKPZWHPCATWQE4Q2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
nginx/1.12.1
location
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=1b01c2e2-c056-47f0-bd84-7b927b71d75d
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
container.html
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4621 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:31 GMT
expires
Tue, 12 Sep 2023 21:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usersync
x.serverbid.com/ Frame 1F63 		35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=5573&dpui=c9f826e0-acf6-4775-aa49-cf3b784a5ad4
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
usersync
x.serverbid.com/ Frame 519E 		35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=5573&dpui=a59366b6-2f4a-4449-820e-429fba60379a
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
dcm
s.amazon-adsystem.com/ Frame 0CE2 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yx-mmwIcKW-2scZ9X_0pPgAACoIAAAAB
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
J7FKR72675VXJMMG78GT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 0CE2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx-mmwIcKW-2scZ9X_0pPgAACoIAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f0eaabcab4-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zObC8lbalxVbW5dwRdd%2BnBtv7PiNY3Xb4xOZAFrIo8kjpHeM9LhHK%2FhWubwr8CiVkgAFzrLCrx9yl8flmHwPC2LfCDz6%2BGd5AJooFQTaQDHrEchqe0hMeTu7i2iq7KoCIAsn%2FTyuv7IREQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0CE2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx.mm01KsayL.r.TyKhWBAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f2cfa3a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dytS8HYccB0mGpEq7ICYCugrxOVzQC305lunecb0OGmwvh5PGn3e2zowul4xCsfjgRjW8TaZ8fNAd0mM6vafPRfiW%2F3rqhm5BwgH728YNNGfpMBaYf8bSr8Xuvr5QTXmVO%2Fxsik0pzAcNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0CE2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f15c3ca1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfdlFQJp5qTGY74bnvRHAEzKBqcWH7QdOFdu%2Fc83H1IKc%2FXW7Mdm8p9V%2BilkJOi1AgULOqx7xCWJ0%2BCzTyrlL1i0qa3MoREsWbjN0dcmVp7AOuCNSyHdTTl8tUa8uFgzoGPAOejFUIkHyw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 0CE2
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678657052&external_user_id=db5134fa-0dc4-48c9-a4a9-d7b7f741ac8c
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678657052&external_user_id=db5134fa-0dc4-48c9-a4a9-d7b7f741ac8c
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f20defa1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYI3%2FCHoZKZS271UOoNScG0KXei%2FE18SjrENHh91loUCOW1OF243LXKy7yFWIUB%2BUpnCW6e2G%2Ftv04BgKzW2OQK755wDs8591NBxV%2BY7BBowJYy1C%2BjXnmakyXBpi3is84bNPLD3%2Bjt8Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 google
access-control-allow-origin
*.casalemedia.com
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678657052&external_user_id=db5134fa-0dc4-48c9-a4a9-d7b7f741ac8c
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 0CE2
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=06030002_631fa69b36e25&knw=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030002_631fa69b36e25
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030002_631fa69b36e25
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f2dfb7a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVxXVfmdTYzNzI5iGSWz1fMDaIOm1D%2FgyOKTqWjE%2B2m87cGgATcZXBsYE1tD%2F9YiQNQ8V1M9SS3KXdJP4LGCf5uMUM8fzTQQpCVwGlTKguMB7gYO1oy9We0ydMo%2B8%2F90S83qe8vjYSogkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 12 Sep 2022 21:37:32 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030002_631fa69b36e25
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame 0CE2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8514218752795873796&expiration=1664228252
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8514218752795873796&expiration=1664228252
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f14c25a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMJo4Uy32CEtlaS3%2F39x1DbGLqetp5R3F1zQhdKdl7ABHXCNl%2FyGOYDaeYlfbl1ZIzBSxsdv1dBUdkm45sO50H%2Bhr2lEdywhigOfB2Xn4ZqEqeJgV2tW%2FoB%2FFTPXiaenCBbVn%2FL%2BKfda1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8514218752795873796&expiration=1664228252
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 0CE2
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=dc4f1abb-3b25-417e-98e3-d4a200573e9f
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=dc4f1abb-3b25-417e-98e3-d4a200573e9f
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f20de3a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWGbyhpeYdUw2%2BpahOZV8wU3j6ioxMtKQaVcwM1dkWuQBeC5rbJJ1HmvDrIoLppFgYR22Qq8ej3T1hewWqWu9U02fQTc%2Fn%2Bl3MX%2FxXxlTsCkjQOsc9Tc1SNyTh6%2BXgOiw1TZnAU7v5gtpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=dc4f1abb-3b25-417e-98e3-d4a200573e9f
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 0CE2 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Yx-mmwIcKW-2scZ9X_0pPgAACoIAAAAB
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
NzyOku-pXx1jKxiAE9qWfn08f_onhokIJ8J_v-AYaG-2BT8wnTvLnQ==
crum
dsum-sec.casalemedia.com/ Frame 63F0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx.mm01KsayL.r.TyKhWBAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f29efea1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vx4HTsO11BCbGPsEzndmK%2FgULTs8UkFwOW7Hoy1odhHdESEcWtqgZ%2Bxnq%2B9Lw5YuOJlaeyNQqMlVhjQDoPcxIf0yFhEm68I6KR1bqCcsp7tUJ7cXE89LJodZmzn7d12Fa7oH9ahqbBFBaw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 63F0 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yx-mm7Y6g_DdWxfgsPgA2wAACoIAAAIB
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
4Y5Y41K85K2MFM8MG3ND
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 63F0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f16c80a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zOsqKNikwQWs03hgaEIBGzIF62WaynAxqoVGC9of3O8xxNY0USrgARarqNtealtGvReUEbcFRo4XHU7bGU6siJ1b4nNvWOvE%2FsZp1c9McmY4dcEuNxaXykAjjM2TxXcCt3ZBE%2FUKJrxFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 63F0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx-mm7Y6g_DdWxfgsPgA2wAACoIAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f17b1dcab4-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEa%2FP3Od9GphIirlt8dQjuve9%2BEIf6TSa6uJR%2F4Tr89mgcbUUxBJWWHGp24n2jESGdboARV542VWcZiyKpruw35n2Uuji7I79RMoTlsn3cyY4Sgdfh7Ru9FYov%2Fmdj%2FVHC3xM94u1mQiFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 63F0
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678657052&external_user_id=dc7f5226-9998-4e48-a07b-3aa188eb6034
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678657052&external_user_id=dc7f5226-9998-4e48-a07b-3aa188eb6034
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f20deca1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJjaYLM%2BHfShUUItdpFqYp6co%2B%2ByJbXL0Bi9ElGrvF2du%2Fv28Lfk%2FPGYWanR987L%2Fml%2FDwtcq7%2FKAlL6uSXQEfGW9T75OIBYQ4pRAewcpSmd8d6JpCnR6h9c5pJAZ%2FHxxH19YuvJOwcb5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 google
access-control-allow-origin
*.casalemedia.com
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678657052&external_user_id=dc7f5226-9998-4e48-a07b-3aa188eb6034
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame 63F0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=IEik9TknQUVu429l2S6RgZU4mbU
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=IEik9TknQUVu429l2S6RgZU4mbU
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f20df0a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xym3z%2BLxx4DHnp3CKbZ7rrwVXNF08OoCeSW8IhPvQIEaMzuk3PaT877wE6VRhyPXEM7DdKe9JNpcWStNcGhEJl7g36hJWmp%2FXvRsCNBfQS6cSurMkawDxYPGmBzdC%2BFhiVStwqfLh7Lx1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=IEik9TknQUVu429l2S6RgZU4mbU
Date
Mon, 12 Sep 2022 21:37:32 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
rum
r.casalemedia.com/ Frame 63F0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://tags.bluekai.com/site/17724?id=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&redir=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D06ea0601-d0c8-4906-a00e-3...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=
43 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f2ffdba1f0-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMuGbF%2B50uLy9UKYIZ7bESznpu6ybIrBKzuNAZWdABZ%2FBxa7cTWlhnnLURNfaqU9cfNLRMG6lvKwC2o9onG2gM2yBceecBvRKCPP7YP1wNFoFOYZLigq7%2BBYs9RHfKcoNiZp"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=
date
Mon, 12 Sep 2022 21:37:32 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
sync
usr.undertone.com/userPixel/ Frame 63F0 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Yx-mm7Y6g_DdWxfgsPgA2wAACoIAAAIB
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
BT84zyQtzlSFRk-L_aP2bcnY8jAbmS3gxCF8KPUM5QhPZfXaSPXwLQ==
usermatchredir
ssum-sec.casalemedia.com/ Frame 3074
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx-mm5QnmBUL-GN2KQ84mgAACp8AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f0eaafcab4-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwoQXQQbl%2B%2BH9lhAsbcEX3QiDhB8WBuKlfd97hwNWzdL7VTs9N5G8AuTIiZCG817GrmKUcPswbVL24IMo3XVsiI931oHk3s0KYoH4GwfgduCK61SmHcF1RoKqezBpZn3wpaI8LF%2FSJAVkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3074
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx.mm01KsayL.r.TyKhWBAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f29efba1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Oi%2FXRraNwiXZmdxRnmc6nS7%2B0D93B5QgkLILwHKKv8MCrVEA0WQnP7oNqcBVamrrXcSf3uEgQ1eq7zGbGk8YokXTanNJel3Wa1JVDsQhEy1ke390oyAc9s4L%2FAzany5%2FjqB0ujVRVX3SA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3074 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yx-mm5QnmBUL-GN2KQ84mgAACp8AAAIB
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
G93RCA8MVPT8Q6T6R8FV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3074 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 3074 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663018652.308691,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-yul12822-YUL
ibs:dpid=23728&dpuuid=Yx.mm5QnmBUL.GN2KQ84mgAA%262719
dpm.demdex.net/ Frame 3074 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yx.mm5QnmBUL.GN2KQ84mgAA%262719?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.92.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-92-193.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v036-095d88057.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ydDfihviT2s=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Yx-mm5QnmBUL-GN2KQ84mgAACp8AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3074 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yx-mm5QnmBUL-GN2KQ84mgAACp8AAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:9d9d:28ed:7091:e8f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 3074
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477409158715723
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477409158715723
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f1ad17a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4geDnHVPazvalJBClB%2FgkEg5qCk7tuknfQL67fGswsY6inZ1IzSru0ZGLTjAo0uphoPhOtqsQjXE27lSTZ3aHmvZVin44eJduOFUvOMnjKBqd%2FYRFl0%2BGlX5e3chJNfR%2BNQNaBhuiHsq%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477409158715723
Date
Mon, 12 Sep 2022 21:37:32 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
usr.undertone.com/userPixel/ Frame 3074 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Yx-mm5QnmBUL-GN2KQ84mgAACp8AAAIB
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
EJOeUwb51x4T1wfvM4j-xd7dJtAsadexVkWlisP0sOiFONqSTTywMw==
bulk
trc.taboola.com/tegna-krem/log/3/ 		0
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/tegna-krem/log/3/bulk?route=US%3AUS%3AV&lti=deflated&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220912-34-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
21
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 varnish
server
nginx
x-timer
S1663018652.151934,VS0,VE21
x-served-by
cache-yul12831-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.krem.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
view
securepubads.g.doubleclick.net/pcs/ Frame 01E2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRAeg88AhfYE8Olsh4VGkaxgvu95wm9aZEcqmT8nmMvX9agWnUSUYUTe5qMWt0aA23wbmSCLjqNqVby8x7WUBga_ieZdvZvdLeOKThy6p9unoYOew5GC_hjGqYeXGc_Tms2dvPDYKn6RydmyrBDkLUhbcX0EYbGSMtoWEdY0Mrc14PN0NlDKLtxoeLnnpLmTfrM_YmWTPIq9dT65XBAo7HMBTX-_uqqygRIld-GQYDcCa322b4PGRpaucB0_B34qTc-lZdDBCx-gTS0ReXqCuHbKUeBNqd25lrjJvbV9A3s6zBugo0N3IFEtBurrrGEXj79YBrxpq5g2r02B1UYGizCpWufPEKbgI7xybT58FwkmaUQ1g-m9xi5A&sai=AMfl-YRDcJAEiG-CjLsqAGsDqOLi0gZRieXdYGQQoUZ2siIqZV0mmt3LrHl-BaxKj6UwAsLzW43lx62G6Pk1EKkIWNPhPG-XHecd4CvuReiVY4pOMXCCiCuOxUqZiFBcfkI&sig=Cg0ArKJSzFv5ckvCBmuDEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 12 Sep 2022 21:37:32 GMT
truncated
/ Frame 01E2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9da7832c2738bfbc3672bb0014466ee5052534168b86813099615da3b99669f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
amzns2s
rtb.gumgum.com/usync/ Frame 4DF1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.73.10 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-73-10.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0ff1cf96f2ba3eadbc1478a2b03735a2c4fc8a38ebd269a541faf5d8e62f67b2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 12 Sep 2022 21:37:32 GMT
etag
W/"08b9f658da23feddc968c30a6614bd384"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 8370 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0eb0034e8cef840d1ddeeea153048d4349ba9aa96e2ef0ff58a208bea25d131

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
749bc8f019fecab4-YYZ
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 21:37:32 GMT
dropped-udsids
46|73|88|206|18|90|130|241
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdXZb1%2BbQXhJbQkQ%2Fql7LadlkgCF21M9fEm0dkO7TPuYf0EKRNo4m%2B2ySqAoafGKp0Tez32Rq4hFj%2BDmIzuHb%2FwFfEF8K4%2BQES5WC9GDrZ3og8vmOzBfw%2FkCtUipw8SS9pJ%2FyZAnZGRCNg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 56C8 		722 B
793 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
890c008628d90e90a391dd1d2bd5285054a282e9f129e809981fef50457d7d5d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
459
content-type
text/html
date
Mon, 12 Sep 2022 21:37:32 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
TAM
sync.inmobi.com/ Frame 18C2 		0
0
/
match.sharethrough.com/jwumXNuB/v1/ Frame 75A2 		427 B
611 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.85.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-85-55.compute-1.amazonaws.com
Software
/
Resource Hash
de1904d0b1a95eee9cce55754de8b550794ed214db5cb73ad7706e9c0608a586

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Mon, 12 Sep 2022 21:37:32 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D7C8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.205 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-205.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40304
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 21:37:32 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Sep 2022 08:49:16 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 3809 		1 KB
850 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.205.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-205-140.compute-1.amazonaws.com
Software
/
Resource Hash
16287c07f35268fb897e577030d1eb97359b16253d67fcc74fe8f9fa393a683e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Mon, 12 Sep 2022 21:37:32 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 88CA 		281 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 21:37:32 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 0996
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
828 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
94a7b143129419a6475367f2a8075f820ecef495185bb7cb04426988ee88ab6f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
828
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-dd6bdcf45-4zcrl
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-dd6bdcf45-4zcrl
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame CB74
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1UbGUyM2VSRTJ1S3JEQm1BNUwzemplMzFxaHNueGVHZH5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1UbGUyM2VSRTJ1S3JEQm1BNUwzemplMzFxaHNueGVHZH5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 12 Sep 2022 21:37:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CF6PE5PMFDXGFYB0P295

Redirect headers

age
0
content-length
0
date
Mon, 12 Sep 2022 21:37:32 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1UbGUyM2VSRTJ1S3JEQm1BNUwzemplMzFxaHNueGVHZH5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame DDF2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=6740448256026770921&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=6740448256026770921&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 12 Sep 2022 21:37:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
ZT97097NEYNETPB8XQTV

Redirect headers

AN-X-Request-Uuid
04d655ae-d72e-4649-8aaf-62f9f8b5dae4
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 12 Sep 2022 21:37:32 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=6740448256026770921&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
amazon
ap.lijit.com/beacon/ Frame 3F72 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
6f0d170aa7a11e8408d864020ae0b0f0a15d7520ec28e0cabefb8b459b267054

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
1417
Content-Type
text/html
Date
Mon, 12 Sep 2022 21:37:32 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ewr1
ecm3
s.amazon-adsystem.com/ Frame 42E4
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3925327059705463040423
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3925327059705463040423
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-vrtcal_ox-db5_n-inmobi_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-emx_ppt_n-vmg_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 12 Sep 2022 21:37:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
K56VKG1JHG2P485F1DK2

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 12 Sep 2022 21:37:32 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3925327059705463040423
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
dcm
s.amazon-adsystem.com/ Frame 758C 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
K3YFCYM5E5H745BR5VKW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 758C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
43 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f11bd3a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmeY0ukQ5SoxW3Rr6m4vuVpHlDzZgTDTImWxMAYlytK4vOB7gKArK9hOwL2yx5%2B2iKQo5YHNjaaVKiQMZLx1gaPyjK5JL4zRpzqMsiwz%2Flur2pDLRUOf90rUnviuQxT%2B2HEER%2Bl0vWevfA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 758C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx.mm01KsayL.r.TyKhWBAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
43 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f39923a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Q4br5bspTiRE80F3rnI2JAMn3cg2p0bD8qtT932jOh1HA4jVv8r6iQ0a27naXorrdupsUXvNPPIiVGUsunCQT1VDjQlbsCUy55lf94hBn5UKxJXw8Z8n8PQSCEvLSNLRjBHHJ%2BlbgSbxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 758C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f21bb2cab4-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfsQvVDcQ9chVoqlv9wC%2BsIjcrX2q1TOAe5Vjh990afdCeYljOw2i2hzJz0tiBAimUFc6krCnUwhclw1U8uGeKgXCnOQq1DD%2B8pXur%2Bh9hFj8cGM96w4CCZqM%2FGKMj%2BfzfsdOiFDcAhSjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 758C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3374631f-a69c-4f00-8548-033a1286fef8
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3374631f-a69c-4f00-8548-033a1286fef8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f20df3a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGp2J7B9B79gGxgWpQM%2BErposYItvGJtglhsJ3MJS%2BCzINw%2FOMIVV0dZYbbXNrIOXnK9oIUpuRc6ZDlwk%2Bc0wJRHyMMHkBgntjBecLkcM6CgAe1ML588Gcmw64HAzUUewIWAYGdktLMURQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 12 Sep 2022 21:37:32 GMT
Server
MT3 4505 5b23575 master iad-pixel-x24 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3374631f-a69c-4f00-8548-033a1286fef8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Sep 2022 21:37:31 GMT
rum
dsum.casalemedia.com/ Frame 758C
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=6086858fffe80fce&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHJavbwZXOdwNcSdxJAAAAAAA&expiration=1663105052&is_secure=true
43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHJavbwZXOdwNcSdxJAAAAAAA&expiration=1663105052&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f3e90af999-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yl6ss1w5jkL4AxMIMrL0pMBFvgcWdEx9EuPz%2Beqv0HXCqupLVIHGcSwmOrT0a3z8K289q5LYRGP%2F81sqW%2BbKRwJpnnqasDZEQb4bTCUGtzoJrepkuVMxqGTa%2FILfBkz4cV1S9W8%2F"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHJavbwZXOdwNcSdxJAAAAAAA&expiration=1663105052&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 758C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=ZTQbFeJQMV3vJfNj1D20&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2WSUKFREM...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=ZTQbFeJQMV3vJfNj1D20
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=ZTQbFeJQMV3vJfNj1D20
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f3d96ca1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8rVP%2FlmmCdDtBARJ6I6NC5px%2F51pEy8VSjgQ5bFoadbmzIuUYf2ErucJrGHDFuypacrpIUTrnFH4Ky3S%2FQV1c340fxu5enmvxg27ccyYa2mJJPzcbuKg2NBhI34hLGERiV35mDf%2BOz%2F2w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
P3p
CP="We do not support P3P header."
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=ZTQbFeJQMV3vJfNj1D20
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
113
match.deepintent.com/usersync/ Frame 758C 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:31 GMT
server
c
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
htw-pixel.gif
cdn.indexww.com/ht/ Frame 758C 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yx.mm01KsayL.r.TyKhWBAAA%262923
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f12988ece6-YUL
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
72
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Tue, 13 Sep 2022 01:37:32 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame E5E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
43 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f13ae9cab4-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QB9KhSm4zTADWWvSE3sc55vBLfXtRlLfplyACPjTijg6ynOQaM2r2546eTXryQeptR1gvdPA9fL3XoyMXiW6PppB3ci2yZitaZn8GaDqymRtSpd21Rq%2Bwgslt7%2FqQ71h2Fib5FUpkuHH2w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E5E6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx.mm01KsayL.r.TyKhWBAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f2bf76a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXVH%2FvvTT7D7rTVCE2UZz7QRYgvD9XBG1SmW3q%2BBXR0bQpSkZOMyEYOZy9ZazsRVw6AnNB0rx%2BE6vp%2FCXBLzN2oziHXW8kCWhjv6REkdz3fguk%2BqoPIZHopRPGHesZ6cntLYtJK9bb%2Fm5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E5E6 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
WJR6M1XAR12T82NRRP4R
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E5E6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f20deaa1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FS1%2FNwmb%2FwwRNeedR2H2V1RPHt%2FYQ8rjbeB7u4JFMMAnnVuzk0ToApPXHk3lkyYN175xdQtqSbyMDfAXPjWFlSDk3AfItJEOMTyoJmq671Azg%2Fq5Wvg9OHv%2F6TZWgPX94zJnUksixLfqlg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame E5E6
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=408e7c48-5966-4399-8914-c3c6a6b65ea9
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=408e7c48-5966-4399-8914-c3c6a6b65ea9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f2cf9aa1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWM6Sh86Wobvhf3V%2B88JF2IfZ6QTGqskygYY8BF97ClOFZAGy9pQy4beSfw4oYscrrYm5Pk7u3OY2BH1UyiX%2B4eCWekRZXXgYc%2F0zPI4A%2BNtFLgTGO%2FS%2BUTnU4FNB6V7n%2BWBSz8elV2NNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=408e7c48-5966-4399-8914-c3c6a6b65ea9
date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
rum
dsum.casalemedia.com/ Frame E5E6
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=6f72999ddebd105c&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAFz-Z30_6fXgN9wDYSAAAAAAA&expiration=1663105052&is_secure=true
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAFz-Z30_6fXgN9wDYSAAAAAAA&expiration=1663105052&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f3e90df999-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FtaN%2FjK4a4vXzIMlIcp%2Fl5POACnc0LKoJoQ0uL6SDCJ1TXx1YcIM7BYTYXmYVgEF2HH9z66PZg4lIaxEGFtiyVadN3%2FmbRdSTrInTc%2F5uDUvp6PmEa3dQUJhiCNeNE7iLQ%2F4TXm"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAFz-Z30_6fXgN9wDYSAAAAAAA&expiration=1663105052&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame E5E6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8514218752795873796&expiration=1664228252
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8514218752795873796&expiration=1664228252
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f1dd60a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5uCPUGmKwK70Dddc3LrZrz7rMvrudjI5%2FrB0a5ZCEeGL4uFAIqfjwxSb%2BKi1iU3qILMnz1C0BveoBUPN6pheGLnWa%2Fuc3vYBJ0QNifXkIINkw5%2B%2FXcOLxxiIHeRq8xO6r3aYe8qnz9RssQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8514218752795873796&expiration=1664228252
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame E5E6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2435504376283644868
43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2435504376283644868
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f39921a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bg8bVI1Wr9tMGDLQEGltOcJnOffdtKOOWBm7ktdrj72ZnAs4qy4RD9ckgVkXgx14c%2FqnLp0jjgcDSbOwaUa9ON%2F8L7cPH8DyilzoO2trOg5fHB8wbjjCHlojpClSucs4QkOsL3PKyZUaVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2435504376283644868
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
htw-pixel.gif
cdn.indexww.com/ht/ Frame E5E6 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yx.mm01KsayL.r.TyKhWBAAA%262923
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f1298aece6-YUL
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
72
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Tue, 13 Sep 2022 01:37:32 GMT
crum
dsum-sec.casalemedia.com/ Frame 08BE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx.mm01KsayL.r.TyKhWBAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f2bf7ba1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5AyisUMYaZQQx1N%2FGnYhKkpJO1RantFpkkUZsTwi9MTHmyM%2FIb9zZCwJJu2jUEF%2BSeiRUJgBARMO3nYoJOWXOByszvMrA707zcfDbKavSIzZBydpXtAPvU%2FFeXUqSeOvfWCfAaStI98OnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 08BE 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
55HASDFNH5KHCFY97V5V
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 08BE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f20ddea1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KSIABjFHs2W4ueF02VeiqseJCXLlFSjbCLmr9O293f5W7gh%2BFtSMeV7lytQibYaRBUZqwChnZCU1qC0ZpisTHAdueYsxQamWoRJlRte5EGZTbCEv%2BC5dwaXglzxr3r0y9MZEptVv2a%2FMw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&expiration=1665610652&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 08BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f21bb1cab4-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtf8CXgRF6k5VkCWvE6sT6ELNmFex6iiau%2BBAtWw5w2BFuqCkKycsYCnv8t0fJb3oK8qznXWo6vnAISkwpyrunYFlf%2BzrAhRPwaJWwoMxSwSrhe42edn7ketm5gQUxf0ki920EmBcrpdBw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEATcICeN8uf2WuGTMxqAP6Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 08BE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=gysV-tQuHf-YLUWp1ysJ_4IqHK-Ye0GshC2rOb5R
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=gysV-tQuHf-YLUWp1ysJ_4IqHK-Ye0GshC2rOb5R
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f28edca1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXcWHyOfTrPwUpq%2By%2B6Xn%2BesbF6DMamMCT7LVeQ0UuoTrwd%2BSD0UshcbuSiclajCmj3HnDBLyUMyYsMhEYNg3XNdw3iqF74LGeUmKkFPtL2OW5P90LYrHmfL1rfORYPl9kdM6WKbADHkQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=gysV-tQuHf-YLUWp1ysJ_4IqHK-Ye0GshC2rOb5R
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 08BE
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477409158715723
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477409158715723
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f20df6a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9xOD0BhV7jgW%2BTtbbG1Ctni3QlR43pBMmI3SCApiyj5kaHebCIMWEtZcNT6KwLScY%2BeogLRLSFYaFSPllUIdQffRAb5xJ96ay%2BTgyFFzLYg%2BxZzM0Ov3c23k%2BbPRzsb3aXy0oeNK6rqsg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477409158715723
Date
Mon, 12 Sep 2022 21:37:32 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 08BE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=ZTQbFeJQMV3vJfNj1D20&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2WSUKFREM...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=ZTQbFeJQMV3vJfNj1D20
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=ZTQbFeJQMV3vJfNj1D20
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f3a932a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KssQgEsvjaTtvUOqFT83rsejf6u6ox0%2FcZZmKwpGK4WFh%2B6QIljdiSTWz96ZfrhauJ%2FwD9CuVgLSt8V4cMmRUloCvY0hnrjRG1mpsuTZmOPxxTWWSW6f3OG7T5tWlv%2Bj8%2B5SRy21cjiwTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
P3p
CP="We do not support P3P header."
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=ZTQbFeJQMV3vJfNj1D20
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 08BE
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=692474668868
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=692474668868
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f29f03a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNvDrEf%2BFwKqHzWHDrDegpVuFNIwRC1Dm3ti5Hk7L90iihWGG3b87W8aMp7%2Fe2eQlyCn%2FFPLDGNNvoWRL0%2F0Lz7JPIIeMmA7cvLJmwDOdS3g4XNcnavV%2BcaeX3v%2FkNeTHZ%2FtheLQJx0Qsg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=692474668868
htw-pixel.gif
cdn.indexww.com/ht/ Frame 08BE 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yx.mm01KsayL.r.TyKhWBAAA%262923
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1YNY&d=https%3A%2F%2Fwww.krem.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f1298bece6-YUL
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
72
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Tue, 13 Sep 2022 01:37:32 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 93A6
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.196.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-196-70.compute-1.amazonaws.com
Software
/
Resource Hash
c0150803dae9e3513a0c84b071f79f64c51e265a02aaf35b043c91d6897dc84d

Request headers

Referer
https://r.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Mon, 12 Sep 2022 21:37:32 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 12 Sep 2022 21:37:32 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Mon, 12 Sep 2022 21:37:32 GMT
location
/um/cs&eq_cc=1
view
securepubads.g.doubleclick.net/pcs/ Frame 973D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW00J2o4Wr6Wfl6VB2SUChtmqDS26H9CwhH8hy2FfLAJKTK59YODKq5M8hAuOZiEkUZpMqsJCmdOBMwcn9S5xJfejcvJn0IrtxqIRyMFDRXyYb4u7Wbr9BzMDYU-tXp85pQk7_dEKeaFsi2Z0mTtcdRaTFgu6VTKXCzjow65qORCiAjYneF6BAUu-GL3f5hsUE0q3dt6fVs0FPkRYbpwTbgMvXh64q_OKQoVu1b2cm3E-MooOlp0oOsbPLce4oTJyIM8PVi1ltGtxNKFXYQKdNotV8t8rhbCb4BPAFgaeOe5XadS-mjAwkr9s8_JcY2ryyDP8XJoBpaK1Oqv8XEkSmFzLhKmmEp7Z6722LZzzpiDcIWVZRN92dwWYnroG1&sai=AMfl-YTr4bX63uEMCbcIVpdE8qIKMuSgVXLC_04Y2Wem3EquU4kAQ5EpQ7IBrgIbmhwuJ7PrzBz5jZE81C83_rr-TR16W3ybXrRwWZVOaZvXEFIWzAr4vA8r2hyrrZcwlIo&sig=Cg0ArKJSzHyhG94v_pfMEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 12 Sep 2022 21:37:32 GMT
truncated
/ Frame 973D 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b97e1267275a452b65330a27318dae07a01fc37e1cee6f978ca33ec4206a3f6b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame E7CB 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800
Requested by
Host: yummy.consumable.com
URL: https://yummy.consumable.com/9770/cnsmbl-video-970x250/widget/unit.js?cb=1663018650805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d6ae6faf0336d8aeb746e551e9a2cc1d33fcfa2e3eab3a8eadbe2a63849e6591
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 20:40:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 21:37:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 21:37:32 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E7CB 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: yummy.consumable.com
URL: https://yummy.consumable.com/9770/cnsmbl-video-970x250/widget/unit.js?cb=1663018650805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
378e1c7c4538c733361b1696b59c0d0d8e75d63bb623ec4ea194b71c1a3e2854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28714
x-xss-protection
0
server
sffe
etag
"1332 / 574 of 1000 / last-modified: 1662980886"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 12 Sep 2022 21:37:33 GMT
cool-by-consumable-2.svg
yummy.consumable.com/9770/cnsmbl-video-970x250/img/ Frame E7CB 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yummy.consumable.com/9770/cnsmbl-video-970x250/img/cool-by-consumable-2.svg
Requested by
Host: yummy.consumable.com
URL: https://yummy.consumable.com/9770/cnsmbl-video-970x250/widget/unit.js?cb=1663018650805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-128.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6aa3fcf04d6a362c2a082cd482606251de0e0129861145fca91cbdd3121af86

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
content-encoding
gzip
last-modified
Tue, 06 Sep 2022 14:28:28 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
W/"f7152d7a85b77d8f0ddc9786ef9cc0b3"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-amz-cf-id
Y7PRCOZXY_-X3PFbhX9BwBn_yM-gJjKuHsiaQ4IwQT8ukyKwGAWu0g==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8C54 		624 B
504 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Y0Na3wAEwAQ&v=APEucNUyTR6M9tlUJED5JHzYhcZLN-IiXJxO9JjtLse-QL5R5GZLh4YR0BGGw0OrrfuLp_sDevfkSmoxareMetW0XOx7X4JV4w
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 19AD 		82 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BS3X4cb9cyEJqhmwToO77DeVAnHNzWGtholGploxFKHTmqgf3SslxtIskW_XQmKYzguWqFzpT6ijdpFKthAOLcbhH28w&cry=1&dbm_d=AKAmf-A5dpLcPBNxg8pHQ83WagGB7y4MZ0d_hsFHyme7_pFCrYGVAiEpc8XpKJPkTVu2hyTBBO1buiZaM4IUEb2yOizHZsTxHZDSgT1WPs430ReE5Tjjv2YwHJVlsqyYYCa6-dJAObxUGFejoYK2BfNDZetaUHGxXb8I9VGu8OZUJQ-Jux_8xmYK7zeLkz6j-zQ3e6XrMww9bQN8I6lT6wEVDAhOcgCC2ePksEeDUJjSiJiWQqphcFBjIr_J-oua0zbCXvscLZDhYgInlJ1CrZcNdcO1XhU0yxWhmrhVnS2IhgWuiq0xVHhmUGq03lEOjTzJWQOdVDSE-7lcyY1uhLe3JvfdVKqh-NwyKPmz6n_BgFtAamA-omEkq5XiU-N5vHTtm3zRbNYgrLcsD4DMFK4OynpShwuhCVIlZE7zB96QjS9i0b1ag6-Kx3vIVSAkNMHt97CdZ8ojw_cGjKm6onrsVMdXLOZNEIE_HWVV4ugI0vRziZtP6DzSxahloDuBjzoq2sTOzTR4Bd7Wlku0Li9ofwteS328dFBioKef4ryaxOkHU3yWutzJwnh8InMhdK2srZqYUpMeIWmmvg9kQMfWBkx24q_3ELge3CnoBp-BoVa1Nb_hbLa9PTXQkyTYABYgvNPiJvm9Njc3hGaa-c4K7tHxnXvdtprsQQ9VbZeIfv623uoh_fgOeRCL-ttAfH7FM-GLS3vYUm4CX5zgs9lleksIvV3BUh_irJBMvayHjThx8Rms_cAVO8jrO6_9JJ3_hb7My3w0TxW1mB4frs9_6MRC3WCLg2noY8E-X5n5U9byVVh1Jf1cD14BCrn7DoxSgdzClehccDKD0oZMgOKa-PBnZYrOndU9Vn2-YDmNRkADuRuag5FNfo1H_WvMwoXSKwtnzkzzoZXf4ZxeN4BultIPmiaXQoU4tn8kYwAu9fvgbni1Z_SYBkTzv-IRWNg5DG8Eu_RN5StjXczwCORGmg6U_3k-b5lqjrq0tkW-tLXmPicT3lrc4VT5rA42MFKWhRdOmp1xBp2ehKDOsCjHnIzi2jo6Tyt1baWvmdyJYMIzQt_QGqTmFIC3y9DSl_udfavECLyicoz-SrIX5BZjuepxEq2ShAAk8KKs2AQntFHK6JS5YzFSYOcGtutVOlPo-JCc9paJFsXEwYVyiRUpgYxRpQrGeyUaZ7dwARR92yUmDlqSqqiKjf9-x2qTNw9rOlSgYbqAwt900dKQAuWZRuV5iX1RjDsQThEw-NHaHY4AC6bVUGA9bMcv4sneL9Ld9ikgSCEwy9CGcsuDY6hqGUXu2VfUaNaMe7OBnfsCtfuRhQjripLkDGwLgz0sSZ9UHDgK7wpoPJQ9oxg3nitW08vqtoMnbTwwjbLEKdP9N8rDcTreodZeigq4CWngd2qvL5pwRB0jQ8niwT42L1OyRnXQWfN3ra_pfhQyQ90OqeNvM_j3UL4HFI6CBhn0ATYFTJaCMrz9ANUWFSSRTdV25cu-ufKwcxAnLwDbjTl5Z_yeqrPpxz19OHE80_wwXPfhDPvzV2uQnHwo3Fi9KejT7wP57JDB1_DPl5ribq3jokIFzn99U7vk42eSKuPc7KlydkfFY64PfYbvLobchBooyJxxsWCzZAKu1U31DzjcD_iKM5C40mesgUhQjfaJa1JAYR0okgcC6cZa_5dgVDvXz-lxHiuYEjqSx8-VMmxoYBDgkoOIIjKXijTws6YNoXD94aFV1SR0L9DrLZVXUh5_4vKuRNNOOrIsAM0TUjDvgl3DR26OWLWo8jQBxYA_ziiOmCKWwnGMQ4js-v1tErEv-hrPfvi3hwOCT9ai7ncffdMlk_tzepp17AY8lagZKh86EB-G-aCOfTcakTgjtK4DMcTL9SR3CWFg3-DZFDUrUAE4t-0Ozlmd_CwRdxzo411oX8HynetZ7o9LWj6CgILw5zKnn5QQtm746wJs_dRFHuTp-d2qv4sCaKgAnKVk2hxQx2rg3QQ1ciaqeKXlw3MJNevMOblsS6geg3gktolfy2IAdr6t8_p8X3Fqj_-duauTZ__n90R1ug65ZEzO1wNHKK-5k2Y5KAFrhdOsomjitq3v6JSpLuw9HcY1lKWnIN1_JE7B9O4rdyLrHqrmh06fGGLEMABsQ4Rj6_XEVLuqEddEoYKIea1XQzOjJ5o9M3wVeaD91f40mDAn0SfwiWnS9Q2b17O5vQoZpaBeH7zApXSMg2R6BtfpJ63l8JpSivy45EDnrZO1wXx119kOmekbbKC-MBi6rj-x_9kMroKDnSM1oXE4IdKa60PKjUruWSU_s7lzN1XSZdjy1a-mzAlYTfp5z88Rf76stsREZczdiAp0lJGXd6Lrj5fhirWg_XBnU5dXAeo3o1lhXVLLWpUiY1Sr_63dwJaod4tqyi_J3oAALpmydO6RJufCZQV2LiIpUYGMjERZI59yVxYkO3D_jyVc4P66w2iKV5q2y6B97PPnxHhgOGDv4nULQKOuq5_M5-7lmlQPIquxMxti8LU0fW5CgA_2yAX1bDGAWaHrd3S4PY0iuh-LRKn78-MANGtN--M7Fpgf3_deUPjI3NyV9e2GXHitZliR-pLAeZWjKbLEIUNSYB6tKiTOp_yYRoZ3lfbaS7tfbiPUm8BBGKtn2xnQwXp6xwVD5WzQrvJrvRdLmrJKllOg7DH4P6-ADwXSOmueeGlRgNhpgeOl9AWmx-O2kueJxXQut1N4nYIwIAdNLCYcDlhrwgRclyZdI1g6sgzSRilNG0_uHFu_y4gO1P3DwbvuxcRH1bkQro4D1zTeGC4ydblFVqrENtA6WLdfdg1l0EWFUXB87188jsvDXHJndXoS05x7gl09GL2bwSw1Xx_y2LIV2Uka8gR0KfEuZKKylYmsrSwA6giIA4Oh44C63KmkoGF5fqO1Ruj7JjlA2u7whzXxeNZ8ARK9O8QlQgVYYEnBfxGk81o57GuCqIYxwPsM9HWqupMaiczhDggb9fzz-F9CBioZZrQNonuZC6D9Epwc8noQDQ0KTMmM7znATDv9wgORedQTtg6wYpKCOKDDg7xG3e9zyCGvrz8EeUVFH01_X6QjBpU7Potl40_afK-qGDZgPxtV4GElT26lqakTXPHWpV2gsj3mkTk_WAoWMskwSkFFmEFYd9CbB0VY_OWw_f2MhFDF9B3dq_WxkGAYuTc&cid=CAASJeRoMIpClX8aiejnfBiSCL_vJWaS4PAdURHtQno8OfIIDcZEFB0&rfl=1%2Chttps%253A%252F%252Fwww.krem.com%252F%240
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de84a77891a31a88fb07bc753ac2a3900f1928f4d4bc449a7564ba8a41927d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34532
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 19AD 		42 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C9ofzhi87xjurKa0QuM6Q4DeG8haFXAvFknwlE1QZ-w8lz6_3-AcvG7WvUoc5RZSLA14-bTtP95FqnZBunkhWBrDclgtgjIr2F3Mgzx0RGdviMyDg
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 19AD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:36:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:36:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 19AD 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44876
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662981969255015"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 21:37:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 19AD 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:32:28 GMT
l
www.google.com/ads/measurement/ Frame 19AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsrqboFPhafxH0kAbKexmx9jkiueuzeJfcdGHT3bsPhKSTPllOrbwy_HdWJvt6VXtGDwZkjtT7bkkJyg67fDBnNKWetg
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
sid
mug.criteo.com/ Frame F095
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=krem.com&sn=ChromeSyncframe&so=0&topUrl=www.krem.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Zwc4jHxBaTNaVGJTbHZkV3Q4WlNvalhzZkNsYzIxVXNCcG1wNTRUYkd1aStyZzlDOHpaV1pzQU1UTjZOOFQ2VWpub0NtLzJFaWxFdXk4emNQWGRRUllDTkpLS3luTms4cnFWY01zV2JRZXNoS3gwbnRJSXZnVERMVStpcz...
439 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Zwc4jHxBaTNaVGJTbHZkV3Q4WlNvalhzZkNsYzIxVXNCcG1wNTRUYkd1aStyZzlDOHpaV1pzQU1UTjZOOFQ2VWpub0NtLzJFaWxFdXk4emNQWGRRUllDTkpLS3luTms4cnFWY01zV2JRZXNoS3gwbnRJSXZnVERMVStpczZmMkhQWTdWbjZ5UytGZXpmRkh1YTNuL0RUZCt6dnBObDZOeTB5MGNPWmZ2TkNqWWNGcHdNSnF2djhDK3Y2Yll5akFSSG9KaVY3a1E5UHZKazlhYUJVLy9DdmNURDA0U09oZWRPdUJGaXpsWmhzTFJEQVczZTE5OFBjNkZqdTBCYTNKRTNzdXovSi9yaXJwYUgxeUw0aVZTQUlmNU5xQT09fA&cppv=2
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0b25d2365d56e3ef3366a047d66648ffd645ddd91b3cd78d7d15ec2187b6edf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:31 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1125019
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=Zwc4jHxBaTNaVGJTbHZkV3Q4WlNvalhzZkNsYzIxVXNCcG1wNTRUYkd1aStyZzlDOHpaV1pzQU1UTjZOOFQ2VWpub0NtLzJFaWxFdXk4emNQWGRRUllDTkpLS3luTms4cnFWY01zV2JRZXNoS3gwbnRJSXZnVERMVStpczZmMkhQWTdWbjZ5UytGZXpmRkh1YTNuL0RUZCt6dnBObDZOeTB5MGNPWmZ2TkNqWWNGcHdNSnF2djhDK3Y2Yll5akFSSG9KaVY3a1E5UHZKazlhYUJVLy9DdmNURDA0U09oZWRPdUJGaXpsWmhzTFJEQVczZTE5OFBjNkZqdTBCYTNKRTNzdXovSi9yaXJwYUgxeUw0aVZTQUlmNU5xQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
378292
content-length
0
expires
0
usync.js
eus.rubiconproject.com/ Frame 88CA 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b6173d6f54fba912266ad51fd3664d5729e638c7fbbfb4ffca36b2e06905855b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 20:46:19 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=21935
content-type
text/html; charset=UTF-8
content-length
9379
expires
Tue, 13 Sep 2022 03:43:07 GMT
ecm3
s.amazon-adsystem.com/ Frame 75A2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=fe56eba7-8652-4c50-9f65-7637d633134a
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
X0G0QEHTEWJWNF53H9SP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 75A2
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L7ZAD86L-U-LLYM
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L7ZAD86L-U-LLYM
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.201.85.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-85-55.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L7ZAD86L-U-LLYM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Expires
0
/
match.sharethrough.com/jwumXNuB_CMA/v1/ Frame 75A2 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.85.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-85-55.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

location
date
Mon, 12 Sep 2022 21:37:32 GMT
content-length
0
v1
match.sharethrough.com/sync/ Frame 75A2
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.201.85.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-85-55.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=a2c2f461-deb4-4461-8898-1773ade8bb97&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 75A2
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L7ZAD86L-U-LLYM
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L7ZAD86L-U-LLYM
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.201.85.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-85-55.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L7ZAD86L-U-LLYM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
Expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4C8E 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfHIxD_1ewBGIizmdABMAE&v=APEucNW1Ln_WNkBMFz-TbnK1izL9JQbkgSlOd2Xyz6lIrkmlvYQCrwnm-y3F6Jdh-YvtOkJBUrTlry1OkCD-u_34vOxHDd3cog
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 4621 		69 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOHKcilpbWwMAs2-k1YWtCCejYaXm93SLDB2Jqf4_FkgasotPHzt5pmX7Yp_ZVS1GhYaEWxWfuGi1eMtMGxBnG8CgWYQ&cry=1&dbm_d=AKAmf-DbuwgM2rSkwCBtd1jiQc9lhD0CECPv-gQSl-QGa6eG2dpo1wJg1Y5VmG7BarduffiS0D78Zl9kC-Hnwec8IjOjhbDOTfK-Ka10YBFkbCSuDc7qKBpgiUS369o7O85Fo70Np1A6fgCHPudS5TEuZE3zX4l00VVGG4b42KU4caORvnQVknoyHmhBqAOMlbBoYYqsP5pd9OTxebi9zPchBn97lNYsVNTjRUALUVe0DJACF_wO5NlTUPO_cP9TXsWJz5LK6OOfEBqb9UMI7hzlApZHBSZ7hNqKpNT6c_EhT1MKJ8ebj-a_XpsYo_FuXBi-PHcRJK3zYCfquVTnV9tJ-5vtMsLaUUjZqbSyp_NZeMvRSVg3NXaEZzZnZdPZFPPy2VmB2JQPkcNYjKsv0xurmG1vp18sp2YTjFuWXzn_9blfg8YfKPU-rstatcZ-dytRRiJVpDgxUNmISWShyk3bHyUol1ui-L9Jtih29WIXZtG93ht6RQ1dEaM4-3upd5R9h4appncyL3XEXxZH1CqxjvfnMzHdHRiggsqK3gNcOVTroPJfioDUe7J-ITzX_onsGpi49q3keEmR0VIsAcA_D_EK7uyrK0GZMCDkrnwAjF5t1LwcklwbE-Yaaei4Jx8f00F8oroZVYYWgAXv7p_ntgJVuHp0ZZNYSsScywnLfxRZtKY_aUKEXaHSZd_QsaW26P-A-Tqnl2uMP4jnZYu9Ud78q-PWf91mDJbulOjIR92tcSv8gUUcwvGn6-ierO5e7NU3b84qSOTfdy_HyKAuCb7IY-bTraVMsTNjgGG7fHxCpgjIr8Sxz9gzX3Y9Frsq7vLIri6IcExR22V6lpmDyDLu9xdITLtmVdgKLUICB98PyYMF1411XwtZXE_e0UnOWj8nCgvlA3nxGm4-40RpzkP3rz96M37gYmxiKv-AFfKeTDLh0h0dbkApuBL0_ZfumuunP-vW9Y0E2r11MDRzujybtx7xIGBrDcU0h34Y9dmrYewiV5cWOEoQY67CwijkTiJDhI-N0Z0HozDhiq5XiUKyZFnypnSfCbfkC6Kk1jCPTUGS-bZMvBxTInZj1cBT2GJ8sqa1_Wg3CNKiNDYsrNtpKzG6yXAY3mdq4UbaI3CMO2nVP71fWG1a0hgqPhOWwcL7-mM2e2MlQa1Cr__3wxZMuRKxF5cdLt2WwkBd2KWgqPbf6HQT43ooqQBlY5pktZHyWeZsHAOEBNfTH_ffqPO7XRBOCfZtPz6ZAlploTJXisuvUQaGi8efdMUTzVnWacUA25W-mVLX1Pj64Pp-CluwjENfxOZTcP_4RlrW061cxldkkDvH2lA4Q1NEYubyOl6GNS7I4AunDp5DT8XLMFJqKmosJk0Qvmuk1A5UFAeoPO44-njU7AjZblFlkNbVc4-cWrRqjmstQIeSrxXUCVCdRwC8Fget7x4DHpueQXenIiuuf-71mlMuKaFrLq0n6tfxFxV7Oo17sWAQ_umMWFq2Qlikn_EfPIklT638IeK5LSWmtt6iGR5FnnI96HQjyQU_r6bSPFSRxK_6_TWnoXjYip6EAzir_Q6TbSXaCMqImgK-41e9EEbLoxFm3CQ4TuyB4oBYnhG27eGrFQklNe-V9FkEfT4SI7el3bfuYeXrSlE_1g0orby4ENewwmUbW8gy7HVV2gLHVGqVvo45uMwNBDbNrzlnGWucV2_ktRA04d9-Xq7-uhOhSlQO4GC7Lh9bHd9n37IwhcInE-Fda2sKjw0_xrEZztbDJtkH-2gezvcAlyOOvCznHrVG7lZ5ZU0E1yTRHv3KtsosPAYWkq4mXkiML7lMdT_Vg91zMoDvEmftY5DXA1KTE_gp46jE0kWzOTQZ1rkisg71lrNhjaHdHAC4TfI3427Kx6cyrWL9LI2KmHI1QvZL9Bd1JMgxhM3fA0Z4w_vi9Jdt_VULoSRcER3lLbF2NfbG9sYiteN1e77bOoI5iYMCLD2S8pQhlpL91g4CxzNI2r05p-9hjtF_F228pqq725pwgHroFYNkwnIuTl3yOfaQ1sDu4QBF7nEbxPE5Lz3V2kiPwG_Q193TKuhw63fml10n4L5FAzK720Gm0dJy9HCUxEIocuXGcBgvXhEYKoH_1CfTpPLv09AkhdxZFpulO0sWSM7lqBzWs9zqsEluamOW76ASQ4mAcbILUgFRR5AspV4pky9ktGXV5Qjc5iPMCQrXaOOx7aK9uhdngMYr0rHw8idy3JpPv_2YDRDksAwx8OiUYUyAVqEmn3i9jIvGWW0s_qOD3b_jiZRMkRn-KIiuMfUQyKXBbQvARPxWRjVryJsms6aoqH1C27FF4QJ1ukMgvmdFdrHnelK1i9NRBVKRzu4k7c5r7WP0v88TEaXCjCdXJzdKGJqY67iItLhjJ8yf42JNp30Aj3H4pjzMsYge2z_DtkUhUfn9e4L1pk4BytChLxQnD3zuqU-4De6ookIJFrPEDNruexm9rtK0pPfOCItPysQJTpqSRb8sQs1aIeS5YpQlZaOSke2HU9WrapMuGQTfIeBoWHvcZLNG_zT18BC3sI5TAzBj4uGMa-cxvZKx4xyRuB4quF5thCR888iU9pWEpQg_fdGetKfVyUbrnfg_ZmhdPeNhyCSSWvETOp33LTKThPZ8NstGbhKs14Pkeyv5KBdSdxVFgifxxj-uA351f9rcCx6bOOH2LDx-YXZSlQ2IwM8KxKtxkYIEAWq34NU7FI51nku5CtcgpvPrbzHicn7sXdJvsz08thMBFkfLKyYmMnl4JQtZnyx_v5DbjKqZqwIAKkW0Ynnpe4OTr7YH4hUbsWUdMxDnIYqKUQpL9lnbfIGk22Y7SfDZ13kW-nG7DbDDn1-QFW39EO78EUASxWI2OsF1zfCCx4WaBCAY3Tl-dWAUdyunEZBBbPYKlKqXk_lg3vLDKa5IKPc21xFwLn4-lN23hTsaMA3NsTcVz9M6qCrmSYoGmOpxM4CnfemDARhYxIsoFfsdhll65hD2usensIh-GtdbITJOEfB-Gr7a0IajW6aOAmEYEEwQgZxdU2GjMyWzJZwQgnM55JL-qeo7qbXk7Nhcx7XAgGd8gBnIXy--3k7lNkGdvf4ThwDk1dHD4FdQlQzNe0Wm5ExPBar-KZrV22--HfZ-lpX0S_THlaUMMtG2myCSlEswuaPc7O8ffOXEZFUk2YtiSU6vk3paCnCwZr-4FkdrP1SF7WNlpS3twS0iETUV1kv9JndD4edxGRMItsyX8jI4MiVuU63tgpM1arXu&cid=CAASJeRoz5k_ae_RwcB-WNd6EhkpL1zKbZ_ZHc5eCqH4zyHNb8e1WqE&rfl=1%2Chttps%253A%252F%252Fwww.krem.com%252F%240
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
386e08926e85388128306dc6f745a0fbe176538d2f7706701ba482d36330372a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33015
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4621 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BsfCTBzlfK98PkxpSPhY7ip7VhKpOsmWdOF9P5vo1gPY_t3NrvSZGqtcXqlccx1KHa7DJOsR1j-Ges-hdk862OTyAR2EBIcFbZ53xyvd9OfbCTwfM
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 4621 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:36:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:36:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4621 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44876
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662981969255015"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 21:37:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 4621 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:32:28 GMT
l
www.google.com/ads/measurement/ Frame 4621 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9iwGrcMncltMJLb1TWa_18ZQhZy6ItR2cuMzVpskZ5RM5jwODZBVJjqtQaRfSzhQ9Fmb5x0b8uzHecKCtw02W3pDHFw
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
22571
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
VNuE79zGkuG1WkYkook/LzjO6m8khshs44k88xUnWQ3oapFOdrvCIvii4035AZYl3g9EnhgUwco=
x-served-by
cache-yul12831-YUL
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1663018652.468332,VS0,VE0
date
Mon, 12 Sep 2022 21:37:32 GMT
x-amz-request-id
JFXX7NJ7M2FJYZ6M
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
8
x-cache-hits
14498
ecm3
s.amazon-adsystem.com/ Frame 56C8 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=328a56c3-afa2-c215-24b4-3e4667828e02
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
1ZKKNBG4SQ2YR9W41VZ6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ny75r2x0
sync-tm.everesttech.net/upi/pid/ Frame 56C8 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663018652.485514,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-yul12822-YUL
fe9b4cfa-23a4-eba6-d56d-aa24f0e688ab
pr-bh.ybp.yahoo.com/sync/openx/ Frame 56C8 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/fe9b4cfa-23a4-eba6-d56d-aa24f0e688ab?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:9d9d:28ed:7091:e8f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 56C8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=6a5c2abe-b308-79ef-e4ba-bcd10fb145e2&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a2c2f461-deb4-4461-8898-1773ade8bb97&ttd_puid=6a5c2abe-b308-79ef-e4ba-bcd10fb145e2&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a2c2f461-deb4-4461-8898-1773ade8bb97&ttd_puid=6a5c2abe-b308-79ef-e4ba-bcd10fb145e2&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a2c2f461-deb4-4461-8898-1773ade8bb97&ttd_puid=6a5c2abe-b308-79ef-e4ba-bcd10fb145e2&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame 56C8 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDYzM2Y5NzQtN2E3Zi0yNzRiLWYxNWEtZTY2OGM1NTM4Yjgy
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 56C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE5tmYh6Za-GYoWkJNkJXVE&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE5tmYh6Za-GYoWkJNkJXVE&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE5tmYh6Za-GYoWkJNkJXVE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 3F72 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=FTkxeLZHR3PtEe5nScqbdRwo&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
0SNNHW5B58D60YC8H25Z
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 3F72 		45 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=FTkxeLZHR3PtEe5nScqbdRwo&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.108.24 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-108-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 12 Sep 2022 21:37:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 12 Sep 2022 21:37:32 GMT
merge
ce.lijit.com/ Frame 3F72
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=L7ZAD86L-U-LLYM&gdpr=0
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=L7ZAD86L-U-LLYM&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=80&3pid=L7ZAD86L-U-LLYM&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
Expires
0
merge
ce.lijit.com/ Frame 3F72
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=QpOyjRWWuohZleLeFpOuiEOSu9hZw-bbRZUMqZQ1
43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=QpOyjRWWuohZleLeFpOuiEOSu9hZw-bbRZUMqZQ1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=QpOyjRWWuohZleLeFpOuiEOSu9hZw-bbRZUMqZQ1
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 3F72
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=FTkxeLZHR3PtEe5nScqbdRwo&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:cde53036af8cde50fd4a619efbd06ce7
43 B
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:cde53036af8cde50fd4a619efbd06ce7
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:32 GMT
server
Aorta/20220907.45162f85a
location
https://ce.lijit.com/merge?pid=84&3pid=c:cde53036af8cde50fd4a619efbd06ce7
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
ccc653a9100a
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame 3F72
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1663018652234&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=0F544501480B4ED1A98BD63E61B44B8D
43 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=0F544501480B4ED1A98BD63E61B44B8D
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:32 GMT
x-content-type-options
nosniff
server
openresty
location
https://ce.lijit.com/merge?pid=2&3pid=0F544501480B4ED1A98BD63E61B44B8D
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 11 Sep 2022 21:37:32 GMT
crum
dsum-sec.casalemedia.com/ Frame 8370
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6740448256026770921
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6740448256026770921
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f39927a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3yE28SrkqppWS7U9hqwdN6MzJVGw5YT68bRgbUALfMNkNyhuEyUClwDq9V5x97tSQX46zeLvS7w8LCQoVzROL%2F4M%2FRkjdmuJbfNa%2ByzZKuW%2Flx%2B2zXTCC%2BaqHgX2vLaBkwYpsDML%2BF0F7w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1e9109e2-6fb8-4c8e-925d-2c2be48ef081
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6740448256026770921
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8370 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:9d9d:28ed:7091:e8f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 8370 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663018653.677614,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-yul12822-YUL
Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8370
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
2600:1f18:4e9:5a01:9d9d:28ed:7091:e8f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB
date
Mon, 12 Sep 2022 21:37:32 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 8370
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678657052&external_user_id=db5134fa-0dc4-48c9-a4a9-d7b7f741ac8c
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678657052&external_user_id=db5134fa-0dc4-48c9-a4a9-d7b7f741ac8c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f3f9a7a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2A03A3DQr7hc4Aip9L8%2FwSkv056LJgfuzujrDsa1PPubljzqYvPGDLBxOGZTIFX9qzG5Oxaa8gjHIANzAPLZnkF4571NQcun5coh3%2FelEao1P6zyCBGi0TbnZy1un3InBYzCO1CV8LoMNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 google
access-control-allow-origin
*.casalemedia.com
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678657052&external_user_id=db5134fa-0dc4-48c9-a4a9-d7b7f741ac8c
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 8370
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0F544501480B4ED1A98BD63E61B44B8D
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0F544501480B4ED1A98BD63E61B44B8D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f3d979a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6AaYopKPGSRIamYrWQe2%2BF7%2BQfJDF1e9ebUYh2%2FsuSp4q1%2BFvj9jFRQF85uX%2BgSAVtgtYNsIrpNBobC70BIEtkPLTxeK%2F4ot0eXijuxXAJBgXgJFExxAU690E1ES5eOMylrkhZm7vg6Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 12 Sep 2022 21:37:32 GMT
x-content-type-options
nosniff
server
openresty
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0F544501480B4ED1A98BD63E61B44B8D
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 11 Sep 2022 21:37:32 GMT
crum
dsum-sec.casalemedia.com/ Frame 8370
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD2TU7GP00AAA3VYLki2w&expiration=1664228252
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD2TU7GP00AAA3VYLki2w&expiration=1664228252
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f3b94da1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvN7msMXtHyEQ58uZvBGOXnLq0Kd6aBPj06zJnlODjw77%2FnnxWM1zo%2Bjdkv0Cl9P2wx6vdh9i6gopNZmTDxy%2BNieaAnmK%2FFiEm40DWxIyNIMBzfy2MUhezRRBDLmAoMhngOnEjtFWKtU%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD2TU7GP00AAA3VYLki2w&expiration=1664228252
Date
Mon, 12 Sep 2022 21:37:32 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
dcm
s.amazon-adsystem.com/ Frame 8370 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
Z04PCP3SGN4ZGDCNPNNX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 8370 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Yx-mm01KsayL-r-TyKhWBAAAC2sAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
7CWBMDZ7HQJFK934ZDQ7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 4DF1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6740448256026770921
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6740448256026770921
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
085e41eb-7527-44e3-bb84-115dd2e893e6
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=6740448256026770921
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 4DF1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_18e435fc-de53-4181-ae1e-b0281e1f6b21&gdpr=&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=840b9800-7fd1-40bd-a695-2bd7ac05ae93
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=840b9800-7fd1-40bd-a695-2bd7ac05ae93
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=421d6941-3751-417a-beca-0d44d2588bea&user_group=1&ssp=gumgum2&bsw_param=840b9800-7fd1-40bd-a695-2bd7ac05ae93
  • https://usersync.gumgum.com/usersync?b=bsw&i=840b9800-7fd1-40bd-a695-2bd7ac05ae93
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=840b9800-7fd1-40bd-a695-2bd7ac05ae93
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=840b9800-7fd1-40bd-a695-2bd7ac05ae93
Date
Mon, 12 Sep 2022 21:37:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 4DF1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-2048a4f5-3927-4145-6ee3-6f65d92e9181$ip$149.56.153.181
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-2048a4f5-3927-4145-6ee3-6f65d92e9181$ip$149.56.153.181
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-2048a4f5-3927-4145-6ee3-6f65d92e9181$ip$149.56.153.181
Date
Mon, 12 Sep 2022 21:37:32 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 4DF1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_18e435fc-de53-4181-ae1e-b0281e1f6b21&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=ZTQbFeJQMV3vJfNj1D20&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVNFIULCIZSUUUKNKYZXMSTGJZVDCRBSGA
  • https://usersync.gumgum.com/usersync?b=zem&i=ZTQbFeJQMV3vJfNj1D20
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=ZTQbFeJQMV3vJfNj1D20
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
P3p
CP="We do not support P3P header."
Location
https://usersync.gumgum.com/usersync?b=zem&i=ZTQbFeJQMV3vJfNj1D20
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 4DF1
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005&rndcb=1838201642
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=840b9800-7fd1-40bd-a695-2bd7ac05ae93&google_hm=ODQwYjk4MDAtN2ZkMS00MGJkLWE2OTUtMmJkN2FjMDVh...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJIkSYVJMjXRfR2CKRg-8Gc&google_cver=1&ssp=adconductor&bsw_param=840b9800-7fd1-40bd-a695-2bd7ac05ae93
  • https://sync.1rx.io/usersync/bidswitch/840b9800-7fd1-40bd-a695-2bd7ac05ae93?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-aa4e4e25-838b-4a7b-b968-928038c26e99-005
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005
Date
Mon, 12 Sep 2022 21:37:33 GMT
Connection
keep-alive
Content-Type
text/html
ETag
RXaa4e4e25838b4a7bb968928038c26e99005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
usersync
usersync.gumgum.com/ Frame 4DF1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=lC1EXI0aD2CU&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=lC1EXI0aD2CU&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://usersync.gumgum.com/usersync?b=pln&i=lC1EXI0aD2CU&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-dd6bdcf45-4zcrl
expires
-1
cookie-sync
sync.outbrain.com/ Frame 4DF1
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28-oCewe015N7aiDAz7V8W3JovxW7EmIl68zVoISH-58MHUsAek0onbOUaTu_QnT96%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_18e435fc-de53-4181-ae1e-b0281e1f6b21&obuid=ENC(-oCewe015N7aiDAz7V8W3JovxW7EmIl68zVoISH-58MHUsAek0onbOUaTu_QnT96)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3D-oCewe015N7aiDAz7V8W3JovxW7EmIl68zVoISH-58MHUs...
  • https://sync.outbrain.com/cookie-sync?p=synacor&uid=5B9D3ABC77CC43EB96F43F52A5B43722&obUid=-oCewe015N7aiDAz7V8W3JovxW7EmIl68zVoISH-58MHUsAek0onbOUaTu_QnT96
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=synacor&uid=5B9D3ABC77CC43EB96F43F52A5B43722&obUid=-oCewe015N7aiDAz7V8W3JovxW7EmIl68zVoISH-58MHUsAek0onbOUaTu_QnT96
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:33 GMT
Cache-Control
no-cache
X-TraceId
9de8ba42cd9b5532e83489f485d41bf6
Content-Length
0

Redirect headers

date
Mon, 12 Sep 2022 21:37:33 GMT
via
1.1 varnish
server
nginx
age
0
location
https://sync.outbrain.com/cookie-sync?p=synacor&uid=5B9D3ABC77CC43EB96F43F52A5B43722&obUid=-oCewe015N7aiDAz7V8W3JovxW7EmIl68zVoISH-58MHUsAek0onbOUaTu_QnT96
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
x-varnish
280195874
content-length
0
usersync
usersync.gumgum.com/ Frame 4DF1
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=9d618ece-9b1d-41b9-83c1-ac3cc7e144a4
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=9d618ece-9b1d-41b9-83c1-ac3cc7e144a4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Mon, 12 Sep 2022 21:37:32 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=9d618ece-9b1d-41b9-83c1-ac3cc7e144a4
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame 4DF1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-rnLbFv1E2pe6Z7Z9P.AmVBDRCSPIbn_MutNn~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-rnLbFv1E2pe6Z7Z9P.AmVBDRCSPIbn_MutNn~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Mon, 12 Sep 2022 21:37:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-rnLbFv1E2pe6Z7Z9P.AmVBDRCSPIbn_MutNn~A
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 4DF1
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=2617dbac-cce6-4337-b447-62fc0b76992c
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=2617dbac-cce6-4337-b447-62fc0b76992c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=2617dbac-cce6-4337-b447-62fc0b76992c
Date
Mon, 12 Sep 2022 21:37:32 GMT
X-CI-RTID
008e7f50-a7b8-4fdc-9d93-7a8220021619
Connection
keep-alive
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 4DF1
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=5B9D3ABC77CC43EB96F43F52A5B43722
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=5B9D3ABC77CC43EB96F43F52A5B43722
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 varnish
server
nginx
age
0
location
https://usersync.gumgum.com/usersync?b=snc&i=5B9D3ABC77CC43EB96F43F52A5B43722
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
x-varnish
480086773
content-length
0
usersync
usersync.gumgum.com/ Frame 4DF1
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_ded8d05cbe0549d4aaea1
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_ded8d05cbe0549d4aaea1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_ded8d05cbe0549d4aaea1
date
Mon, 12 Sep 2022 21:37:31 GMT
server
c
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 4DF1
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=d74363b1-8cf9-47f7-9dba-f66faa471ed2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=d74363b1-8cf9-47f7-9dba-f66faa471ed2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=d74363b1-8cf9-47f7-9dba-f66faa471ed2
date
Mon, 12 Sep 2022 21:37:32 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 4DF1
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=2362538231446745451
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=2362538231446745451
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=2362538231446745451
date
Mon, 12 Sep 2022 21:37:32 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 4DF1 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_18e435fc-de53-4181-ae1e-b0281e1f6b21
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
0ANFYZR2P5ZTBD8T4DV4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 3809 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g5c47e482220f4b99717
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
CKADQ30JMFNVSNNCTXQQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/ Frame 3809
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=L7ZAD86L-U-LLYM
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=L7ZAD86L-U-LLYM
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
3.225.60.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-60-89.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=L7ZAD86L-U-LLYM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
sync
sync-pm.ads.yieldmo.com/ Frame 3809
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%...
  • https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D0C65799C-ADAA-4108-A890-30B257FC431D
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0C65799C-ADAA-4108-A890-30B257FC431D
43 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0C65799C-ADAA-4108-A890-30B257FC431D
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
18.210.205.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-205-140.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=0C65799C-ADAA-4108-A890-30B257FC431D
date
Mon, 12 Sep 2022 21:37:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 3809 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=Z2ViMGQ2M2I4ZWZmMjA1ODhiYzY=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/ Frame 3809
Redirect Chain
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=7e463e05fee20fce&is_secure=true&networkId=42851&version=1
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAAFnXOksiUFIwNgKSJ4AAAAAAA&expiration=1663105052&is_secure=true
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=eps&id=AAAFnXOksiUFIwNgKSJ4AAAAAAA&expiration=1663105052&is_secure=true
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
3.225.60.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-60-89.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://ads.yieldmo.com/sync?pn_id=eps&id=AAAFnXOksiUFIwNgKSJ4AAAAAAA&expiration=1663105052&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ads.yieldmo.com/v000/ Frame 3809
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=82fc2787-d2df-4446-b5a8-955c797c6821&gdpr=&gdpr_pd=&gdpr_consent=
43 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=82fc2787-d2df-4446-b5a8-955c797c6821&gdpr=&gdpr_pd=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
3.225.60.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-60-89.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

location
//ads.yieldmo.com/v000/sync?pn_id=mf&userid=82fc2787-d2df-4446-b5a8-955c797c6821&gdpr=&gdpr_pd=&gdpr_consent=
date
Mon, 12 Sep 2022 21:37:32 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame D63A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=L7ZAD86L-U-LLYM
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L7ZAD86L-U-LLYM
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L7ZAD86L-U-LLYM
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 68f2eed06d7ecb02b863cacb0da2fc28.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
_qYY71TYbqU5cfHgSmeuP3ysnNSk0dSP5xEBfbo9vX-XYDTfSRUiXQ==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L7ZAD86L-U-LLYM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
rtset
bh.contextweb.com/bh/ Frame 0996
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=V2lfLUo4T0NPWHQ2dGZYQUNoS0dHUQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEPd-Cw2z8kyP5TWwqyb-Jvk&google_cver=1
49 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEPd-Cw2z8kyP5TWwqyb-Jvk&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-dd6bdcf45-4zcrl
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEPd-Cw2z8kyP5TWwqyb-Jvk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 0996
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=520c3f65e0d10fce&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAHJavbwZXOfwNcIrFdAAAAAAA&expiration=1663105052&nuid=&is_secure=true
49 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAHJavbwZXOfwNcIrFdAAAAAAA&expiration=1663105052&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-dd6bdcf45-4zcrl
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAHJavbwZXOfwNcIrFdAAAAAAA&expiration=1663105052&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 0996 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=lC1EXI0aD2CU&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
NQ1V1Q9EPE2JEN3ZTKBN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 93A6 		43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=f1e6158a-1670-4d87-b171-a5aace421b3e&expiration=1670881052
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f3387ca1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymtREG3LL%2Fdc3SJH9TqwAoGEo0CP%2BSEZUzSSq5ehQjWmAL5w13r4gqyuE8NMtDi1NE8U3XuH11%2F0yrKyGKR0zqDH7zeg5FF4qnjMD0Mz0wM2y98h4Nq0TYptK6JOv0u2tu28ca8o5ZecEA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0
usersync
usersync.gumgum.com/ Frame 0BA1
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-ZHMOO8h8ETp-hGRrPK8bEprY35JfCnSR2Hg43YOO1w
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=inm&i=ID5-ZHMOO8h8ETp-hGRrPK8bEprY35JfCnSR2Hg43YOO1w
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 12 Sep 2022 21:37:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

date
Mon, 12 Sep 2022 21:37:33 GMT
location
https://usersync.gumgum.com/usersync?b=inm&i=ID5-ZHMOO8h8ETp-hGRrPK8bEprY35JfCnSR2Hg43YOO1w
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F744 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.205 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-205.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40304
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 21:37:32 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Sep 2022 08:49:16 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 66C5 		315 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
315
content-type
text/html; charset=us-ascii
date
Mon, 12 Sep 2022 21:37:32 GMT
server
Microsoft-HTTPAPI/2.0
usersync
usersync.gumgum.com/ Frame AB91
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=3374631f-a69c-4f00-8548-033a1286fef8&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=3374631f-a69c-4f00-8548-033a1286fef8&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 12 Sep 2022 21:37:32 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 12 Sep 2022 21:37:32 GMT
Expires
Mon, 12 Sep 2022 21:37:31 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master iad-pixel-x17 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=3374631f-a69c-4f00-8548-033a1286fef8&gdpr=&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 9D11 		0
59 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 12 Sep 2022 21:37:32 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12822-YUL
x-timer
S1663018653.677470,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 6D17 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8xOGU0MzVmYy1kZTUzLTQxODEtYWUxZS1iMDI4MWUxZjZiMjE=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 9815
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=emx&i=6740448256026770921brt53451663018651931712bd
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=6740448256026770921brt53451663018651931712bd
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 12 Sep 2022 21:37:32 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Mon, 12 Sep 2022 21:37:32 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=6740448256026770921brt53451663018651931712bd
usersync
usersync.gumgum.com/ Frame F2D4
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Yx.mncCo8YMAACrR0IgAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Yx.mncCo8YMAACrR0IgAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 12 Sep 2022 21:37:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 12 Sep 2022 21:37:33 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Yx.mncCo8YMAACrR0IgAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
76
X-SO-Cluster-ID
33
X-SO-HostName
a-ad40026.dc2p.scaleout.jp
X-SO-IP
149.56.153.181
X-SO-Key
Yx.mncCo8YMAACrR0IgAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":33,"gdpr":false,"ipv4":"149.56.153.181","key":"Yx.mncCo8YMAACrR0IgAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40026"}
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40026
usersync
usersync.gumgum.com/ Frame C40E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Yx.mm01KsayL.r.TyKhWBAAA%262923
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Yx.mm01KsayL.r.TyKhWBAAA%262923
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 12 Sep 2022 21:37:32 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
749bc8f34cc3cab4-YYZ
content-length
0
date
Mon, 12 Sep 2022 21:37:32 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Yx.mm01KsayL.r.TyKhWBAAA%262923
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9dpBSGHgPSQ66lGxG%2FrNbvaEPqNjeOwjm27QgXzSNIZXPVIWjbAC1%2BGfEhbHOi7UDk4Udz4WonCtTekdbKgpQtrDirTyjj0gijWuToK5koGSRy4ZSvd0KhHscvVnNsVyJDzJhfCHUPmfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 8420
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=Qqm1WMvcgGOkNCUxBBU6&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=Qqm1WMvcgGOkNCUxBBU6&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 12 Sep 2022 21:37:32 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 12 Sep 2022 21:37:32 GMT Mon, 12 Sep 2022 21:37:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=Qqm1WMvcgGOkNCUxBBU6&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 78AA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 21:37:32 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 12 Sep 2022 21:37:32 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
rum
dsum-sec.casalemedia.com/ Frame 8C54
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Y0Na3wAEwAQ&v=APEucNUyTR6M9tlUJED5JHzYhcZLN-IiXJxO9JjtLse-QL5R5GZLh4YR0BGGw0OrrfuLp_sDevfkSmoxareMetW0XOx7X4JV4w
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f409bca1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4SLIhEaFCYgKk%2Fz4k1rfGOVwy45VtUycvM5TFjcqCOvQime6UaA0AjeJshQCEQqebeS3hYQ7FcEGnQh38%2FA%2B0RrxhDFPp5I0Ia%2B%2Bgy1j7Lkr6lz5aZFe6dkKR0hofMIutDqdsQiX1LHYg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8C54
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yx.mm01KsayL.r.TyKhWBAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Y0Na3wAEwAQ&v=APEucNUyTR6M9tlUJED5JHzYhcZLN-IiXJxO9JjtLse-QL5R5GZLh4YR0BGGw0OrrfuLp_sDevfkSmoxareMetW0XOx7X4JV4w
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
749bc8f4cb58a1f8-YYZ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olmEflbAW86bkzR9ccHqnWTHyTjUX8T674ct53vBNccmvVEekb1GTLPN5BLb77peO7HBNBIErKsRAVlxXF%2FkCFJ9apAT80K4KfobBpE626Ayjph78OThFB2mZbbR13vGOfLakVOKfD8u5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyBWb1jswPaKqngALSrtcE&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8C54
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOt6pDGycuoIsRz2Jxxpzkc&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOt6pDGycuoIsRz2Jxxpzkc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Y0Na3wAEwAQ&v=APEucNUyTR6M9tlUJED5JHzYhcZLN-IiXJxO9JjtLse-QL5R5GZLh4YR0BGGw0OrrfuLp_sDevfkSmoxareMetW0XOx7X4JV4w
Protocol
HTTP/1.1
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
bd384b0d-efde-4f8d-a0d4-c81d8e7500aa
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOt6pDGycuoIsRz2Jxxpzkc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8C54
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc0MDQ0ODI1NjAyNjc3MDkyMQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc0MDQ0ODI1NjAyNjc3MDkyMQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Y0Na3wAEwAQ&v=APEucNUyTR6M9tlUJED5JHzYhcZLN-IiXJxO9JjtLse-QL5R5GZLh4YR0BGGw0OrrfuLp_sDevfkSmoxareMetW0XOx7X4JV4w
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
3cca2b94-2902-44f8-95cd-6904350f3471
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc0MDQ0ODI1NjAyNjc3MDkyMQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 19AD 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 01:29:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72461
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Sep 2022 01:29:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame 19AD 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BS3X4cb9cyEJqhmwToO77DeVAnHNzWGtholGploxFKHTmqgf3SslxtIskW_XQmKYzguWqFzpT6ijdpFKthAOLcbhH28w&cry=1&dbm_d=AKAmf-A5dpLcPBNxg8pHQ83WagGB7y4MZ0d_hsFHyme7_pFCrYGVAiEpc8XpKJPkTVu2hyTBBO1buiZaM4IUEb2yOizHZsTxHZDSgT1WPs430ReE5Tjjv2YwHJVlsqyYYCa6-dJAObxUGFejoYK2BfNDZetaUHGxXb8I9VGu8OZUJQ-Jux_8xmYK7zeLkz6j-zQ3e6XrMww9bQN8I6lT6wEVDAhOcgCC2ePksEeDUJjSiJiWQqphcFBjIr_J-oua0zbCXvscLZDhYgInlJ1CrZcNdcO1XhU0yxWhmrhVnS2IhgWuiq0xVHhmUGq03lEOjTzJWQOdVDSE-7lcyY1uhLe3JvfdVKqh-NwyKPmz6n_BgFtAamA-omEkq5XiU-N5vHTtm3zRbNYgrLcsD4DMFK4OynpShwuhCVIlZE7zB96QjS9i0b1ag6-Kx3vIVSAkNMHt97CdZ8ojw_cGjKm6onrsVMdXLOZNEIE_HWVV4ugI0vRziZtP6DzSxahloDuBjzoq2sTOzTR4Bd7Wlku0Li9ofwteS328dFBioKef4ryaxOkHU3yWutzJwnh8InMhdK2srZqYUpMeIWmmvg9kQMfWBkx24q_3ELge3CnoBp-BoVa1Nb_hbLa9PTXQkyTYABYgvNPiJvm9Njc3hGaa-c4K7tHxnXvdtprsQQ9VbZeIfv623uoh_fgOeRCL-ttAfH7FM-GLS3vYUm4CX5zgs9lleksIvV3BUh_irJBMvayHjThx8Rms_cAVO8jrO6_9JJ3_hb7My3w0TxW1mB4frs9_6MRC3WCLg2noY8E-X5n5U9byVVh1Jf1cD14BCrn7DoxSgdzClehccDKD0oZMgOKa-PBnZYrOndU9Vn2-YDmNRkADuRuag5FNfo1H_WvMwoXSKwtnzkzzoZXf4ZxeN4BultIPmiaXQoU4tn8kYwAu9fvgbni1Z_SYBkTzv-IRWNg5DG8Eu_RN5StjXczwCORGmg6U_3k-b5lqjrq0tkW-tLXmPicT3lrc4VT5rA42MFKWhRdOmp1xBp2ehKDOsCjHnIzi2jo6Tyt1baWvmdyJYMIzQt_QGqTmFIC3y9DSl_udfavECLyicoz-SrIX5BZjuepxEq2ShAAk8KKs2AQntFHK6JS5YzFSYOcGtutVOlPo-JCc9paJFsXEwYVyiRUpgYxRpQrGeyUaZ7dwARR92yUmDlqSqqiKjf9-x2qTNw9rOlSgYbqAwt900dKQAuWZRuV5iX1RjDsQThEw-NHaHY4AC6bVUGA9bMcv4sneL9Ld9ikgSCEwy9CGcsuDY6hqGUXu2VfUaNaMe7OBnfsCtfuRhQjripLkDGwLgz0sSZ9UHDgK7wpoPJQ9oxg3nitW08vqtoMnbTwwjbLEKdP9N8rDcTreodZeigq4CWngd2qvL5pwRB0jQ8niwT42L1OyRnXQWfN3ra_pfhQyQ90OqeNvM_j3UL4HFI6CBhn0ATYFTJaCMrz9ANUWFSSRTdV25cu-ufKwcxAnLwDbjTl5Z_yeqrPpxz19OHE80_wwXPfhDPvzV2uQnHwo3Fi9KejT7wP57JDB1_DPl5ribq3jokIFzn99U7vk42eSKuPc7KlydkfFY64PfYbvLobchBooyJxxsWCzZAKu1U31DzjcD_iKM5C40mesgUhQjfaJa1JAYR0okgcC6cZa_5dgVDvXz-lxHiuYEjqSx8-VMmxoYBDgkoOIIjKXijTws6YNoXD94aFV1SR0L9DrLZVXUh5_4vKuRNNOOrIsAM0TUjDvgl3DR26OWLWo8jQBxYA_ziiOmCKWwnGMQ4js-v1tErEv-hrPfvi3hwOCT9ai7ncffdMlk_tzepp17AY8lagZKh86EB-G-aCOfTcakTgjtK4DMcTL9SR3CWFg3-DZFDUrUAE4t-0Ozlmd_CwRdxzo411oX8HynetZ7o9LWj6CgILw5zKnn5QQtm746wJs_dRFHuTp-d2qv4sCaKgAnKVk2hxQx2rg3QQ1ciaqeKXlw3MJNevMOblsS6geg3gktolfy2IAdr6t8_p8X3Fqj_-duauTZ__n90R1ug65ZEzO1wNHKK-5k2Y5KAFrhdOsomjitq3v6JSpLuw9HcY1lKWnIN1_JE7B9O4rdyLrHqrmh06fGGLEMABsQ4Rj6_XEVLuqEddEoYKIea1XQzOjJ5o9M3wVeaD91f40mDAn0SfwiWnS9Q2b17O5vQoZpaBeH7zApXSMg2R6BtfpJ63l8JpSivy45EDnrZO1wXx119kOmekbbKC-MBi6rj-x_9kMroKDnSM1oXE4IdKa60PKjUruWSU_s7lzN1XSZdjy1a-mzAlYTfp5z88Rf76stsREZczdiAp0lJGXd6Lrj5fhirWg_XBnU5dXAeo3o1lhXVLLWpUiY1Sr_63dwJaod4tqyi_J3oAALpmydO6RJufCZQV2LiIpUYGMjERZI59yVxYkO3D_jyVc4P66w2iKV5q2y6B97PPnxHhgOGDv4nULQKOuq5_M5-7lmlQPIquxMxti8LU0fW5CgA_2yAX1bDGAWaHrd3S4PY0iuh-LRKn78-MANGtN--M7Fpgf3_deUPjI3NyV9e2GXHitZliR-pLAeZWjKbLEIUNSYB6tKiTOp_yYRoZ3lfbaS7tfbiPUm8BBGKtn2xnQwXp6xwVD5WzQrvJrvRdLmrJKllOg7DH4P6-ADwXSOmueeGlRgNhpgeOl9AWmx-O2kueJxXQut1N4nYIwIAdNLCYcDlhrwgRclyZdI1g6sgzSRilNG0_uHFu_y4gO1P3DwbvuxcRH1bkQro4D1zTeGC4ydblFVqrENtA6WLdfdg1l0EWFUXB87188jsvDXHJndXoS05x7gl09GL2bwSw1Xx_y2LIV2Uka8gR0KfEuZKKylYmsrSwA6giIA4Oh44C63KmkoGF5fqO1Ruj7JjlA2u7whzXxeNZ8ARK9O8QlQgVYYEnBfxGk81o57GuCqIYxwPsM9HWqupMaiczhDggb9fzz-F9CBioZZrQNonuZC6D9Epwc8noQDQ0KTMmM7znATDv9wgORedQTtg6wYpKCOKDDg7xG3e9zyCGvrz8EeUVFH01_X6QjBpU7Potl40_afK-qGDZgPxtV4GElT26lqakTXPHWpV2gsj3mkTk_WAoWMskwSkFFmEFYd9CbB0VY_OWw_f2MhFDF9B3dq_WxkGAYuTc&cid=CAASJeRoMIpClX8aiejnfBiSCL_vJWaS4PAdURHtQno8OfIIDcZEFB0&rfl=1%2Chttps%253A%252F%252Fwww.krem.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:35:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:35:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 19AD 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BS3X4cb9cyEJqhmwToO77DeVAnHNzWGtholGploxFKHTmqgf3SslxtIskW_XQmKYzguWqFzpT6ijdpFKthAOLcbhH28w&cry=1&dbm_d=AKAmf-A5dpLcPBNxg8pHQ83WagGB7y4MZ0d_hsFHyme7_pFCrYGVAiEpc8XpKJPkTVu2hyTBBO1buiZaM4IUEb2yOizHZsTxHZDSgT1WPs430ReE5Tjjv2YwHJVlsqyYYCa6-dJAObxUGFejoYK2BfNDZetaUHGxXb8I9VGu8OZUJQ-Jux_8xmYK7zeLkz6j-zQ3e6XrMww9bQN8I6lT6wEVDAhOcgCC2ePksEeDUJjSiJiWQqphcFBjIr_J-oua0zbCXvscLZDhYgInlJ1CrZcNdcO1XhU0yxWhmrhVnS2IhgWuiq0xVHhmUGq03lEOjTzJWQOdVDSE-7lcyY1uhLe3JvfdVKqh-NwyKPmz6n_BgFtAamA-omEkq5XiU-N5vHTtm3zRbNYgrLcsD4DMFK4OynpShwuhCVIlZE7zB96QjS9i0b1ag6-Kx3vIVSAkNMHt97CdZ8ojw_cGjKm6onrsVMdXLOZNEIE_HWVV4ugI0vRziZtP6DzSxahloDuBjzoq2sTOzTR4Bd7Wlku0Li9ofwteS328dFBioKef4ryaxOkHU3yWutzJwnh8InMhdK2srZqYUpMeIWmmvg9kQMfWBkx24q_3ELge3CnoBp-BoVa1Nb_hbLa9PTXQkyTYABYgvNPiJvm9Njc3hGaa-c4K7tHxnXvdtprsQQ9VbZeIfv623uoh_fgOeRCL-ttAfH7FM-GLS3vYUm4CX5zgs9lleksIvV3BUh_irJBMvayHjThx8Rms_cAVO8jrO6_9JJ3_hb7My3w0TxW1mB4frs9_6MRC3WCLg2noY8E-X5n5U9byVVh1Jf1cD14BCrn7DoxSgdzClehccDKD0oZMgOKa-PBnZYrOndU9Vn2-YDmNRkADuRuag5FNfo1H_WvMwoXSKwtnzkzzoZXf4ZxeN4BultIPmiaXQoU4tn8kYwAu9fvgbni1Z_SYBkTzv-IRWNg5DG8Eu_RN5StjXczwCORGmg6U_3k-b5lqjrq0tkW-tLXmPicT3lrc4VT5rA42MFKWhRdOmp1xBp2ehKDOsCjHnIzi2jo6Tyt1baWvmdyJYMIzQt_QGqTmFIC3y9DSl_udfavECLyicoz-SrIX5BZjuepxEq2ShAAk8KKs2AQntFHK6JS5YzFSYOcGtutVOlPo-JCc9paJFsXEwYVyiRUpgYxRpQrGeyUaZ7dwARR92yUmDlqSqqiKjf9-x2qTNw9rOlSgYbqAwt900dKQAuWZRuV5iX1RjDsQThEw-NHaHY4AC6bVUGA9bMcv4sneL9Ld9ikgSCEwy9CGcsuDY6hqGUXu2VfUaNaMe7OBnfsCtfuRhQjripLkDGwLgz0sSZ9UHDgK7wpoPJQ9oxg3nitW08vqtoMnbTwwjbLEKdP9N8rDcTreodZeigq4CWngd2qvL5pwRB0jQ8niwT42L1OyRnXQWfN3ra_pfhQyQ90OqeNvM_j3UL4HFI6CBhn0ATYFTJaCMrz9ANUWFSSRTdV25cu-ufKwcxAnLwDbjTl5Z_yeqrPpxz19OHE80_wwXPfhDPvzV2uQnHwo3Fi9KejT7wP57JDB1_DPl5ribq3jokIFzn99U7vk42eSKuPc7KlydkfFY64PfYbvLobchBooyJxxsWCzZAKu1U31DzjcD_iKM5C40mesgUhQjfaJa1JAYR0okgcC6cZa_5dgVDvXz-lxHiuYEjqSx8-VMmxoYBDgkoOIIjKXijTws6YNoXD94aFV1SR0L9DrLZVXUh5_4vKuRNNOOrIsAM0TUjDvgl3DR26OWLWo8jQBxYA_ziiOmCKWwnGMQ4js-v1tErEv-hrPfvi3hwOCT9ai7ncffdMlk_tzepp17AY8lagZKh86EB-G-aCOfTcakTgjtK4DMcTL9SR3CWFg3-DZFDUrUAE4t-0Ozlmd_CwRdxzo411oX8HynetZ7o9LWj6CgILw5zKnn5QQtm746wJs_dRFHuTp-d2qv4sCaKgAnKVk2hxQx2rg3QQ1ciaqeKXlw3MJNevMOblsS6geg3gktolfy2IAdr6t8_p8X3Fqj_-duauTZ__n90R1ug65ZEzO1wNHKK-5k2Y5KAFrhdOsomjitq3v6JSpLuw9HcY1lKWnIN1_JE7B9O4rdyLrHqrmh06fGGLEMABsQ4Rj6_XEVLuqEddEoYKIea1XQzOjJ5o9M3wVeaD91f40mDAn0SfwiWnS9Q2b17O5vQoZpaBeH7zApXSMg2R6BtfpJ63l8JpSivy45EDnrZO1wXx119kOmekbbKC-MBi6rj-x_9kMroKDnSM1oXE4IdKa60PKjUruWSU_s7lzN1XSZdjy1a-mzAlYTfp5z88Rf76stsREZczdiAp0lJGXd6Lrj5fhirWg_XBnU5dXAeo3o1lhXVLLWpUiY1Sr_63dwJaod4tqyi_J3oAALpmydO6RJufCZQV2LiIpUYGMjERZI59yVxYkO3D_jyVc4P66w2iKV5q2y6B97PPnxHhgOGDv4nULQKOuq5_M5-7lmlQPIquxMxti8LU0fW5CgA_2yAX1bDGAWaHrd3S4PY0iuh-LRKn78-MANGtN--M7Fpgf3_deUPjI3NyV9e2GXHitZliR-pLAeZWjKbLEIUNSYB6tKiTOp_yYRoZ3lfbaS7tfbiPUm8BBGKtn2xnQwXp6xwVD5WzQrvJrvRdLmrJKllOg7DH4P6-ADwXSOmueeGlRgNhpgeOl9AWmx-O2kueJxXQut1N4nYIwIAdNLCYcDlhrwgRclyZdI1g6sgzSRilNG0_uHFu_y4gO1P3DwbvuxcRH1bkQro4D1zTeGC4ydblFVqrENtA6WLdfdg1l0EWFUXB87188jsvDXHJndXoS05x7gl09GL2bwSw1Xx_y2LIV2Uka8gR0KfEuZKKylYmsrSwA6giIA4Oh44C63KmkoGF5fqO1Ruj7JjlA2u7whzXxeNZ8ARK9O8QlQgVYYEnBfxGk81o57GuCqIYxwPsM9HWqupMaiczhDggb9fzz-F9CBioZZrQNonuZC6D9Epwc8noQDQ0KTMmM7znATDv9wgORedQTtg6wYpKCOKDDg7xG3e9zyCGvrz8EeUVFH01_X6QjBpU7Potl40_afK-qGDZgPxtV4GElT26lqakTXPHWpV2gsj3mkTk_WAoWMskwSkFFmEFYd9CbB0VY_OWw_f2MhFDF9B3dq_WxkGAYuTc&cid=CAASJeRoMIpClX8aiejnfBiSCL_vJWaS4PAdURHtQno8OfIIDcZEFB0&rfl=1%2Chttps%253A%252F%252Fwww.krem.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11782
x-xss-protection
0
server
cafe
etag
11425859616848618248
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:36:38 GMT
brid.min.js
services.brid.tv/player/build/ Frame E7CB 		313 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.brid.tv/player/build/brid.min.js
Requested by
Host: yummy.consumable.com
URL: https://yummy.consumable.com/9770/cnsmbl-video-970x250/widget/unit.js?cb=1663018650805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-121.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad012cc891e44b578484fe9ccd9648a0866ca88f7b4d532d74a0af52f16d266e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:25:28 GMT
content-encoding
br
last-modified
Thu, 08 Sep 2022 09:56:02 GMT
server
AmazonS3
age
724
etag
W/"1344599cba91587bd42d4ac9604c5c63"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
cache-control
max-age=1200, public
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
hN0VIa870Hd4cibqbqCojql3cPi3IVbiZNr2pDAwsjulwfoJiGy8EQ==
sd
us-u.openx.net/w/1.0/ Frame 4C8E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE5tmYh6Za-GYoWkJNkJXVE&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE5tmYh6Za-GYoWkJNkJXVE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfHIxD_1ewBGIizmdABMAE&v=APEucNW1Ln_WNkBMFz-TbnK1izL9JQbkgSlOd2Xyz6lIrkmlvYQCrwnm-y3F6Jdh-YvtOkJBUrTlry1OkCD-u_34vOxHDd3cog
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE5tmYh6Za-GYoWkJNkJXVE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4C8E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDYzM2Y5NzQtN2E3Zi0yNzRiLWYxNWEtZTY2OGM1NTM4Yjgy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDYzM2Y5NzQtN2E3Zi0yNzRiLWYxNWEtZTY2OGM1NTM4Yjgy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfHIxD_1ewBGIizmdABMAE&v=APEucNW1Ln_WNkBMFz-TbnK1izL9JQbkgSlOd2Xyz6lIrkmlvYQCrwnm-y3F6Jdh-YvtOkJBUrTlry1OkCD-u_34vOxHDd3cog
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:32 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDYzM2Y5NzQtN2E3Zi0yNzRiLWYxNWEtZTY2OGM1NTM4Yjgy
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 4C8E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEPkEFG1D0E00PTLkqxGduvM&google_cver=1
23 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEPkEFG1D0E00PTLkqxGduvM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfHIxD_1ewBGIizmdABMAE&v=APEucNW1Ln_WNkBMFz-TbnK1izL9JQbkgSlOd2Xyz6lIrkmlvYQCrwnm-y3F6Jdh-YvtOkJBUrTlry1OkCD-u_34vOxHDd3cog
Protocol
H2
Server
23.205.56.163 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-56-163.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 12 Sep 2022 21:37:32 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEPkEFG1D0E00PTLkqxGduvM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4C8E
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjQ1YWQ0NmYtMTBjOS00N2QyLWIxODctMWNjZjA5NjAyMzNl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjQ1YWQ0NmYtMTBjOS00N2QyLWIxODctMWNjZjA5NjAyMzNl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfHIxD_1ewBGIizmdABMAE&v=APEucNW1Ln_WNkBMFz-TbnK1izL9JQbkgSlOd2Xyz6lIrkmlvYQCrwnm-y3F6Jdh-YvtOkJBUrTlry1OkCD-u_34vOxHDd3cog
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
akka-http/10.2.8
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjQ1YWQ0NmYtMTBjOS00N2QyLWIxODctMWNjZjA5NjAyMzNl
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Mon, 12 Sep 2022 21:37:32 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 4621 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOHKcilpbWwMAs2-k1YWtCCejYaXm93SLDB2Jqf4_FkgasotPHzt5pmX7Yp_ZVS1GhYaEWxWfuGi1eMtMGxBnG8CgWYQ&cry=1&dbm_d=AKAmf-DbuwgM2rSkwCBtd1jiQc9lhD0CECPv-gQSl-QGa6eG2dpo1wJg1Y5VmG7BarduffiS0D78Zl9kC-Hnwec8IjOjhbDOTfK-Ka10YBFkbCSuDc7qKBpgiUS369o7O85Fo70Np1A6fgCHPudS5TEuZE3zX4l00VVGG4b42KU4caORvnQVknoyHmhBqAOMlbBoYYqsP5pd9OTxebi9zPchBn97lNYsVNTjRUALUVe0DJACF_wO5NlTUPO_cP9TXsWJz5LK6OOfEBqb9UMI7hzlApZHBSZ7hNqKpNT6c_EhT1MKJ8ebj-a_XpsYo_FuXBi-PHcRJK3zYCfquVTnV9tJ-5vtMsLaUUjZqbSyp_NZeMvRSVg3NXaEZzZnZdPZFPPy2VmB2JQPkcNYjKsv0xurmG1vp18sp2YTjFuWXzn_9blfg8YfKPU-rstatcZ-dytRRiJVpDgxUNmISWShyk3bHyUol1ui-L9Jtih29WIXZtG93ht6RQ1dEaM4-3upd5R9h4appncyL3XEXxZH1CqxjvfnMzHdHRiggsqK3gNcOVTroPJfioDUe7J-ITzX_onsGpi49q3keEmR0VIsAcA_D_EK7uyrK0GZMCDkrnwAjF5t1LwcklwbE-Yaaei4Jx8f00F8oroZVYYWgAXv7p_ntgJVuHp0ZZNYSsScywnLfxRZtKY_aUKEXaHSZd_QsaW26P-A-Tqnl2uMP4jnZYu9Ud78q-PWf91mDJbulOjIR92tcSv8gUUcwvGn6-ierO5e7NU3b84qSOTfdy_HyKAuCb7IY-bTraVMsTNjgGG7fHxCpgjIr8Sxz9gzX3Y9Frsq7vLIri6IcExR22V6lpmDyDLu9xdITLtmVdgKLUICB98PyYMF1411XwtZXE_e0UnOWj8nCgvlA3nxGm4-40RpzkP3rz96M37gYmxiKv-AFfKeTDLh0h0dbkApuBL0_ZfumuunP-vW9Y0E2r11MDRzujybtx7xIGBrDcU0h34Y9dmrYewiV5cWOEoQY67CwijkTiJDhI-N0Z0HozDhiq5XiUKyZFnypnSfCbfkC6Kk1jCPTUGS-bZMvBxTInZj1cBT2GJ8sqa1_Wg3CNKiNDYsrNtpKzG6yXAY3mdq4UbaI3CMO2nVP71fWG1a0hgqPhOWwcL7-mM2e2MlQa1Cr__3wxZMuRKxF5cdLt2WwkBd2KWgqPbf6HQT43ooqQBlY5pktZHyWeZsHAOEBNfTH_ffqPO7XRBOCfZtPz6ZAlploTJXisuvUQaGi8efdMUTzVnWacUA25W-mVLX1Pj64Pp-CluwjENfxOZTcP_4RlrW061cxldkkDvH2lA4Q1NEYubyOl6GNS7I4AunDp5DT8XLMFJqKmosJk0Qvmuk1A5UFAeoPO44-njU7AjZblFlkNbVc4-cWrRqjmstQIeSrxXUCVCdRwC8Fget7x4DHpueQXenIiuuf-71mlMuKaFrLq0n6tfxFxV7Oo17sWAQ_umMWFq2Qlikn_EfPIklT638IeK5LSWmtt6iGR5FnnI96HQjyQU_r6bSPFSRxK_6_TWnoXjYip6EAzir_Q6TbSXaCMqImgK-41e9EEbLoxFm3CQ4TuyB4oBYnhG27eGrFQklNe-V9FkEfT4SI7el3bfuYeXrSlE_1g0orby4ENewwmUbW8gy7HVV2gLHVGqVvo45uMwNBDbNrzlnGWucV2_ktRA04d9-Xq7-uhOhSlQO4GC7Lh9bHd9n37IwhcInE-Fda2sKjw0_xrEZztbDJtkH-2gezvcAlyOOvCznHrVG7lZ5ZU0E1yTRHv3KtsosPAYWkq4mXkiML7lMdT_Vg91zMoDvEmftY5DXA1KTE_gp46jE0kWzOTQZ1rkisg71lrNhjaHdHAC4TfI3427Kx6cyrWL9LI2KmHI1QvZL9Bd1JMgxhM3fA0Z4w_vi9Jdt_VULoSRcER3lLbF2NfbG9sYiteN1e77bOoI5iYMCLD2S8pQhlpL91g4CxzNI2r05p-9hjtF_F228pqq725pwgHroFYNkwnIuTl3yOfaQ1sDu4QBF7nEbxPE5Lz3V2kiPwG_Q193TKuhw63fml10n4L5FAzK720Gm0dJy9HCUxEIocuXGcBgvXhEYKoH_1CfTpPLv09AkhdxZFpulO0sWSM7lqBzWs9zqsEluamOW76ASQ4mAcbILUgFRR5AspV4pky9ktGXV5Qjc5iPMCQrXaOOx7aK9uhdngMYr0rHw8idy3JpPv_2YDRDksAwx8OiUYUyAVqEmn3i9jIvGWW0s_qOD3b_jiZRMkRn-KIiuMfUQyKXBbQvARPxWRjVryJsms6aoqH1C27FF4QJ1ukMgvmdFdrHnelK1i9NRBVKRzu4k7c5r7WP0v88TEaXCjCdXJzdKGJqY67iItLhjJ8yf42JNp30Aj3H4pjzMsYge2z_DtkUhUfn9e4L1pk4BytChLxQnD3zuqU-4De6ookIJFrPEDNruexm9rtK0pPfOCItPysQJTpqSRb8sQs1aIeS5YpQlZaOSke2HU9WrapMuGQTfIeBoWHvcZLNG_zT18BC3sI5TAzBj4uGMa-cxvZKx4xyRuB4quF5thCR888iU9pWEpQg_fdGetKfVyUbrnfg_ZmhdPeNhyCSSWvETOp33LTKThPZ8NstGbhKs14Pkeyv5KBdSdxVFgifxxj-uA351f9rcCx6bOOH2LDx-YXZSlQ2IwM8KxKtxkYIEAWq34NU7FI51nku5CtcgpvPrbzHicn7sXdJvsz08thMBFkfLKyYmMnl4JQtZnyx_v5DbjKqZqwIAKkW0Ynnpe4OTr7YH4hUbsWUdMxDnIYqKUQpL9lnbfIGk22Y7SfDZ13kW-nG7DbDDn1-QFW39EO78EUASxWI2OsF1zfCCx4WaBCAY3Tl-dWAUdyunEZBBbPYKlKqXk_lg3vLDKa5IKPc21xFwLn4-lN23hTsaMA3NsTcVz9M6qCrmSYoGmOpxM4CnfemDARhYxIsoFfsdhll65hD2usensIh-GtdbITJOEfB-Gr7a0IajW6aOAmEYEEwQgZxdU2GjMyWzJZwQgnM55JL-qeo7qbXk7Nhcx7XAgGd8gBnIXy--3k7lNkGdvf4ThwDk1dHD4FdQlQzNe0Wm5ExPBar-KZrV22--HfZ-lpX0S_THlaUMMtG2myCSlEswuaPc7O8ffOXEZFUk2YtiSU6vk3paCnCwZr-4FkdrP1SF7WNlpS3twS0iETUV1kv9JndD4edxGRMItsyX8jI4MiVuU63tgpM1arXu&cid=CAASJeRoz5k_ae_RwcB-WNd6EhkpL1zKbZ_ZHc5eCqH4zyHNb8e1WqE&rfl=1%2Chttps%253A%252F%252Fwww.krem.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11782
x-xss-protection
0
server
cafe
etag
11425859616848618248
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:36:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame 4621 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOHKcilpbWwMAs2-k1YWtCCejYaXm93SLDB2Jqf4_FkgasotPHzt5pmX7Yp_ZVS1GhYaEWxWfuGi1eMtMGxBnG8CgWYQ&cry=1&dbm_d=AKAmf-DbuwgM2rSkwCBtd1jiQc9lhD0CECPv-gQSl-QGa6eG2dpo1wJg1Y5VmG7BarduffiS0D78Zl9kC-Hnwec8IjOjhbDOTfK-Ka10YBFkbCSuDc7qKBpgiUS369o7O85Fo70Np1A6fgCHPudS5TEuZE3zX4l00VVGG4b42KU4caORvnQVknoyHmhBqAOMlbBoYYqsP5pd9OTxebi9zPchBn97lNYsVNTjRUALUVe0DJACF_wO5NlTUPO_cP9TXsWJz5LK6OOfEBqb9UMI7hzlApZHBSZ7hNqKpNT6c_EhT1MKJ8ebj-a_XpsYo_FuXBi-PHcRJK3zYCfquVTnV9tJ-5vtMsLaUUjZqbSyp_NZeMvRSVg3NXaEZzZnZdPZFPPy2VmB2JQPkcNYjKsv0xurmG1vp18sp2YTjFuWXzn_9blfg8YfKPU-rstatcZ-dytRRiJVpDgxUNmISWShyk3bHyUol1ui-L9Jtih29WIXZtG93ht6RQ1dEaM4-3upd5R9h4appncyL3XEXxZH1CqxjvfnMzHdHRiggsqK3gNcOVTroPJfioDUe7J-ITzX_onsGpi49q3keEmR0VIsAcA_D_EK7uyrK0GZMCDkrnwAjF5t1LwcklwbE-Yaaei4Jx8f00F8oroZVYYWgAXv7p_ntgJVuHp0ZZNYSsScywnLfxRZtKY_aUKEXaHSZd_QsaW26P-A-Tqnl2uMP4jnZYu9Ud78q-PWf91mDJbulOjIR92tcSv8gUUcwvGn6-ierO5e7NU3b84qSOTfdy_HyKAuCb7IY-bTraVMsTNjgGG7fHxCpgjIr8Sxz9gzX3Y9Frsq7vLIri6IcExR22V6lpmDyDLu9xdITLtmVdgKLUICB98PyYMF1411XwtZXE_e0UnOWj8nCgvlA3nxGm4-40RpzkP3rz96M37gYmxiKv-AFfKeTDLh0h0dbkApuBL0_ZfumuunP-vW9Y0E2r11MDRzujybtx7xIGBrDcU0h34Y9dmrYewiV5cWOEoQY67CwijkTiJDhI-N0Z0HozDhiq5XiUKyZFnypnSfCbfkC6Kk1jCPTUGS-bZMvBxTInZj1cBT2GJ8sqa1_Wg3CNKiNDYsrNtpKzG6yXAY3mdq4UbaI3CMO2nVP71fWG1a0hgqPhOWwcL7-mM2e2MlQa1Cr__3wxZMuRKxF5cdLt2WwkBd2KWgqPbf6HQT43ooqQBlY5pktZHyWeZsHAOEBNfTH_ffqPO7XRBOCfZtPz6ZAlploTJXisuvUQaGi8efdMUTzVnWacUA25W-mVLX1Pj64Pp-CluwjENfxOZTcP_4RlrW061cxldkkDvH2lA4Q1NEYubyOl6GNS7I4AunDp5DT8XLMFJqKmosJk0Qvmuk1A5UFAeoPO44-njU7AjZblFlkNbVc4-cWrRqjmstQIeSrxXUCVCdRwC8Fget7x4DHpueQXenIiuuf-71mlMuKaFrLq0n6tfxFxV7Oo17sWAQ_umMWFq2Qlikn_EfPIklT638IeK5LSWmtt6iGR5FnnI96HQjyQU_r6bSPFSRxK_6_TWnoXjYip6EAzir_Q6TbSXaCMqImgK-41e9EEbLoxFm3CQ4TuyB4oBYnhG27eGrFQklNe-V9FkEfT4SI7el3bfuYeXrSlE_1g0orby4ENewwmUbW8gy7HVV2gLHVGqVvo45uMwNBDbNrzlnGWucV2_ktRA04d9-Xq7-uhOhSlQO4GC7Lh9bHd9n37IwhcInE-Fda2sKjw0_xrEZztbDJtkH-2gezvcAlyOOvCznHrVG7lZ5ZU0E1yTRHv3KtsosPAYWkq4mXkiML7lMdT_Vg91zMoDvEmftY5DXA1KTE_gp46jE0kWzOTQZ1rkisg71lrNhjaHdHAC4TfI3427Kx6cyrWL9LI2KmHI1QvZL9Bd1JMgxhM3fA0Z4w_vi9Jdt_VULoSRcER3lLbF2NfbG9sYiteN1e77bOoI5iYMCLD2S8pQhlpL91g4CxzNI2r05p-9hjtF_F228pqq725pwgHroFYNkwnIuTl3yOfaQ1sDu4QBF7nEbxPE5Lz3V2kiPwG_Q193TKuhw63fml10n4L5FAzK720Gm0dJy9HCUxEIocuXGcBgvXhEYKoH_1CfTpPLv09AkhdxZFpulO0sWSM7lqBzWs9zqsEluamOW76ASQ4mAcbILUgFRR5AspV4pky9ktGXV5Qjc5iPMCQrXaOOx7aK9uhdngMYr0rHw8idy3JpPv_2YDRDksAwx8OiUYUyAVqEmn3i9jIvGWW0s_qOD3b_jiZRMkRn-KIiuMfUQyKXBbQvARPxWRjVryJsms6aoqH1C27FF4QJ1ukMgvmdFdrHnelK1i9NRBVKRzu4k7c5r7WP0v88TEaXCjCdXJzdKGJqY67iItLhjJ8yf42JNp30Aj3H4pjzMsYge2z_DtkUhUfn9e4L1pk4BytChLxQnD3zuqU-4De6ookIJFrPEDNruexm9rtK0pPfOCItPysQJTpqSRb8sQs1aIeS5YpQlZaOSke2HU9WrapMuGQTfIeBoWHvcZLNG_zT18BC3sI5TAzBj4uGMa-cxvZKx4xyRuB4quF5thCR888iU9pWEpQg_fdGetKfVyUbrnfg_ZmhdPeNhyCSSWvETOp33LTKThPZ8NstGbhKs14Pkeyv5KBdSdxVFgifxxj-uA351f9rcCx6bOOH2LDx-YXZSlQ2IwM8KxKtxkYIEAWq34NU7FI51nku5CtcgpvPrbzHicn7sXdJvsz08thMBFkfLKyYmMnl4JQtZnyx_v5DbjKqZqwIAKkW0Ynnpe4OTr7YH4hUbsWUdMxDnIYqKUQpL9lnbfIGk22Y7SfDZ13kW-nG7DbDDn1-QFW39EO78EUASxWI2OsF1zfCCx4WaBCAY3Tl-dWAUdyunEZBBbPYKlKqXk_lg3vLDKa5IKPc21xFwLn4-lN23hTsaMA3NsTcVz9M6qCrmSYoGmOpxM4CnfemDARhYxIsoFfsdhll65hD2usensIh-GtdbITJOEfB-Gr7a0IajW6aOAmEYEEwQgZxdU2GjMyWzJZwQgnM55JL-qeo7qbXk7Nhcx7XAgGd8gBnIXy--3k7lNkGdvf4ThwDk1dHD4FdQlQzNe0Wm5ExPBar-KZrV22--HfZ-lpX0S_THlaUMMtG2myCSlEswuaPc7O8ffOXEZFUk2YtiSU6vk3paCnCwZr-4FkdrP1SF7WNlpS3twS0iETUV1kv9JndD4edxGRMItsyX8jI4MiVuU63tgpM1arXu&cid=CAASJeRoz5k_ae_RwcB-WNd6EhkpL1zKbZ_ZHc5eCqH4zyHNb8e1WqE&rfl=1%2Chttps%253A%252F%252Fwww.krem.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:35:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:35:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4621 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstls-IEwFKRKMRvHLYjeX3h3qQa4sn7xviuABsKkDqEC1gft6vfZH4USEAyaYzbCIdj83naGw4URE4rJGb9oaRzjeCnBos3tKnbwGIqOqZA5vYEjR0q3lk89yRs_Shg0FMNlcY-Hdk9o-zGNiMmbTL1Ay8k8BtX8QcK10_5KEf_p2tgRZtY21W9PCpBmWBBMoGWYAT6mnrEDtYcCi97aHhOuPJLXSmLsGHp06MLBpgIJ9X6SVnDdV1KoBdT0uZDqdnABGAR0HswNfZmZfuk-eyw1iZiasu8JZQBKN4znD5MGOUm1aUw5XskJZVwMIM9R44L2ShPRl8AwFDArYxKV9xNijZR4LR7RID9V1JjoDgLnK4m42fKPPPbKXIjUhDR5mC8BanAMHxSGJLq6JaggkzV3q4Dqfuqw0we4Pq6js7SbFAlhgVzrNLaa3ArEpnskSnlZgZ95aE95y2stiRg8QXN9-pvNSvC3HGGhqQVY_GWzHKv7N3Te8mrZysYB1f50ZVCm9YVSwpurk_KJy0IIeYImQMypF0bR_X5_PWjkQoEM1AiSlvP1Ng0H4htH7-Fsa0fnKC6R9MskSlp5ZnRY2atGTXvE-ZLER16tACnS7N9m6rK_ieRPpeYkffRw7COoeYcj3v1-7zbeWS_CrkRBjiyd6fWdpjpsE_USaiJzI-KsaPSESyE_IpHJaQSUTNCKdkHy5Ak0mD7L8ZVe3v6Ufc09-JHFod0PuREnTeX_nhrZYtEd5poW10Zma3RVX2EqI17O-HakMtvYObXDXt09leCW3rE7wg2k-miLR9oQJ8Dkh96YXaFgawIMZV9mhbkeWiluC2QM79Zl8FYuoWff0c67kj8ElWpuVeD1zsqpHxY7KK487KdEmFnJcH4kt_H2kdVLzamfk-Ucnz2dA6M_-98BJSyY3VHvg8YwpRXmvb2kS1ehxlAIe8muIIAX7KJyICtnWboPmHLQdlXNwjMeTRGRhbdv--n4aVMBgaOyIqfIWJ_9d3Bk0U-jC8R09NbEBxaY8OBO2uqho-f9h0c_ZXRmL0RBS7kMzTMEg0gNCJrqjev0Ap1laARWZnbEG2zIOv-DcmkUpP4A7SYTdRAjzOHCL16uz9eS8mQCj-lRWkCxao_oCIjL1pn0Hep3I_rtB5CH_7nY20wxbhtTQ8p36aJPfThBzZ5VrDXdPIPn4VbefhEiOZoI5d8KYdFcrBqcWaMBQdSvD7p3OVohd6XVJYF6rHatT4LTUS-kE7yJUKbWLYZLVbHJq4T-O-FSPCJOs-u&sai=AMfl-YR8DWjyX2oZxGlvxqJq3DPSC-jN-aB7t5Hrx73t-7CVYN6YNJROzZ7OeZdRp4n7rc7ZSFvnd0T-NCjJOyTe2dbi4xDz688RmtbrUDk01cmkq3NdQza7zKApLFbFaJHb2Mej5FT6ZbouzCwH3_x8YJteY40PDkIqlndbwhK1XoOwRJXUpJvPc5TXAzCRNkW6fOc9oT73M3ApsZjTKP5VpoUllu4Z6Q0FkfqFuXxUSAs_dCFRhA&sig=Cg0ArKJSzH0xAieyvImqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220907.18445&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOHKcilpbWwMAs2-k1YWtCCejYaXm93SLDB2Jqf4_FkgasotPHzt5pmX7Yp_ZVS1GhYaEWxWfuGi1eMtMGxBnG8CgWYQ&cry=1&dbm_d=AKAmf-DbuwgM2rSkwCBtd1jiQc9lhD0CECPv-gQSl-QGa6eG2dpo1wJg1Y5VmG7BarduffiS0D78Zl9kC-Hnwec8IjOjhbDOTfK-Ka10YBFkbCSuDc7qKBpgiUS369o7O85Fo70Np1A6fgCHPudS5TEuZE3zX4l00VVGG4b42KU4caORvnQVknoyHmhBqAOMlbBoYYqsP5pd9OTxebi9zPchBn97lNYsVNTjRUALUVe0DJACF_wO5NlTUPO_cP9TXsWJz5LK6OOfEBqb9UMI7hzlApZHBSZ7hNqKpNT6c_EhT1MKJ8ebj-a_XpsYo_FuXBi-PHcRJK3zYCfquVTnV9tJ-5vtMsLaUUjZqbSyp_NZeMvRSVg3NXaEZzZnZdPZFPPy2VmB2JQPkcNYjKsv0xurmG1vp18sp2YTjFuWXzn_9blfg8YfKPU-rstatcZ-dytRRiJVpDgxUNmISWShyk3bHyUol1ui-L9Jtih29WIXZtG93ht6RQ1dEaM4-3upd5R9h4appncyL3XEXxZH1CqxjvfnMzHdHRiggsqK3gNcOVTroPJfioDUe7J-ITzX_onsGpi49q3keEmR0VIsAcA_D_EK7uyrK0GZMCDkrnwAjF5t1LwcklwbE-Yaaei4Jx8f00F8oroZVYYWgAXv7p_ntgJVuHp0ZZNYSsScywnLfxRZtKY_aUKEXaHSZd_QsaW26P-A-Tqnl2uMP4jnZYu9Ud78q-PWf91mDJbulOjIR92tcSv8gUUcwvGn6-ierO5e7NU3b84qSOTfdy_HyKAuCb7IY-bTraVMsTNjgGG7fHxCpgjIr8Sxz9gzX3Y9Frsq7vLIri6IcExR22V6lpmDyDLu9xdITLtmVdgKLUICB98PyYMF1411XwtZXE_e0UnOWj8nCgvlA3nxGm4-40RpzkP3rz96M37gYmxiKv-AFfKeTDLh0h0dbkApuBL0_ZfumuunP-vW9Y0E2r11MDRzujybtx7xIGBrDcU0h34Y9dmrYewiV5cWOEoQY67CwijkTiJDhI-N0Z0HozDhiq5XiUKyZFnypnSfCbfkC6Kk1jCPTUGS-bZMvBxTInZj1cBT2GJ8sqa1_Wg3CNKiNDYsrNtpKzG6yXAY3mdq4UbaI3CMO2nVP71fWG1a0hgqPhOWwcL7-mM2e2MlQa1Cr__3wxZMuRKxF5cdLt2WwkBd2KWgqPbf6HQT43ooqQBlY5pktZHyWeZsHAOEBNfTH_ffqPO7XRBOCfZtPz6ZAlploTJXisuvUQaGi8efdMUTzVnWacUA25W-mVLX1Pj64Pp-CluwjENfxOZTcP_4RlrW061cxldkkDvH2lA4Q1NEYubyOl6GNS7I4AunDp5DT8XLMFJqKmosJk0Qvmuk1A5UFAeoPO44-njU7AjZblFlkNbVc4-cWrRqjmstQIeSrxXUCVCdRwC8Fget7x4DHpueQXenIiuuf-71mlMuKaFrLq0n6tfxFxV7Oo17sWAQ_umMWFq2Qlikn_EfPIklT638IeK5LSWmtt6iGR5FnnI96HQjyQU_r6bSPFSRxK_6_TWnoXjYip6EAzir_Q6TbSXaCMqImgK-41e9EEbLoxFm3CQ4TuyB4oBYnhG27eGrFQklNe-V9FkEfT4SI7el3bfuYeXrSlE_1g0orby4ENewwmUbW8gy7HVV2gLHVGqVvo45uMwNBDbNrzlnGWucV2_ktRA04d9-Xq7-uhOhSlQO4GC7Lh9bHd9n37IwhcInE-Fda2sKjw0_xrEZztbDJtkH-2gezvcAlyOOvCznHrVG7lZ5ZU0E1yTRHv3KtsosPAYWkq4mXkiML7lMdT_Vg91zMoDvEmftY5DXA1KTE_gp46jE0kWzOTQZ1rkisg71lrNhjaHdHAC4TfI3427Kx6cyrWL9LI2KmHI1QvZL9Bd1JMgxhM3fA0Z4w_vi9Jdt_VULoSRcER3lLbF2NfbG9sYiteN1e77bOoI5iYMCLD2S8pQhlpL91g4CxzNI2r05p-9hjtF_F228pqq725pwgHroFYNkwnIuTl3yOfaQ1sDu4QBF7nEbxPE5Lz3V2kiPwG_Q193TKuhw63fml10n4L5FAzK720Gm0dJy9HCUxEIocuXGcBgvXhEYKoH_1CfTpPLv09AkhdxZFpulO0sWSM7lqBzWs9zqsEluamOW76ASQ4mAcbILUgFRR5AspV4pky9ktGXV5Qjc5iPMCQrXaOOx7aK9uhdngMYr0rHw8idy3JpPv_2YDRDksAwx8OiUYUyAVqEmn3i9jIvGWW0s_qOD3b_jiZRMkRn-KIiuMfUQyKXBbQvARPxWRjVryJsms6aoqH1C27FF4QJ1ukMgvmdFdrHnelK1i9NRBVKRzu4k7c5r7WP0v88TEaXCjCdXJzdKGJqY67iItLhjJ8yf42JNp30Aj3H4pjzMsYge2z_DtkUhUfn9e4L1pk4BytChLxQnD3zuqU-4De6ookIJFrPEDNruexm9rtK0pPfOCItPysQJTpqSRb8sQs1aIeS5YpQlZaOSke2HU9WrapMuGQTfIeBoWHvcZLNG_zT18BC3sI5TAzBj4uGMa-cxvZKx4xyRuB4quF5thCR888iU9pWEpQg_fdGetKfVyUbrnfg_ZmhdPeNhyCSSWvETOp33LTKThPZ8NstGbhKs14Pkeyv5KBdSdxVFgifxxj-uA351f9rcCx6bOOH2LDx-YXZSlQ2IwM8KxKtxkYIEAWq34NU7FI51nku5CtcgpvPrbzHicn7sXdJvsz08thMBFkfLKyYmMnl4JQtZnyx_v5DbjKqZqwIAKkW0Ynnpe4OTr7YH4hUbsWUdMxDnIYqKUQpL9lnbfIGk22Y7SfDZ13kW-nG7DbDDn1-QFW39EO78EUASxWI2OsF1zfCCx4WaBCAY3Tl-dWAUdyunEZBBbPYKlKqXk_lg3vLDKa5IKPc21xFwLn4-lN23hTsaMA3NsTcVz9M6qCrmSYoGmOpxM4CnfemDARhYxIsoFfsdhll65hD2usensIh-GtdbITJOEfB-Gr7a0IajW6aOAmEYEEwQgZxdU2GjMyWzJZwQgnM55JL-qeo7qbXk7Nhcx7XAgGd8gBnIXy--3k7lNkGdvf4ThwDk1dHD4FdQlQzNe0Wm5ExPBar-KZrV22--HfZ-lpX0S_THlaUMMtG2myCSlEswuaPc7O8ffOXEZFUk2YtiSU6vk3paCnCwZr-4FkdrP1SF7WNlpS3twS0iETUV1kv9JndD4edxGRMItsyX8jI4MiVuU63tgpM1arXu&cid=CAASJeRoz5k_ae_RwcB-WNd6EhkpL1zKbZ_ZHc5eCqH4zyHNb8e1WqE&rfl=1%2Chttps%253A%252F%252Fwww.krem.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 12 Sep 2022 21:37:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4621 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOHKcilpbWwMAs2-k1YWtCCejYaXm93SLDB2Jqf4_FkgasotPHzt5pmX7Yp_ZVS1GhYaEWxWfuGi1eMtMGxBnG8CgWYQ&cry=1&dbm_d=AKAmf-DbuwgM2rSkwCBtd1jiQc9lhD0CECPv-gQSl-QGa6eG2dpo1wJg1Y5VmG7BarduffiS0D78Zl9kC-Hnwec8IjOjhbDOTfK-Ka10YBFkbCSuDc7qKBpgiUS369o7O85Fo70Np1A6fgCHPudS5TEuZE3zX4l00VVGG4b42KU4caORvnQVknoyHmhBqAOMlbBoYYqsP5pd9OTxebi9zPchBn97lNYsVNTjRUALUVe0DJACF_wO5NlTUPO_cP9TXsWJz5LK6OOfEBqb9UMI7hzlApZHBSZ7hNqKpNT6c_EhT1MKJ8ebj-a_XpsYo_FuXBi-PHcRJK3zYCfquVTnV9tJ-5vtMsLaUUjZqbSyp_NZeMvRSVg3NXaEZzZnZdPZFPPy2VmB2JQPkcNYjKsv0xurmG1vp18sp2YTjFuWXzn_9blfg8YfKPU-rstatcZ-dytRRiJVpDgxUNmISWShyk3bHyUol1ui-L9Jtih29WIXZtG93ht6RQ1dEaM4-3upd5R9h4appncyL3XEXxZH1CqxjvfnMzHdHRiggsqK3gNcOVTroPJfioDUe7J-ITzX_onsGpi49q3keEmR0VIsAcA_D_EK7uyrK0GZMCDkrnwAjF5t1LwcklwbE-Yaaei4Jx8f00F8oroZVYYWgAXv7p_ntgJVuHp0ZZNYSsScywnLfxRZtKY_aUKEXaHSZd_QsaW26P-A-Tqnl2uMP4jnZYu9Ud78q-PWf91mDJbulOjIR92tcSv8gUUcwvGn6-ierO5e7NU3b84qSOTfdy_HyKAuCb7IY-bTraVMsTNjgGG7fHxCpgjIr8Sxz9gzX3Y9Frsq7vLIri6IcExR22V6lpmDyDLu9xdITLtmVdgKLUICB98PyYMF1411XwtZXE_e0UnOWj8nCgvlA3nxGm4-40RpzkP3rz96M37gYmxiKv-AFfKeTDLh0h0dbkApuBL0_ZfumuunP-vW9Y0E2r11MDRzujybtx7xIGBrDcU0h34Y9dmrYewiV5cWOEoQY67CwijkTiJDhI-N0Z0HozDhiq5XiUKyZFnypnSfCbfkC6Kk1jCPTUGS-bZMvBxTInZj1cBT2GJ8sqa1_Wg3CNKiNDYsrNtpKzG6yXAY3mdq4UbaI3CMO2nVP71fWG1a0hgqPhOWwcL7-mM2e2MlQa1Cr__3wxZMuRKxF5cdLt2WwkBd2KWgqPbf6HQT43ooqQBlY5pktZHyWeZsHAOEBNfTH_ffqPO7XRBOCfZtPz6ZAlploTJXisuvUQaGi8efdMUTzVnWacUA25W-mVLX1Pj64Pp-CluwjENfxOZTcP_4RlrW061cxldkkDvH2lA4Q1NEYubyOl6GNS7I4AunDp5DT8XLMFJqKmosJk0Qvmuk1A5UFAeoPO44-njU7AjZblFlkNbVc4-cWrRqjmstQIeSrxXUCVCdRwC8Fget7x4DHpueQXenIiuuf-71mlMuKaFrLq0n6tfxFxV7Oo17sWAQ_umMWFq2Qlikn_EfPIklT638IeK5LSWmtt6iGR5FnnI96HQjyQU_r6bSPFSRxK_6_TWnoXjYip6EAzir_Q6TbSXaCMqImgK-41e9EEbLoxFm3CQ4TuyB4oBYnhG27eGrFQklNe-V9FkEfT4SI7el3bfuYeXrSlE_1g0orby4ENewwmUbW8gy7HVV2gLHVGqVvo45uMwNBDbNrzlnGWucV2_ktRA04d9-Xq7-uhOhSlQO4GC7Lh9bHd9n37IwhcInE-Fda2sKjw0_xrEZztbDJtkH-2gezvcAlyOOvCznHrVG7lZ5ZU0E1yTRHv3KtsosPAYWkq4mXkiML7lMdT_Vg91zMoDvEmftY5DXA1KTE_gp46jE0kWzOTQZ1rkisg71lrNhjaHdHAC4TfI3427Kx6cyrWL9LI2KmHI1QvZL9Bd1JMgxhM3fA0Z4w_vi9Jdt_VULoSRcER3lLbF2NfbG9sYiteN1e77bOoI5iYMCLD2S8pQhlpL91g4CxzNI2r05p-9hjtF_F228pqq725pwgHroFYNkwnIuTl3yOfaQ1sDu4QBF7nEbxPE5Lz3V2kiPwG_Q193TKuhw63fml10n4L5FAzK720Gm0dJy9HCUxEIocuXGcBgvXhEYKoH_1CfTpPLv09AkhdxZFpulO0sWSM7lqBzWs9zqsEluamOW76ASQ4mAcbILUgFRR5AspV4pky9ktGXV5Qjc5iPMCQrXaOOx7aK9uhdngMYr0rHw8idy3JpPv_2YDRDksAwx8OiUYUyAVqEmn3i9jIvGWW0s_qOD3b_jiZRMkRn-KIiuMfUQyKXBbQvARPxWRjVryJsms6aoqH1C27FF4QJ1ukMgvmdFdrHnelK1i9NRBVKRzu4k7c5r7WP0v88TEaXCjCdXJzdKGJqY67iItLhjJ8yf42JNp30Aj3H4pjzMsYge2z_DtkUhUfn9e4L1pk4BytChLxQnD3zuqU-4De6ookIJFrPEDNruexm9rtK0pPfOCItPysQJTpqSRb8sQs1aIeS5YpQlZaOSke2HU9WrapMuGQTfIeBoWHvcZLNG_zT18BC3sI5TAzBj4uGMa-cxvZKx4xyRuB4quF5thCR888iU9pWEpQg_fdGetKfVyUbrnfg_ZmhdPeNhyCSSWvETOp33LTKThPZ8NstGbhKs14Pkeyv5KBdSdxVFgifxxj-uA351f9rcCx6bOOH2LDx-YXZSlQ2IwM8KxKtxkYIEAWq34NU7FI51nku5CtcgpvPrbzHicn7sXdJvsz08thMBFkfLKyYmMnl4JQtZnyx_v5DbjKqZqwIAKkW0Ynnpe4OTr7YH4hUbsWUdMxDnIYqKUQpL9lnbfIGk22Y7SfDZ13kW-nG7DbDDn1-QFW39EO78EUASxWI2OsF1zfCCx4WaBCAY3Tl-dWAUdyunEZBBbPYKlKqXk_lg3vLDKa5IKPc21xFwLn4-lN23hTsaMA3NsTcVz9M6qCrmSYoGmOpxM4CnfemDARhYxIsoFfsdhll65hD2usensIh-GtdbITJOEfB-Gr7a0IajW6aOAmEYEEwQgZxdU2GjMyWzJZwQgnM55JL-qeo7qbXk7Nhcx7XAgGd8gBnIXy--3k7lNkGdvf4ThwDk1dHD4FdQlQzNe0Wm5ExPBar-KZrV22--HfZ-lpX0S_THlaUMMtG2myCSlEswuaPc7O8ffOXEZFUk2YtiSU6vk3paCnCwZr-4FkdrP1SF7WNlpS3twS0iETUV1kv9JndD4edxGRMItsyX8jI4MiVuU63tgpM1arXu&cid=CAASJeRoz5k_ae_RwcB-WNd6EhkpL1zKbZ_ZHc5eCqH4zyHNb8e1WqE&rfl=1%2Chttps%253A%252F%252Fwww.krem.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 16:41:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104174
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 16:41:18 GMT
2791165659054627833
s0.2mdn.net/simgad/ Frame 4621 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2791165659054627833
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e0b6cd8f19796f49ad00b8fcf4f5cfa427778fd111a0ddd365cc19123c0f1b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 00:15:54 GMT
x-content-type-options
nosniff
age
249698
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58612
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 14:03:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Sep 2023 00:15:54 GMT
tap.php
pixel.rubiconproject.com/ Frame D63A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECvnsTZOaHEN62cZZmFtCBg&google_cver=1
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECvnsTZOaHEN62cZZmFtCBg&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECvnsTZOaHEN62cZZmFtCBg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame D63A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=6EA2vAM7SQi9UTE-occvDg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6EA2vAM7SQi9UTE-occvDg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6EA2vAM7SQi9UTE-occvDg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:33 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
951X7GRFGJA8EDW78SFB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6EA2vAM7SQi9UTE-occvDg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame D63A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7ZAD86L-U-LLYM&sigv=1&esig=2~5787336264ab8ea3840f52b69da8c7f0c884432d
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7ZAD86L-U-LLYM&sigv=1&esig=2~5787336264ab8ea3840f52b69da8c7f0c884432d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7ZAD86L-U-LLYM&sigv=1&esig=2~5787336264ab8ea3840f52b69da8c7f0c884432d
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame D63A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmRhM2JlMTBlZmZkMDRmY2FlOWU2Mzg2NGJjOWM4Y2I4NWQxMjZjNA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmRhM2JlMTBlZmZkMDRmY2FlOWU2Mzg2NGJjOWM4Y2I4NWQxMjZjNA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmRhM2JlMTBlZmZkMDRmY2FlOWU2Mzg2NGJjOWM4Y2I4NWQxMjZjNA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D63A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/81Mu4C4fIWyh3KtZ-cL_kg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8056190942419320372
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8056190942419320372
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
Content-Type
image/gif

Redirect headers

date
Mon, 12 Sep 2022 21:37:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8056190942419320372
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
setuid
px.ads.linkedin.com/ Frame D63A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7ZAD86L-U-LLYM
0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7ZAD86L-U-LLYM
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 7F0DB50FF87345858386DDCADC1DEEC2 Ref B: YTO01EDGE0810 Ref C: 2022-09-12T21:37:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-proto
http/2
content-length
0
x-li-uuid
AAXogbQQmFVUcKBximD8KQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7ZAD86L-U-LLYM
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D63A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a2c2f461-deb4-4461-8898-1773ade8bb97&gdpr=0&gdpr_consent=&expires=30
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a2c2f461-deb4-4461-8898-1773ade8bb97&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
29af2665c43893332e84c235bac366c1
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a2c2f461-deb4-4461-8898-1773ade8bb97&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
pixel
cm.g.doubleclick.net/ Frame D63A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdaQUQ4NkwtVS1MTFlN
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdaQUQ4NkwtVS1MTFlN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdaQUQ4NkwtVS1MTFlN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.krem.com%2F&domain=www.krem.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.krem.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 12 Sep 2022 21:37:31 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
484169
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.krem.com%2F&domain=www.krem.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=HqWQn3wzeWZiM0g3UGlTWUxQcVBaWlhzcGFrSWF0cXNIdXlYWldsTVE0NUpqV25WamVGRVZ0NFYzUzRtTWxhbnErdjFSdFJYTjV5cm54bDlLN1FvbVRseGxpMlA5N3ZmcnVvMTF5UmMvdVBONnlDNDJKTXRxSnF5Qytuak...
419 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HqWQn3wzeWZiM0g3UGlTWUxQcVBaWlhzcGFrSWF0cXNIdXlYWldsTVE0NUpqV25WamVGRVZ0NFYzUzRtTWxhbnErdjFSdFJYTjV5cm54bDlLN1FvbVRseGxpMlA5N3ZmcnVvMTF5UmMvdVBONnlDNDJKTXRxSnF5QytuakM0NGZ6WmJ4WFdVOU1PVGtMTlVQOXhsRzN2RzVuUTZVdjQyZlB1Wklid0lTWTdsV2NiWElBTm5JRW8vNmVWVGxzQWpZbWdSaVZSZ2tQMjBaSTJxMzgzbzQzc1FLeWlTSTlwN2JmZXZCWEhyeXhiaXpORTdRNUIvT0pLYit0bzh4VkpEMmFLc1B0djZrY3NhUWJWejVKWitlamR4WERHdz09fA&cppv=2
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e07bf5ffc10eb81845388c2f1a12b3569c6b29c227faa0e9de17139d9a9e1823
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3534374
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=HqWQn3wzeWZiM0g3UGlTWUxQcVBaWlhzcGFrSWF0cXNIdXlYWldsTVE0NUpqV25WamVGRVZ0NFYzUzRtTWxhbnErdjFSdFJYTjV5cm54bDlLN1FvbVRseGxpMlA5N3ZmcnVvMTF5UmMvdVBONnlDNDJKTXRxSnF5QytuakM0NGZ6WmJ4WFdVOU1PVGtMTlVQOXhsRzN2RzVuUTZVdjQyZlB1Wklid0lTWTdsV2NiWElBTm5JRW8vNmVWVGxzQWpZbWdSaVZSZ2tQMjBaSTJxMzgzbzQzc1FLeWlTSTlwN2JmZXZCWEhyeXhiaXpORTdRNUIvT0pLYit0bzh4VkpEMmFLc1B0djZrY3NhUWJWejVKWitlamR4WERHdz09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
341261
content-length
0
expires
0
688.json
id5-sync.com/g/v2/ 		451 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/688.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
d386ba19322d2adcd34d245d8259b116813d2bcf461df4474e053b8fb9c6c732
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
rid
match.adsrvr.org/track/ 		108 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
5289d36a03c73e7ae843f3fef2a2d1a13252e794def4ccf2d29a605620a7bfde

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.krem.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Wed, 12 Oct 2022 21:37:32 GMT
envelope
api.rlcdn.com/api/identity/ 		0
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13222
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 88CA
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1YNY&khaos=L7ZAD86L-U-LLYM
  • https://s.amazon-adsystem.com/ecm3?id=L7ZAD86L-U-LLYM&ex=d-rubiconproject.com&status=ok&us_privacy=1YNY
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=L7ZAD86L-U-LLYM&ex=d-rubiconproject.com&status=ok&us_privacy=1YNY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:32 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
WS186KWH6PMVESNRRP3C
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=L7ZAD86L-U-LLYM&ex=d-rubiconproject.com&status=ok&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
Expires
0
usync.js
eus.rubiconproject.com/ Frame 78AA 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b6173d6f54fba912266ad51fd3664d5729e638c7fbbfb4ffca36b2e06905855b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 20:46:19 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=21935
content-type
text/html; charset=UTF-8
content-length
9379
expires
Tue, 13 Sep 2022 03:43:07 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6D1E 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
13929
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 17:45:23 GMT
etag
48472445140208031
expires
Tue, 13 Sep 2022 17:45:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4621 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstls-IEwFKRKMRvHLYjeX3h3qQa4sn7xviuABsKkDqEC1gft6vfZH4USEAyaYzbCIdj83naGw4URE4rJGb9oaRzjeCnBos3tKnbwGIqOqZA5vYEjR0q3lk89yRs_Shg0FMNlcY-Hdk9o-zGNiMmbTL1Ay8k8BtX8QcK10_5KEf_p2tgRZtY21W9PCpBmWBBMoGWYAT6mnrEDtYcCi97aHhOuPJLXSmLsGHp06MLBpgIJ9X6SVnDdV1KoBdT0uZDqdnABGAR0HswNfZmZfuk-eyw1iZiasu8JZQBKN4znD5MGOUm1aUw5XskJZVwMIM9R44L2ShPRl8AwFDArYxKV9xNijZR4LR7RID9V1JjoDgLnK4m42fKPPPbKXIjUhDR5mC8BanAMHxSGJLq6JaggkzV3q4Dqfuqw0we4Pq6js7SbFAlhgVzrNLaa3ArEpnskSnlZgZ95aE95y2stiRg8QXN9-pvNSvC3HGGhqQVY_GWzHKv7N3Te8mrZysYB1f50ZVCm9YVSwpurk_KJy0IIeYImQMypF0bR_X5_PWjkQoEM1AiSlvP1Ng0H4htH7-Fsa0fnKC6R9MskSlp5ZnRY2atGTXvE-ZLER16tACnS7N9m6rK_ieRPpeYkffRw7COoeYcj3v1-7zbeWS_CrkRBjiyd6fWdpjpsE_USaiJzI-KsaPSESyE_IpHJaQSUTNCKdkHy5Ak0mD7L8ZVe3v6Ufc09-JHFod0PuREnTeX_nhrZYtEd5poW10Zma3RVX2EqI17O-HakMtvYObXDXt09leCW3rE7wg2k-miLR9oQJ8Dkh96YXaFgawIMZV9mhbkeWiluC2QM79Zl8FYuoWff0c67kj8ElWpuVeD1zsqpHxY7KK487KdEmFnJcH4kt_H2kdVLzamfk-Ucnz2dA6M_-98BJSyY3VHvg8YwpRXmvb2kS1ehxlAIe8muIIAX7KJyICtnWboPmHLQdlXNwjMeTRGRhbdv--n4aVMBgaOyIqfIWJ_9d3Bk0U-jC8R09NbEBxaY8OBO2uqho-f9h0c_ZXRmL0RBS7kMzTMEg0gNCJrqjev0Ap1laARWZnbEG2zIOv-DcmkUpP4A7SYTdRAjzOHCL16uz9eS8mQCj-lRWkCxao_oCIjL1pn0Hep3I_rtB5CH_7nY20wxbhtTQ8p36aJPfThBzZ5VrDXdPIPn4VbefhEiOZoI5d8KYdFcrBqcWaMBQdSvD7p3OVohd6XVJYF6rHatT4LTUS-kE7yJUKbWLYZLVbHJq4T-O-FSPCJOs-u&sai=AMfl-YR8DWjyX2oZxGlvxqJq3DPSC-jN-aB7t5Hrx73t-7CVYN6YNJROzZ7OeZdRp4n7rc7ZSFvnd0T-NCjJOyTe2dbi4xDz688RmtbrUDk01cmkq3NdQza7zKApLFbFaJHb2Mej5FT6ZbouzCwH3_x8YJteY40PDkIqlndbwhK1XoOwRJXUpJvPc5TXAzCRNkW6fOc9oT73M3ApsZjTKP5VpoUllu4Z6Q0FkfqFuXxUSAs_dCFRhA&sig=Cg0ArKJSzH0xAieyvImqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=200&vt=11&dtpt=199&dett=2&cstd=0&cisv=r20220907.18445&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOHKcilpbWwMAs2-k1YWtCCejYaXm93SLDB2Jqf4_FkgasotPHzt5pmX7Yp_ZVS1GhYaEWxWfuGi1eMtMGxBnG8CgWYQ&cry=1&dbm_d=AKAmf-DbuwgM2rSkwCBtd1jiQc9lhD0CECPv-gQSl-QGa6eG2dpo1wJg1Y5VmG7BarduffiS0D78Zl9kC-Hnwec8IjOjhbDOTfK-Ka10YBFkbCSuDc7qKBpgiUS369o7O85Fo70Np1A6fgCHPudS5TEuZE3zX4l00VVGG4b42KU4caORvnQVknoyHmhBqAOMlbBoYYqsP5pd9OTxebi9zPchBn97lNYsVNTjRUALUVe0DJACF_wO5NlTUPO_cP9TXsWJz5LK6OOfEBqb9UMI7hzlApZHBSZ7hNqKpNT6c_EhT1MKJ8ebj-a_XpsYo_FuXBi-PHcRJK3zYCfquVTnV9tJ-5vtMsLaUUjZqbSyp_NZeMvRSVg3NXaEZzZnZdPZFPPy2VmB2JQPkcNYjKsv0xurmG1vp18sp2YTjFuWXzn_9blfg8YfKPU-rstatcZ-dytRRiJVpDgxUNmISWShyk3bHyUol1ui-L9Jtih29WIXZtG93ht6RQ1dEaM4-3upd5R9h4appncyL3XEXxZH1CqxjvfnMzHdHRiggsqK3gNcOVTroPJfioDUe7J-ITzX_onsGpi49q3keEmR0VIsAcA_D_EK7uyrK0GZMCDkrnwAjF5t1LwcklwbE-Yaaei4Jx8f00F8oroZVYYWgAXv7p_ntgJVuHp0ZZNYSsScywnLfxRZtKY_aUKEXaHSZd_QsaW26P-A-Tqnl2uMP4jnZYu9Ud78q-PWf91mDJbulOjIR92tcSv8gUUcwvGn6-ierO5e7NU3b84qSOTfdy_HyKAuCb7IY-bTraVMsTNjgGG7fHxCpgjIr8Sxz9gzX3Y9Frsq7vLIri6IcExR22V6lpmDyDLu9xdITLtmVdgKLUICB98PyYMF1411XwtZXE_e0UnOWj8nCgvlA3nxGm4-40RpzkP3rz96M37gYmxiKv-AFfKeTDLh0h0dbkApuBL0_ZfumuunP-vW9Y0E2r11MDRzujybtx7xIGBrDcU0h34Y9dmrYewiV5cWOEoQY67CwijkTiJDhI-N0Z0HozDhiq5XiUKyZFnypnSfCbfkC6Kk1jCPTUGS-bZMvBxTInZj1cBT2GJ8sqa1_Wg3CNKiNDYsrNtpKzG6yXAY3mdq4UbaI3CMO2nVP71fWG1a0hgqPhOWwcL7-mM2e2MlQa1Cr__3wxZMuRKxF5cdLt2WwkBd2KWgqPbf6HQT43ooqQBlY5pktZHyWeZsHAOEBNfTH_ffqPO7XRBOCfZtPz6ZAlploTJXisuvUQaGi8efdMUTzVnWacUA25W-mVLX1Pj64Pp-CluwjENfxOZTcP_4RlrW061cxldkkDvH2lA4Q1NEYubyOl6GNS7I4AunDp5DT8XLMFJqKmosJk0Qvmuk1A5UFAeoPO44-njU7AjZblFlkNbVc4-cWrRqjmstQIeSrxXUCVCdRwC8Fget7x4DHpueQXenIiuuf-71mlMuKaFrLq0n6tfxFxV7Oo17sWAQ_umMWFq2Qlikn_EfPIklT638IeK5LSWmtt6iGR5FnnI96HQjyQU_r6bSPFSRxK_6_TWnoXjYip6EAzir_Q6TbSXaCMqImgK-41e9EEbLoxFm3CQ4TuyB4oBYnhG27eGrFQklNe-V9FkEfT4SI7el3bfuYeXrSlE_1g0orby4ENewwmUbW8gy7HVV2gLHVGqVvo45uMwNBDbNrzlnGWucV2_ktRA04d9-Xq7-uhOhSlQO4GC7Lh9bHd9n37IwhcInE-Fda2sKjw0_xrEZztbDJtkH-2gezvcAlyOOvCznHrVG7lZ5ZU0E1yTRHv3KtsosPAYWkq4mXkiML7lMdT_Vg91zMoDvEmftY5DXA1KTE_gp46jE0kWzOTQZ1rkisg71lrNhjaHdHAC4TfI3427Kx6cyrWL9LI2KmHI1QvZL9Bd1JMgxhM3fA0Z4w_vi9Jdt_VULoSRcER3lLbF2NfbG9sYiteN1e77bOoI5iYMCLD2S8pQhlpL91g4CxzNI2r05p-9hjtF_F228pqq725pwgHroFYNkwnIuTl3yOfaQ1sDu4QBF7nEbxPE5Lz3V2kiPwG_Q193TKuhw63fml10n4L5FAzK720Gm0dJy9HCUxEIocuXGcBgvXhEYKoH_1CfTpPLv09AkhdxZFpulO0sWSM7lqBzWs9zqsEluamOW76ASQ4mAcbILUgFRR5AspV4pky9ktGXV5Qjc5iPMCQrXaOOx7aK9uhdngMYr0rHw8idy3JpPv_2YDRDksAwx8OiUYUyAVqEmn3i9jIvGWW0s_qOD3b_jiZRMkRn-KIiuMfUQyKXBbQvARPxWRjVryJsms6aoqH1C27FF4QJ1ukMgvmdFdrHnelK1i9NRBVKRzu4k7c5r7WP0v88TEaXCjCdXJzdKGJqY67iItLhjJ8yf42JNp30Aj3H4pjzMsYge2z_DtkUhUfn9e4L1pk4BytChLxQnD3zuqU-4De6ookIJFrPEDNruexm9rtK0pPfOCItPysQJTpqSRb8sQs1aIeS5YpQlZaOSke2HU9WrapMuGQTfIeBoWHvcZLNG_zT18BC3sI5TAzBj4uGMa-cxvZKx4xyRuB4quF5thCR888iU9pWEpQg_fdGetKfVyUbrnfg_ZmhdPeNhyCSSWvETOp33LTKThPZ8NstGbhKs14Pkeyv5KBdSdxVFgifxxj-uA351f9rcCx6bOOH2LDx-YXZSlQ2IwM8KxKtxkYIEAWq34NU7FI51nku5CtcgpvPrbzHicn7sXdJvsz08thMBFkfLKyYmMnl4JQtZnyx_v5DbjKqZqwIAKkW0Ynnpe4OTr7YH4hUbsWUdMxDnIYqKUQpL9lnbfIGk22Y7SfDZ13kW-nG7DbDDn1-QFW39EO78EUASxWI2OsF1zfCCx4WaBCAY3Tl-dWAUdyunEZBBbPYKlKqXk_lg3vLDKa5IKPc21xFwLn4-lN23hTsaMA3NsTcVz9M6qCrmSYoGmOpxM4CnfemDARhYxIsoFfsdhll65hD2usensIh-GtdbITJOEfB-Gr7a0IajW6aOAmEYEEwQgZxdU2GjMyWzJZwQgnM55JL-qeo7qbXk7Nhcx7XAgGd8gBnIXy--3k7lNkGdvf4ThwDk1dHD4FdQlQzNe0Wm5ExPBar-KZrV22--HfZ-lpX0S_THlaUMMtG2myCSlEswuaPc7O8ffOXEZFUk2YtiSU6vk3paCnCwZr-4FkdrP1SF7WNlpS3twS0iETUV1kv9JndD4edxGRMItsyX8jI4MiVuU63tgpM1arXu&cid=CAASJeRoz5k_ae_RwcB-WNd6EhkpL1zKbZ_ZHc5eCqH4zyHNb8e1WqE&rfl=1%2Chttps%253A%252F%252Fwww.krem.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B778 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
104173
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 16:41:19 GMT
expires
Mon, 11 Sep 2023 16:41:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
consumable.min.js
services.brid.tv/custom/ Frame E7CB 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.brid.tv/custom/consumable.min.js
Requested by
Host: yummy.consumable.com
URL: https://yummy.consumable.com/9770/cnsmbl-video-970x250/widget/unit.js?cb=1663018650805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-121.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e160fa87d6a461066b724fb344a26dddce1f71b15eac09bd7215c5e13e9386bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:18:01 GMT
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
last-modified
Tue, 18 May 2021 10:16:03 GMT
server
AmazonS3
age
37438
etag
"73e17e89dd91e3d42005f1cd54f03a2f"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
2362
x-amz-cf-id
b0En-k3hLMa3Ybdfm4eZBoVC64krGRaNcaVK5MLqY_EiEE90qA-Kpw==
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 19AD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 16:41:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104174
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 16:41:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 31B1 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
13929
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 17:45:23 GMT
etag
48472445140208031
expires
Tue, 13 Sep 2022 17:45:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4621 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7460031a69f2fcc14fab0019bc3ebf86afa6f89e2f8baa863c28c1b7df81b54d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
event
scotiabank.demdex.net/ Frame 19AD 		42 B
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://scotiabank.demdex.net/event?d_event=imp&d_src=203093&d_creative=176723428&d_campaign=27093947&d_placement=327003526&d_site=3375178&d_aid=6105106&d_bust=1364750635
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v036-0d303b77e.edge-usw2.demdex.com 14 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
nxym2qRrSZ4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
index.html
s0.2mdn.net/sadbundle/4285675942984024064/ Frame 3B70 		58 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc5a9ac18b56bb805ff834a455a2adcffd3246377ac7720e76aa7a740ebb7223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
361151
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
9449
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 17:18:22 GMT
expires
Fri, 08 Sep 2023 17:18:22 GMT
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 19AD 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBX_MU3zPJtICTco1mNXZckpxA1xt7pAQgQHXPHPvjmMvGn1klkAcftYJlop1UFQNOcIdOrofBUhASBliQB6tbJrbC1cA10avqWR_Ke_vbJJhFxuW27e5s4IuMNDhbypvz60aR6Crx5GOFxD5YmBOqkwJfsQc-z739srQc0NuxKz3JvkTTBiz4AHMUzpxrM4S2F80mMMKeRayyKwGZdbuvq5uTfwBahx6cQJnr_CEMh9LDWRgzixHLt1RERwt3-c6xvBhItwYDD8WvpvbYaCcX2WYUzenBi4I_-yRvUD-R1JG5N3jpKPPIXYs4gkBJQICPv4K21WQ2npcDijJXE_rxoBHqoja2ceL2GishEC_L7P6CVszIJ4hhrOwuVkUptHH9QzlkIGx-oPSlepVdHlnGlW3jEoZ8L6jiLiceIt-ZS_E2UYA6wxEu665RcAN9ILeC8U5pAz4Tjlqm0fBgWXKzPqIXq-ROsF7WF-FkHoiQNoCi7YYv_68yxHJI9Tz5zfwpTZHs6FsKATvKc4mlF7rDpOOT9oMJPAz7z3eqn35dU7bC3-be0ZlZp3-gr-633YHZNoF-9MRBCK2wqJw6Zt4BzH0kg9-gIQnufAVy0vvycUy8iGk974cTtVAL9IdN4DLycPARB39uK9EM_GOZiQeZ2hBCPrhw7w-GjEFgLzbT0PQFQ_lJ0KAKkDW3PzlG3JfiuljsK2gXj32Lu93CZgdXctuTViDhRmdv-Q2a-KohSlT2UEtAiSu82iH63yd50fIq2zmnGWU9rl6qTf5qr1VbQp5woOCHwx5HLLAVDSTQWROwHdXc_gf2qxDtQAZnDr0QydRf-8VWkbmG_HYk6o6YxweloFwxsN9jhrtd2H8ccyrUclK_-OUifr8AV4MSpwDVXWIntq_S8u4FIAdhKZLmLsxuzyEPTKM5aPMdXOKAljey8TDt60YuUOKx1e6dTRsHV9_AhW4zY5-JSACd0jHZAZh_dKSp4E1zVXAN-CrPOU4nVln2A74gP1cUd0ZNsE9v8nLtMpU7JN6srpeSGON_fXFh3cl7HJuGExPait0cOk2f97V83lOTEgPtPEkij4919Yg1m0lrxHSXdr9JMibCadpjJz2xOuBoi1eR5NUVQ1DBRuxlXN_4MOqDsh3fPzkBebii0qCnZequwdJuq2bQwIufw8G-m2Mzqyn7NO48x3nDoKKFiYhnEKUxibuUBcekHAy3iuSgYdEU0SP99A4_jUCkQ6SEhYw2lG3VTwXLAqvmMKFIDOzjKILa7No5UEoo9g&sai=AMfl-YShzPxAJHfwOm-hXWRHJBCj8QrrI_vTexdqccEtMRMoDHnoTH2UHBTEMXzDUoJdIN9b5dxou9Q6QVOhZP19Y-9FeNIykvOD1CiOGDWdFu2pg_A378vmYEhy5k5O8Vyy6cQRiRxE97bmzk9MUbcAfjAq3JvuqMPrX4sBM8VQ1BtX2EB-gS-0qAT0TWm1jN6yq2xuTpivZL-XMo8N3WyuBCbDYe6ONLomJfMxKuXF1TEtozE&sig=Cg0ArKJSzHO7DPmdM-dEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=325&cbvp=1&cstd=321&cisv=r20220907.87994&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 12 Sep 2022 21:37:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 706C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsun0VBPBpPPB461QMhygUMAU4L-9UajbHoivp7PRGWUDy2S88nONEg2rMbFK9mrGc1aqsweBNIE3hgaIaQxSzYpAJhggrtonF5si9HucPmhXf517dqR&sig=Cg0ArKJSzNZ-mLzLK5jAEAE&id=lidar2&mcvt=1132&p=322,1341,360,1453&mtos=1132,1132,1132,1132,1132&tos=1132,0,0,0,0&v=20220912&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2393057965&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663018651473&rpt=384&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HqWQn3wzeWZiM0g3UGlTWUxQcVBaWlhzcGFrSWF0cXNIdXlYWldsTVE0NUpqV25WamVGRVZ0NFYzUzRtTWxhbnErdjFSdFJYTjV5cm54bDlLN1FvbVRseGxpMlA5N3ZmcnVvMTF5UmMvdVBONnlDNDJKTXRxSnF5QytuakM0NGZ6WmJ4WFdVOU1PVGtMTlVQOXhsRzN2RzVuUTZVdjQyZlB1Wklid0lTWTdsV2NiWElBTm5JRW8vNmVWVGxzQWpZbWdSaVZSZ2tQMjBaSTJxMzgzbzQzc1FLeWlTSTlwN2JmZXZCWEhyeXhiaXpORTdRNUIvT0pLYit0bzh4VkpEMmFLc1B0djZrY3NhUWJWejVKWitlamR4WERHdz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 12 Sep 2022 21:37:33 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
390249
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
eab52800-0899-4db7-a43e-b7b85574751a
https://www.krem.com/ Frame E7CB 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.krem.com/eab52800-0899-4db7-a43e-b7b85574751a
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
5f5be55d-db30-488c-8696-53e4fca1537e
https://www.krem.com/ Frame E7CB 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.krem.com/5f5be55d-db30-488c-8696-53e4fca1537e
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame A389
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L7ZAD86L-U-LLYM
0
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L7ZAD86L-U-LLYM
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
21
date
Mon, 12 Sep 2022 21:37:33 GMT
via
1.1 varnish
server
nginx
x-timer
S1663018653.138357,VS0,VE21
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-yul12831-YUL

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L7ZAD86L-U-LLYM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame A389
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGI9Uifj-bt_OPwUmpTqYqU&google_cver=1
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGI9Uifj-bt_OPwUmpTqYqU&google_cver=1
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
20
date
Mon, 12 Sep 2022 21:37:33 GMT
via
1.1 varnish
server
nginx
x-timer
S1663018653.146021,VS0,VE20
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12831-YUL

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGI9Uifj-bt_OPwUmpTqYqU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A389 		42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a:$UID
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame A389
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a
date
Mon, 12 Sep 2022 21:37:33 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17849
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame A389
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a2c2f461-deb4-4461-8898-1773ade8bb97
0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a2c2f461-deb4-4461-8898-1773ade8bb97
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms
20
date
Mon, 12 Sep 2022 21:37:33 GMT
via
1.1 varnish
server
nginx
x-timer
S1663018653.140685,VS0,VE20
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12831-YUL

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=a2c2f461-deb4-4461-8898-1773ade8bb97
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame A389 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&us_privacy=1YNY&gdpr=0&gdpr_consent=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:33 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame A389 		49 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-dd6bdcf45-4zcrl
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame A389 		43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&gdpr=0&gdpr_consent=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame A389 		43 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.209.207.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-207-157.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
content-length
43
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame A389
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=ad4edbbb-b0e1-4769-ae71-4d6147a953a5
0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=ad4edbbb-b0e1-4769-ae71-4d6147a953a5
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21260

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=ad4edbbb-b0e1-4769-ae71-4d6147a953a5
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2293258
content-length
0
expires
Mon, 12 Sep 2022 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame A389
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F6%2F2.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/429/6/2.gif?puid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/464/434/5/3.gif?puid=5c63b8fc-35f1-4969-a16b-e4efe07de565&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F4%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/429/4/4.gif?puid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/464/108/3/5.gif?puid=1ae18a8f-69ba-4fa5-9048-7e4f69043c66&gdpr=0&gdpr_consent=
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F136%2F2%2F6.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://rtd-tm.everesttech.net/ct/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F136%2F2%2F6.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yx_mngAAJ4ujOAAE
  • https://id5-sync.com/c/464/136/2/6.gif?puid=Yx_mngAAJ4ujOAAE&gdpr=0&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_I...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opi...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEL79XHD7ziZJi-2KSXW8J2k&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=6740448256026770921&opid=apx&ops=&utidl=tech:goo:CAESEL79XHD7ziZJi-2KSXW8J2k&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A29200825567&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=20d5631f-a69c-4400-9e92-25efa6b072ff&gdpr=0&consent=&id5id=ID5-ZHMOO8h8ETp-hGRrPK8bEprY35JfCnSR2Hg43YOO1w
49 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=20d5631f-a69c-4400-9e92-25efa6b072ff&gdpr=0&consent=&id5id=ID5-ZHMOO8h8ETp-hGRrPK8bEprY35JfCnSR2Hg43YOO1w
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:34 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-12
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=20d5631f-a69c-4400-9e92-25efa6b072ff&gdpr=0&consent=&id5id=ID5-ZHMOO8h8ETp-hGRrPK8bEprY35JfCnSR2Hg43YOO1w
date
Mon, 12 Sep 2022 21:37:34 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame A389
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=1YNY
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dtaboola%26bsw_param%3D840b9800-7fd1-40bd-a695-2bd7ac05ae9...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=3374631f-a69c-4f00-8548-033a1286fef8&expires=30&ssp=taboola&bsw_param=840b9800-7fd1-40bd-a695-2bd7ac05ae93&gdpr=0&gdpr_consent=
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=840b9800-7fd1-40bd-a695-2bd7ac05ae93
0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=840b9800-7fd1-40bd-a695-2bd7ac05ae93
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20882

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=840b9800-7fd1-40bd-a695-2bd7ac05ae93
Date
Mon, 12 Sep 2022 21:37:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame A389
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=82fc2787-d2df-4446-b5a8-955c797c6821
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=82fc2787-d2df-4446-b5a8-955c797c6821&tbid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&query=taboola_hm%3D82fc2787-d2df-...
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=82fc2787-d2df-4446-b5a8-955c797c6821&tbid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&query=taboola_hm%3D82fc2787-d2df-4446-b5a8-955c797c6821&isDirect=0
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
via
1.1 varnish
server
nginx
x-timer
S1663018653.207621,VS0,VE21
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12831-YUL

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=82fc2787-d2df-4446-b5a8-955c797c6821&tbid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&query=taboola_hm%3D82fc2787-d2df-4446-b5a8-955c797c6821&isDirect=0
date
Mon, 12 Sep 2022 21:37:33 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17820
sd
u.openx.net/w/1.0/ Frame A389 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&gdpr=0&gdpr_consent=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame A389 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7772&xuid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&dongle=tbla
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame A389 		49 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-type
image/gif
content-length
49
expires
0
/
s.uuidksinc.net/match/1135/ Frame A389 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/1135/?remote_uid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.155 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
server
nginx/1.19.0
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame A389
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=IEik9TknQUVu429l2S6RgZU4mbU
0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=IEik9TknQUVu429l2S6RgZU4mbU
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17820

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=IEik9TknQUVu429l2S6RgZU4mbU
Date
Mon, 12 Sep 2022 21:37:33 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame A389
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&gdpr=0&gdpr_consent=&us_privacy=1YNY
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=840b9800-7fd1-40bd-a695-2bd7ac05ae93&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=840b9800-7fd1-40bd-a695-2bd7ac05ae93&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=840b9800-7fd1-40bd-a695-2bd7ac05ae93&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Mon, 12 Sep 2022 21:37:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
t.adx.opera.com/ Frame A389 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame A389
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ed66c99d-5909-48b8-9614-bd57aecce156
0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ed66c99d-5909-48b8-9614-bd57aecce156
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21260

Redirect headers

date
Mon, 12 Sep 2022 21:37:33 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ed66c99d-5909-48b8-9614-bd57aecce156
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220912-34-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
Q93sCEWoqxiO0LdTLulEOAOmIgRcHF1L
content-encoding
gzip
etag
"8cbcf8a5c724c32aa9be09d14a4c624d"
age
3135
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
923
x-amz-id-2
i4AVnNh5qrgxpixNMdbhvJy2l47/K00rIWtzUzI9fL/hMDT1DFg5muLpwOk9ggJOXd4vPYdqPg0=
x-served-by
cache-yul12831-YUL
last-modified
Tue, 05 Apr 2022 10:34:30 GMT
server
AmazonS3
x-timer
S1663018653.084608,VS0,VE0
date
Mon, 12 Sep 2022 21:37:33 GMT
vary
Accept-Encoding
x-amz-request-id
EBVGAFX6T0W1132X
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
8
x-cache-hits
13930
wl
t.pubmatic.com/ 		17 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=160138
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.121 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=160138
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.121 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=160138
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.121 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
iframe.js
yummy.consumable.com/9770/cnsmbl-video-970x250/widget/ Frame E7CB 		482 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yummy.consumable.com/9770/cnsmbl-video-970x250/widget/iframe.js?cb=1663018653130
Requested by
Host: yummy.consumable.com
URL: https://yummy.consumable.com/9770/cnsmbl-video-970x250/widget/unit.js?cb=1663018650805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-128.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04a43417bd39e1b9f7f7dbfb5feaa9b80da71fcfcab584709bce2369a36b7fd9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:36:42 GMT
content-encoding
gzip
last-modified
Tue, 06 Sep 2022 14:28:31 GMT
server
AmazonS3
age
52
etag
W/"f28b908b90330bb428fc07fc7fda5ea7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
akTdByB7MSvHncYFbNgsaSPFEXjXQdUQZkTUovR3N2HMJzhVmNgLBQ==
usersync
usersync.gumgum.com/ Frame 78AA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1YNY&khaos=L7ZAD86L-U-LLYM
  • https://usersync.gumgum.com/usersync?b=mag&i=L7ZAD86L-U-LLYM&us_privacy=1YNY
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L7ZAD86L-U-LLYM&us_privacy=1YNY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usersync.gumgum.com/usersync?b=mag&i=L7ZAD86L-U-LLYM&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
Expires
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C5F0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
104174
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 16:41:19 GMT
expires
Mon, 11 Sep 2023 16:41:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 6D1E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKT0aVXQHSSNy6JlnJXRwFk&google_cver=1&google_push=AehlK4AgnsiXV2kIAlOL4_9xfRAAUg1-lfWe8QUU63DZs1onW1bB5YC7R9HcvytdHrLEe-rp0Q5VdKqTa73QUk-FXf...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTJjMmY0NjEtZGViNC00NDYxLTg4OTgtMTc3M2FkZThiYjk3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a2c2f461-deb4-4461-8898-1773ade8bb97
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTJjMmY0NjEtZGViNC00NDYxLTg4OTgtMTc3M2FkZThiYjk3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a2c2f461-deb4-4461-8898-1773ade8bb97
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTJjMmY0NjEtZGViNC00NDYxLTg4OTgtMTc3M2FkZThiYjk3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a2c2f461-deb4-4461-8898-1773ade8bb97
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame 6D1E
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEF2i_bDc9XfN683NsEy2k-Y&google_cver=1&google_push=AehlK4AaZUw4PsIvT8aEdAmKC376s1cT8OeWBNHI5ihismgr_xLYMTlI83mD2yGHg1-U7QTs1KF65gyxdPFIDbWZqiWnu4k7s626
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0YyRENDRUQyMEFBRUVFMA==
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0YyRENDRUQyMEFBRUVFMA==
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0YyRENDRUQyMEFBRUVFMA==
date
Mon, 12 Sep 2022 21:37:33 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 6D1E
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEMHPfoamwSqbsvU00Cyj4Mw&google_cver=1&google_push=AehlK4AIG0HCx8DOMw6yY9QgotwC8Gk1_gd2_PjpoCvvFfqGCYn4Z3VUJdmMgP5eT9_fO60_kHi3_Vr4t03U...
  • https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AehlK4AIG0HCx8DOMw6yY9QgotwC8Gk1_gd2_PjpoCvvFfqGCYn4Z3VUJdmMgP5eT9_fO60_kHi3_Vr4t03UZ99bAAsrJzDfeRBS
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AehlK4AIG0HCx8DOMw6yY9QgotwC8Gk1_gd2_PjpoCvvFfqGCYn4Z3VUJdmMgP5eT9_fO60_kHi3_Vr4t03UZ99bAAsrJzDfeRBS
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:33 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AehlK4AIG0HCx8DOMw6yY9QgotwC8Gk1_gd2_PjpoCvvFfqGCYn4Z3VUJdmMgP5eT9_fO60_kHi3_Vr4t03UZ99bAAsrJzDfeRBS
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
194
Expires
Tue, 29 May 1984 15:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6D1E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIlcFQAtUlE6i1wxrPd6Py4&google_cver=1&google_push=AehlK4BrFzO1n6u_QIUw7NowwiUKCYRyf1mLUHysYR6JNr63jXwPWUs59eGJgnc2K7NVWl_SthjQlPYrs-fcGlbYd1xLcw-...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BrFzO1n6u_QIUw7NowwiUKCYRyf1mLUHysYR6JNr63jXwPWUs59eGJgnc2K7NVWl_SthjQlPYrs-fcGlbYd1xLcw-RFQ2k&google_hm=ODA1NjE5MDk0MjQxOTMyMD...
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BrFzO1n6u_QIUw7NowwiUKCYRyf1mLUHysYR6JNr63jXwPWUs59eGJgnc2K7NVWl_SthjQlPYrs-fcGlbYd1xLcw-RFQ2k&google_hm=ODA1NjE5MDk0MjQxOTMyMDM3Mg%3D%3D
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BrFzO1n6u_QIUw7NowwiUKCYRyf1mLUHysYR6JNr63jXwPWUs59eGJgnc2K7NVWl_SthjQlPYrs-fcGlbYd1xLcw-RFQ2k&google_hm=ODA1NjE5MDk0MjQxOTMyMDM3Mg%3D%3D
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 6D1E
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOfkxWgIi2PiShDYK4HZUoc&google_cver=1&google_push=AehlK4D9Wg2zMqLSKDM-C83tsxW7L9zPW2qjdAmrTuJQVpJKJSgSvbePgglHf0LAxZehXjDAnkf1PqQIZfr6emALok0-rZ3uexSu
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4D9Wg2zMqLSKDM-C83tsxW7L9zPW2qjdAmrTuJQVpJKJSgSvbePgglHf0LAxZehXjDAnkf1PqQIZfr6emALok0-rZ3uexSu&google_hm=tQqgghqOwMECzvBm3Kh_WA==
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4D9Wg2zMqLSKDM-C83tsxW7L9zPW2qjdAmrTuJQVpJKJSgSvbePgglHf0LAxZehXjDAnkf1PqQIZfr6emALok0-rZ3uexSu&google_hm=tQqgghqOwMECzvBm3Kh_WA==
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4D9Wg2zMqLSKDM-C83tsxW7L9zPW2qjdAmrTuJQVpJKJSgSvbePgglHf0LAxZehXjDAnkf1PqQIZfr6emALok0-rZ3uexSu&google_hm=tQqgghqOwMECzvBm3Kh_WA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
f39l83iopk43hkem287nnpa4q9nfe0l1
pixel
cm.g.doubleclick.net/ Frame 6D1E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
  • https://sync.targeting.unrulymedia.com/csync/RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4CjmPC2VtEZxQuy0NtIp...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CjmPC2VtEZxQuy0NtIplo8mAi_egk8INgD6qFa6o5XAE2kiDGJ2pcuNapg5OgQNsUw15FZjh1UIUhEogDrJPHIYnYcCbw&google_hm=BapOTiWDi0p7uWiSgDjCbpk
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CjmPC2VtEZxQuy0NtIplo8mAi_egk8INgD6qFa6o5XAE2kiDGJ2pcuNapg5OgQNsUw15FZjh1UIUhEogDrJPHIYnYcCbw&google_hm=BapOTiWDi0p7uWiSgDjCbpk
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CjmPC2VtEZxQuy0NtIplo8mAi_egk8INgD6qFa6o5XAE2kiDGJ2pcuNapg5OgQNsUw15FZjh1UIUhEogDrJPHIYnYcCbw&google_hm=BapOTiWDi0p7uWiSgDjCbpk
Date
Mon, 12 Sep 2022 21:37:33 GMT
Connection
keep-alive
Content-Type
text/html
ETag
RXaa4e4e25838b4a7bb968928038c26e99005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pixel
cm.g.doubleclick.net/ Frame 6D1E
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEFlkDWz-wJeRkaQ7LutTfFs&google_cver=1&google_push=AehlK4BM9-tAjA_-qcPyRKnQGH9t7pHYWr4uGL5xt7Khkmd-JUFZkoBgbJ_CJpQm4sEarUUjBH9VLM6jxBNQ_XsqB0Rpu...
  • https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTM0NTE2NjMwMTg2NTE5MzE3MTJiZA==
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTM0NTE2NjMwMTg2NTE5MzE3MTJiZA==
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=emx_eb&google_hm=NTM0NTE2NjMwMTg2NTE5MzE3MTJiZA==
date
Mon, 12 Sep 2022 21:37:32 GMT
content-length
0
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 6D1E 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K6eWDftFajOiNoioWqmckr78bHa-hEu25niV3vxuIUJBoIV8OtZlsHietvzXQbbbtzZDcnUw
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 31B1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEG-LC1Yld5IxghjPu7ak0Es&google_cver=1&google_push=AehlK4DUzDVDJaTwGRIISg7znkcR_9xd_Ie4G1bg6MTGELxuWXJHxeS-yylnIFQ9Ca2SE4jDQ2skN7-a1lUB0EIMuj_ETx6_ANjziw
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQzNTUwNDM3NjI4MzY0NDg2OA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENGA0eUtJkfAsXtudHSRu5c&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENGA0eUtJkfAsXtudHSRu5c&google_cver=1
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENGA0eUtJkfAsXtudHSRu5c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 31B1
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFgx1OxJmOCWcCsGndmIPN8&google_cver=1&google_push=AehlK4Dy5Bmh2d7QkMHiCd_lw0-BOD4_6g3zaYG3u7D4vrK56P9bdbm_te...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AehlK4Dy5Bmh2d7QkMHiCd_lw0-BOD4_6g3zaYG3u7D4vrK56P9bdbm_tezd80sZamhwW65gevHWrEk9B0QxU6NuuKkIKGm-q-JrNQ&google_hm=MprA...
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AehlK4Dy5Bmh2d7QkMHiCd_lw0-BOD4_6g3zaYG3u7D4vrK56P9bdbm_tezd80sZamhwW65gevHWrEk9B0QxU6NuuKkIKGm-q-JrNQ&google_hm=MprAxbEOiWtcl9q5uxr-rg
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AehlK4Dy5Bmh2d7QkMHiCd_lw0-BOD4_6g3zaYG3u7D4vrK56P9bdbm_tezd80sZamhwW65gevHWrEk9B0QxU6NuuKkIKGm-q-JrNQ&google_hm=MprAxbEOiWtcl9q5uxr-rg
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 31B1
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHHJ_Z0H2B1idwhpkGzzjfw&google_cver=1&google_push=AehlK4CifP9JyihaUm5ih9tcSOWR7jRQiu4_39OCpXdHuZDAZl6fls35zpOwHiUYOgoUBvo8yaJ-F21S2lOXgKMwznOhMq-S4MXXN...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHHJ_Z0H2B1idwhpkGzzjfw&google_cver=1&google_push=AehlK4CifP9JyihaUm5ih9tcSOWR7jRQiu4_39OCpXdHuZDAZl6fls35zpOwHiUYOgoUBvo8yaJ-F21S2lOXgKMwznOhMq-S4MX...
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHHJ_Z0H2B1idwhpkGzzjfw&google_cver=1&google_push=AehlK4CifP9JyihaUm5ih9tcSOWR7jRQiu4_39OCpXdHuZDAZl6fls35zpOwHiUYOgoUBvo8yaJ-F21S2lOXgKMwznOhMq-S4MXXNg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CifP9JyihaUm5ih9tcSOWR7jRQiu4_39OCpXdHuZDAZl6fls35zpOwHiUYOgoUBvo8yaJ-F21S2lOXgKMwznOhMq-S4MXXNg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
cf-ray
749bc8f74bd8ca5f-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
415
cf-ray
749bc8f69aaeca5f-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHHJ_Z0H2B1idwhpkGzzjfw&google_cver=1&google_push=AehlK4CifP9JyihaUm5ih9tcSOWR7jRQiu4_39OCpXdHuZDAZl6fls35zpOwHiUYOgoUBvo8yaJ-F21S2lOXgKMwznOhMq-S4MXXNg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CifP9JyihaUm5ih9tcSOWR7jRQiu4_39OCpXdHuZDAZl6fls35zpOwHiUYOgoUBvo8yaJ-F21S2lOXgKMwznOhMq-S4MXXNg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 31B1 		0
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEHXctZH9LGfVkHhkbPkgyP0&google_cver=1&google_push=AehlK4AeXIdfXkjBCXKjKtx_N2avQEBhycKMLTHvz2PjA93kW8wC4NvprAutPwgpcV5qeuQ8eTf28MFeaubRYD0b8L-8GUtaZqy7HQ
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 31B1
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEJPW8ObAkThUMP7fTdIUZvw&google_cver=1&google_push=AehlK4CTUgFPHxX28fgW4gwPCqHw3yvdj-SCwu8lKYDKgCscogSICWt5zyQnoJbUyOz9w37oxZp...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEJPW8ObAkThUMP7fTdIUZvw&google_cver=1&google_push=AehlK4CTUgFPHxX28fgW4gwPCqHw3yvdj-SCwu8lKYDKgCscogSICWt5zyQnoJbUyOz9w37oxZp...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=SqVhOs0ERXeNvJ6xctJHwQ
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=SqVhOs0ERXeNvJ6xctJHwQ
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=SqVhOs0ERXeNvJ6xctJHwQ
pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
pixel
cm.g.doubleclick.net/ Frame 31B1
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOfkxWgIi2PiShDYK4HZUoc&google_cver=1&google_push=AehlK4A7yAkgk4z0-uQi69dn0GwBfm232sz_16xSUXGH6oGZwACjZLjDV9AlZ3kff6eSbX00EP_glGYSg2Jdc19RNdawmSn67UHyPg
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4A7yAkgk4z0-uQi69dn0GwBfm232sz_16xSUXGH6oGZwACjZLjDV9AlZ3kff6eSbX00EP_glGYSg2Jdc19RNdawmSn67UHyPg&google_hm=tQqgghqOwMECzvBm3Kh_WA==
170 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4A7yAkgk4z0-uQi69dn0GwBfm232sz_16xSUXGH6oGZwACjZLjDV9AlZ3kff6eSbX00EP_glGYSg2Jdc19RNdawmSn67UHyPg&google_hm=tQqgghqOwMECzvBm3Kh_WA==
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:32 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4A7yAkgk4z0-uQi69dn0GwBfm232sz_16xSUXGH6oGZwACjZLjDV9AlZ3kff6eSbX00EP_glGYSg2Jdc19RNdawmSn67UHyPg&google_hm=tQqgghqOwMECzvBm3Kh_WA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
bl3ra32c7m7l470pohapc3m2ucsh92vv
pub
cs.chocolateplatform.com/ Frame 31B1 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEMELlcIVLIPxiXr_ctbECQY&google_cver=1&google_push=AehlK4ByrJKNvHM2-cwnCr4Vbhvo25MBVzLf0wlJ-0vmU5GQUz7Hn77_cjVBgxRyrLxuAQ6gTe9ufWP6TC-z43NPhMLXjQSgI-YOCQ
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
CookieSync Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 12 Sep 2022 21:37:33 GMT
server
CookieSync Server
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 31B1 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L9Rak3yS41a5NBruxd4Cy-tcRXxe-4oIshXyy5g8eh5pX4VwpSFN73Zzo8QAozArBpzS8Q
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
pips.taboola.com/ 		64 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
7668c9941b80176513e853cc25b61b81a81f80417d52b4c2016deee3935b2b05

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-yul12823-YUL
access-control-allow-methods
GET
access-control-allow-origin
https://www.krem.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame B778 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 14:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Sep 2023 14:40:19 GMT
940a4f97.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/940a4f97.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7881f09b0845aac26f2da31dae53190524c18400036eccd15402064ed7eb777b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:44 GMT
x-content-type-options
nosniff
age
361129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1418
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:44 GMT
5b47befb.svg
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/5b47befb.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
017f77dad35bc8628746a941c5b85ee4fb206c73f7abd23e1503fadcfdc734af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
361129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1106
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:44 GMT
f1c37baa.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/f1c37baa.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9996503dc034049902e13428f941abc818f75a6257878a261acc3b2206dc61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:22 GMT
x-content-type-options
nosniff
age
361151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49977
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:22 GMT
1d3369ba.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/1d3369ba.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74a0bb4b168036229890aaaa5925e9fb3a9da1ad289bd8fa8b147d1eed228f74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:44 GMT
x-content-type-options
nosniff
age
361129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28915
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:44 GMT
04b90d3f.svg
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/04b90d3f.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861cae0f0baa045f169177b9b6dc775cf1ddf7d64bd6fa7b71714d2e5090cc26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
361129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1174
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:44 GMT
7187f0fa.svg
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		492 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/7187f0fa.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b74e688e7c657a53478003583dd789e4a5ce35161c3f62b80745fe730b77bbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
361128
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:45 GMT
fa5fb8b3.svg
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/fa5fb8b3.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b40c12b01d7dd928361aad83fb76e10878527f3b048cd0a4a4aff3ec8b85d9fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
361151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
635
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:22 GMT
a94c3b60.svg
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		1 KB
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/a94c3b60.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f16f0898b02a9df6ac2f9888ed88b4f63976e512e9fac22c8d468cf6877b605
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
361129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
561
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:44 GMT
b5fefff1.svg
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/b5fefff1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503ecba2019c7935aecb5a6322e359ec4e781280c3e700c6d2b81820fdbc1bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
361129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1664
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:44 GMT
84eadbfb.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/84eadbfb.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e125201640b58bbaeec23304abfe434618b3cc793521d3014adec720fa4f77b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:24:53 GMT
x-content-type-options
nosniff
age
760
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3440
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 21:24:53 GMT
38cb7981.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/38cb7981.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bdf563015064972e00c66737b939de852da8a782f797973da29e0e148342d07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:44 GMT
x-content-type-options
nosniff
age
361129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5993
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:44 GMT
84a04b85.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/84a04b85.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450864390e43d79760eb4436197835e87c2beddecc6ed4446af02d39283a3178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:44 GMT
x-content-type-options
nosniff
age
361129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2036
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:44 GMT
713af890.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/713af890.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
590bbe15594205acc9f80509cdf4a58ca508b086f79dfa71529b526bbd87feac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:22 GMT
x-content-type-options
nosniff
age
361151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3533
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:22 GMT
a4743902.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/a4743902.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b6d9b8c42ee2d9471a18e460c0fb54cd263af4cc6ff6620bbb8ec885b2e83d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:22 GMT
x-content-type-options
nosniff
age
361151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3577
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:22 GMT
6fdb7a64.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/6fdb7a64.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af7b0b960a32440fab80ce7e62d8b0f378720ab58738c4646fbfa506b60919b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:44 GMT
x-content-type-options
nosniff
age
361129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6091
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:44 GMT
7973ee0a.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/7973ee0a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c80147784eb16cbf6cc8d19e002b849d3e344021d30364379d0ee8adadcd5361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:44 GMT
x-content-type-options
nosniff
age
361129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1655
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:44 GMT
953ec0c5.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/953ec0c5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52949af69cc5933df493c061375e9b277ef2e9b74b277d8872243fbd6a0607a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:44 GMT
x-content-type-options
nosniff
age
361129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2781
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:44 GMT
c722d547.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		190 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/c722d547.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b1c78ea77abb193e20a2aaa70cb3bd563b60e94b3e033405b99a6a05b95dfad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:44 GMT
x-content-type-options
nosniff
age
361129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:44 GMT
583edd71.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		284 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/583edd71.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb06c34278556e86f79245d043d5ef65b5b32c24dc85af70004809ff6d881ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:44 GMT
x-content-type-options
nosniff
age
361129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
284
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:44 GMT
15914554.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/15914554.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1a9b39cceec1fd8631a8d7e5811de9c337c4996b04450cda520ecaaf9c9b81d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:25:26 GMT
x-content-type-options
nosniff
age
727
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3034
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 21:25:26 GMT
77744d5e.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/77744d5e.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0463909b035639aadc65ccb6d9a6c6c206c188b62eff98b06e8fd9b049daa7b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:22 GMT
x-content-type-options
nosniff
age
361151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4977
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:22 GMT
2e79a5e7.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		207 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/2e79a5e7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9a2cd7d5b940f50e36e3f90ccabc76bd4d8d816514fec93ae2f80775d721e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:22 GMT
x-content-type-options
nosniff
age
361151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
207
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:22 GMT
b7ac11c2.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		334 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/b7ac11c2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57673c38b966e684ccf1e5c51e42fbd2d6a319730a6a0bdaee3ed822770c8c36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:22 GMT
x-content-type-options
nosniff
age
361151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:22 GMT
3a035886.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/3a035886.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b23885ebf4b4d565ce2a64fcda67527316aadabd375531616b5bad8a2edd88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:44 GMT
x-content-type-options
nosniff
age
361129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4151
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:44 GMT
ae13c9ec.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/ae13c9ec.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc456d63390ecccfc6c356f2b013f63c60877e98401199b663634b5f2423ba4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:22 GMT
x-content-type-options
nosniff
age
361151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8129
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:22 GMT
b990f174.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/b990f174.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12697aa1952cfecf1b14ec7218624f5105f343a1a2197c1cb61731cf7ef94eae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:22 GMT
x-content-type-options
nosniff
age
361151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2796
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:22 GMT
0da3fffd.png
s0.2mdn.net/sadbundle/4285675942984024064/images/ Frame 3B70 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4285675942984024064/images/0da3fffd.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a8def63c7933cb7bf6d6102d67a2c45beff27d44153b996af4fcea64083d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4285675942984024064/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 17:18:22 GMT
x-content-type-options
nosniff
age
361151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5373
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 17:18:22 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 01E2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvAs9Phkl17jNcb5jv6tlAN8dJjQqEYS6x5TGonPLekhQy8SDd7kVawn2MrdQPdvHlZPpaQ9AugzJqovIfeUnqOvDVwp_E9pt4DoNc9z5pvXRmTRE0&sig=Cg0ArKJSzJ-1uuf9d0oZEAE&id=lidar2&mcvt=1017&p=30,230,280,1370&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20220912&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=416635853&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663018651615&rpt=545&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/156319/4551/ Frame E7CB 		199 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/156319/4551/pwt.js
Requested by
Host: yummy.consumable.com
URL: https://yummy.consumable.com/9770/cnsmbl-video-970x250/widget/iframe.js?cb=1663018653130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.205 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5bc637d23f58146dbbcbfc139302e613a40025a72da4d05ebe127e3e6f93be7e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 14:57:34 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=132210
accept-ranges
bytes
content-type
application/javascript
content-length
62023
expires
Wed, 14 Sep 2022 10:21:03 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&uad=d072346c8db79fd6f2ceecdb0d73cb8a94262461c336c967531048a4d7ce0f27
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 12 Sep 2022 21:37:33 GMT
cache-control
no-store
server
nginx
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame C5F0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 14:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Sep 2023 14:40:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 19AD 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBX_MU3zPJtICTco1mNXZckpxA1xt7pAQgQHXPHPvjmMvGn1klkAcftYJlop1UFQNOcIdOrofBUhASBliQB6tbJrbC1cA10avqWR_Ke_vbJJhFxuW27e5s4IuMNDhbypvz60aR6Crx5GOFxD5YmBOqkwJfsQc-z739srQc0NuxKz3JvkTTBiz4AHMUzpxrM4S2F80mMMKeRayyKwGZdbuvq5uTfwBahx6cQJnr_CEMh9LDWRgzixHLt1RERwt3-c6xvBhItwYDD8WvpvbYaCcX2WYUzenBi4I_-yRvUD-R1JG5N3jpKPPIXYs4gkBJQICPv4K21WQ2npcDijJXE_rxoBHqoja2ceL2GishEC_L7P6CVszIJ4hhrOwuVkUptHH9QzlkIGx-oPSlepVdHlnGlW3jEoZ8L6jiLiceIt-ZS_E2UYA6wxEu665RcAN9ILeC8U5pAz4Tjlqm0fBgWXKzPqIXq-ROsF7WF-FkHoiQNoCi7YYv_68yxHJI9Tz5zfwpTZHs6FsKATvKc4mlF7rDpOOT9oMJPAz7z3eqn35dU7bC3-be0ZlZp3-gr-633YHZNoF-9MRBCK2wqJw6Zt4BzH0kg9-gIQnufAVy0vvycUy8iGk974cTtVAL9IdN4DLycPARB39uK9EM_GOZiQeZ2hBCPrhw7w-GjEFgLzbT0PQFQ_lJ0KAKkDW3PzlG3JfiuljsK2gXj32Lu93CZgdXctuTViDhRmdv-Q2a-KohSlT2UEtAiSu82iH63yd50fIq2zmnGWU9rl6qTf5qr1VbQp5woOCHwx5HLLAVDSTQWROwHdXc_gf2qxDtQAZnDr0QydRf-8VWkbmG_HYk6o6YxweloFwxsN9jhrtd2H8ccyrUclK_-OUifr8AV4MSpwDVXWIntq_S8u4FIAdhKZLmLsxuzyEPTKM5aPMdXOKAljey8TDt60YuUOKx1e6dTRsHV9_AhW4zY5-JSACd0jHZAZh_dKSp4E1zVXAN-CrPOU4nVln2A74gP1cUd0ZNsE9v8nLtMpU7JN6srpeSGON_fXFh3cl7HJuGExPait0cOk2f97V83lOTEgPtPEkij4919Yg1m0lrxHSXdr9JMibCadpjJz2xOuBoi1eR5NUVQ1DBRuxlXN_4MOqDsh3fPzkBebii0qCnZequwdJuq2bQwIufw8G-m2Mzqyn7NO48x3nDoKKFiYhnEKUxibuUBcekHAy3iuSgYdEU0SP99A4_jUCkQ6SEhYw2lG3VTwXLAqvmMKFIDOzjKILa7No5UEoo9g&sai=AMfl-YShzPxAJHfwOm-hXWRHJBCj8QrrI_vTexdqccEtMRMoDHnoTH2UHBTEMXzDUoJdIN9b5dxou9Q6QVOhZP19Y-9FeNIykvOD1CiOGDWdFu2pg_A378vmYEhy5k5O8Vyy6cQRiRxE97bmzk9MUbcAfjAq3JvuqMPrX4sBM8VQ1BtX2EB-gS-0qAT0TWm1jN6yq2xuTpivZL-XMo8N3WyuBCbDYe6ONLomJfMxKuXF1TEtozE&sig=Cg0ArKJSzHO7DPmdM-dEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=649&vt=11&dtpt=324&dett=3&cstd=321&cisv=r20220907.87994&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pubads_impl_2022090701.js
securepubads.g.doubleclick.net/gpt/ Frame E7CB 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0582ba3aed7d649d346d34c0ce8eba8b1f6f326c7d4a80ab9bc3fa22b4a1f4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 16:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19951
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133090
x-xss-protection
0
last-modified
Wed, 07 Sep 2022 08:36:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 12 Sep 2023 16:05:02 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame E7CB 		251 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.krem.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c20bc28949a1dc2afc610d5b1b6168ca7dc9286c7467b20a73379452f6010e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134
x-xss-protection
0
expires
Mon, 12 Sep 2022 21:37:33 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame E7CB 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e5ecdc767dab401677a88743ed088fcae15b6670aa22ec28cad585cd5da876d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 20:39:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3487
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24190
x-xss-protection
0
server
cafe
etag
6142364239576130187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 21:39:26 GMT
integrator.js
adservice.google.ca/adsid/ Frame E7CB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.krem.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E7CB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.krem.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E7CB 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4276998265919443&correlator=3069791477614452&eid=31068929%2C31069465%2C31065517%2C31061691%2C31061693%2C31068920&output=ldjh&gdfp_req=1&vrg=2022090701&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=133810016%3A32805352%2CCompanion_units%2Ctegna-9769-cnsmbl-container-300x250-ads-dr-d-companion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=1384447165&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D843597edcd88eea1%3AT%3D1663018651%3AS%3DALNI_MZYWZSTJysn7YFTeP3wr4tRISYe6Q&gpic=UID%3D00000969e70febff%3AT%3D1663018651%3ART%3D1663018651%3AS%3DALNI_MZBVDtQn4ayLjs9MasmKMlbyxHwpQ&abxe=1&dt=1663018653567&lmt=1663018653&dlt=1663018652332&idt=1186&adxs=985&adys=1470&biw=1600&bih=1200&isw=970&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=xuvf7evc1gng&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fwww.krem.com%2F&ref=https%3A%2F%2Fwww.krem.com%2F&top=https%3A%2F%2Fwww.krem.com%2F&rumc=4276998265919443&rume=1&frm=23&vis=1&psz=300x250&msz=300x-1&fws=260&ohw=300&ea=0&ga_vid=1086046727.1663018650&ga_sid=1663018654&ga_hid=1917262593&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3f1b1d07c61e6d33c3dd1a02d96b554f5d6868609e4950528c0c07b23b344b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10118
x-xss-protection
0
google-lineitem-id
5433259158
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138318488818
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
15e28e779369deefe965f5bb38f7be19.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CD36 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://15e28e779369deefe965f5bb38f7be19.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:33 GMT
expires
Tue, 12 Sep 2023 21:37:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame B778 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrNW3nKYfY9ixHYalogbF472oCAAAAAA4AeAEAg&bg=!VValVhLNAAZTikH4c4o7ACkAdvg8WnnGL6IgrW4mM_5APWkfzQhFuZ1x9rxoDKF3DK_ELZlteK6vfAIAAAFMUgAAAANoAQeZAzppfQ1AkidrA3iTiEv0HCPmVABKfI3fruJZFJ63Q-po4Pq7Y0E4NmfamAFp3goUA94nXGYnKrNeGar1kAHQbK5TUoLJH_Pbk4n6y1MbeNmiMCGv5P5P-BIvKddj17pmqH40t8Q8zRcIXtDXok4o1_ybE7_LbjF7XW0b57RTwepWaBAmxpmMHmbr4ps6QUYRoaOzolfPYDRrVt3wSowzCnFopBCDgUqPvXYQoi2Z8twMb6XBQVVg-GYKgZuCWgBRvOdHl92ptSoGn1wFB7_eZ4dQd4JCU5ZY4l5bMkCNc81gyM9_qI2D4a8PoqCaMFIfex8GYL34X_gkKWgwvwZ4JRdytH2xPiPRWMOQoWGvh_Lodk5FSyMRoayCWbOEUfj8n_fAilmi--CsIzvvUW_TYtlBxLPYNrtZdjE3kEFzOV7Oj7vYJSc-GM_6uZJFstjfIU1f2dZAERSVOh8QCEGZFdmve2vl-_5uIIoOenIJEfs0hN8lmnXYTTTPS6RuA_OXYFZGKA3ZCNJizpYaY2rLBz08wxH2V_iUYY7xL45tPv3VMGvtP6WvDbM1CPFKXyu_5Cd-boX1zpmGe-CqaQJVoreNU2tvX6iakXpLZA_a0RqSfHchFNFVdxPSozLkaFQUf0boRzY8GkDw2z14wqOK7nz7OAsYYoe8gPCcz1vZ5lX0sQzWutQjtQp_t99KAd2MuzENNyHo6WorygD8rh_SkrqaA-1A5212seaXyCMBE4q-83zem7alQvGDiJegWUPgc6psSD2zcZCF0_PSRji4facSde-7PWniLa3MvynbH8_8wpydpBf4I8EDaXlae5_I7eHLh_uvWswn_B4OClrpjRlqGfOPMSJ-t5Vne3pU4mEcRo-KUwyCQpg7SOwTeJ4oR_TeKw77Jv7dvllp5Mw8rQehX3j0Q_slzsLvOD3xqZS-Q5nq-tJ7h5nwAjb1uPHeuLza3EBSpyiz54CQmMRRb2V4hbCgxvCsrQiz2qg1sn9jKcM3bnWbBJB_rK0heWXt695rKrjluxAql-HEziH1okFEITpg7Sipbnurn7Q6FCtdwd9naKsumt8krr5kC2S1b2DuWQx2prNp8klz
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E7CB 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d42580565c8f70c089e8b4b54295446c370ebbae10d6da44b74a19ce5c3f11d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11200
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7CB 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.krem.com&doc=complete&pg_h=250&pg_w=970&pg_hs=250&c=1&aa_c=0&av_h=250&av_w=300&av_a=75000&b=0&all_b=0&d=1&all_d=1&ard=0.309&all_ard=0.309&dt=d
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C5F0 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzTOOnKYfY_HfFsz-zwXQ4ZyABgAAAAA4AeAEAg&bg=!mZqlmt7NAAZTikH4c4o7ACkAdvg8Ws_4hTymDn_oQBo-b2GsmGCTOPB3pqT4icpdFgghb7GE3C3wLwIAAAEsUgAAAAJoAQeZAzHyXy81HVaJb9GBfZJlnj2v3cb8c85GQzKGanu9DhwqwxHWTygnIsipUh28B9wq1AVC4kE2IzKmdfCJG0vFJXPdp4R4k1OkuNOuG_pBzkngMUT5SIWxUX3-s_nAM70tXyVbgRQVFstvHIIhawHxVUUY0gRkAlSGURAVYfSChmKJBIgBPGHZtk0Nvx0Ar1J77zC8CrMBYMwj-k7oE65kLeMMBHiiZq9c7WDdTvdktcGFZq4xhKTYnW8Mbz9729EB1hYsmPCawh1ap7mqhIlvJK-6J2VVzy70Jp5S94XWa2Vt2cxGk6bR5tj3mpB_kuvigpkJ4wIffaQMk23KqpUlxVNhLLdgpz4SS1BcNOPsxSC3SoXXtKNwEyUXZmagq5-jPKt1Xk_oyj47YuXPpPcZvsHx697eXUVMenm5nuqM6VoWUu3ZSm4YgO3zp4jG2F2BidKsXsGIpK1DcnTf9QqiyziiDyw-GxKA7nGb8EfnFb-OGpOUOrlD4TbXitoa3a0qy4rCEGDdRBskfg6pGl6Obum_d3dHs5Fd5ML511caQvH5VzCE15DgvLVGnR74RILMzMbyRV_XKm72vw0kS5REnByHrwVp2RvC5130akQ99uFZSHDCz5Grte-8NMTUK2pJPbHhhDnT6GT3vcYxZJcqqg6ACoCSkxYOhFIoZLWGtOZGoHpb9HGExynOWh5oNOQIkgaHEt5jUkOrRqei7IDBkZmpFAMVbP44lll85qD62V2aeo4LoKaakIfTU-vzk3tF4bmMxvWdVfTqO_SiaAt87M8Ksd0pL_v2fmorqfPbf-Oz1YejAcMpN_0XFPGWsgmIMWGEftMmcIpWQj6vUOQBNUgBd7SzQLAbVh2qpR8Qj2jRF79-JQexyE-gWP-8qoBTSU34udFclp1QZOSrLyKBkMXlewFb5EG603RZtH9551quZjoc0X5PwV0ZYNkh3YmRWRv-LSBWtsEvilX8JJxfajzOZ0jM0fvXL0BisGsILTgzAOgKX50VEwuDw3j6hLd70HzD8B7T7Nz2yEWqnQi8Xk4zeF7Ps7M_ROdKlDmNfF7kqqBbsB7inowJmcV5qTtW4GRY
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3622 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOqLxaKd4U5Bu6hPRU8W4mdyt3RrLSiSRhiQHDmDCWFMXJrtS0IilJyiFlYCvkOod17LqqmXQhZb7JWs02sBFmp1-v4IVyYHNXKfVxHsZnFhtZkNjtH-iVvAGyQ2Yn7AkpubenLobFbz-9qixv4-DIGEVS48EMrgg8dCoVyZwyxS4uNPzotG6OsQFxkyw0FqYzpwSrOrWvhph_B3_0mYCSTdpAZFAGOqr4rGFz2lOlazuUinHiwnbm36FA8_MQADX8xVs9hT9r51j-tCwwctlkOs-C2uPeMI3AxixFC6mdpIt6paRptJIASggbn3rGiLZF9XZocLO1g2DOzH_bxNVtmzHeANOa-YEDfz_EjECodoiaH6-Rikb4MPtlFL0EcWIYxZBdzRs&sai=AMfl-YTihzWhQwvKdGBdUqke4AMsrpcadKY9vCNsL0f04s7VIOvRRosJrWE3ZO6w77h7m7kt1iHh0Pl_ZFqtlHhveAu4dvAlWHNBgNzDAsNLVXQzOkfE8TgNv4CX4Oc0Ngw&sig=Cg0ArKJSzHIh0yTdWeAjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
unit.js
yummy.consumable.com/9769/cnsmbl-container-300x250-ads/widget/ Frame 3622 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yummy.consumable.com/9769/cnsmbl-container-300x250-ads/widget/unit.js?cb=1663018653689
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-128.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c0ac1710b6e620353a4a4243b9d0752f30b1218fe847d4c3a34c2bf35d80a36

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:36:41 GMT
content-encoding
gzip
last-modified
Fri, 17 Jun 2022 18:19:49 GMT
server
AmazonS3
age
53
etag
W/"fdc0e5972a16114acf4afcca077f6563"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
eRdlbE2UZMbEgXKJoN6jGbNcg2G2skXW-1cxa1M3yvjheiNZl3z-DA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3622 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44876
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662981969255015"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 21:37:33 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E7CB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 21:37:33 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 4FC8 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yummy.consumable.com
URL: https://yummy.consumable.com/9769/cnsmbl-container-300x250-ads/widget/unit.js?cb=1663018653689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc1cab4f4c008ab655e0450ee31b87e6c7d0ed166910ccbdb81716b2a972d7cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28706
x-xss-protection
0
server
sffe
etag
"1332 / 470 of 1000 / last-modified: 1662980886"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 12 Sep 2022 21:37:33 GMT
wrap.js
clarium.global.ssl.fastly.net/gpt/a/ Frame 4FC8 		118 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f252462d4099cc41daf3824c6661737a68eaa8e1515cbbcc885ba6c4a70c877e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-meta-sha1
350b4d4cc4b0b4e7f88872369d4287b481988dc2
Date
Mon, 12 Sep 2022 21:37:33 GMT
Content-Encoding
gzip
Age
476
X-Cache
HIT
X-Cache-Hits
26
Connection
keep-alive
Content-Length
37918
x-amz-id-2
7KAjZxnGG7BYnfpQvelOS6LjHpPJc9Cmieg8K37CFgWjkjPlu5i1kfg6HiskhYA0EU2UZZq8KY8=
X-Served-By
cache-yul12823-YUL
Pragma
no-cache
Last-Modified
Tue, 06 Sep 2022 17:14:24 GMT
Server
AmazonS3
X-Timer
S1663018654.767983,VS0,VE0
ETag
"3bd7cbef282847618c0df211bae22fc6"
Vary
Accept-Encoding
x-amz-request-id
XFX9V200KK0C65NX
Via
1.1 varnish
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
application/json
Expires
Sat, 26 Jul 1997 04:59:59 GMT
iframe.js
yummy.consumable.com/9769/cnsmbl-container-300x250-ads/widget/ Frame 4FC8 		317 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yummy.consumable.com/9769/cnsmbl-container-300x250-ads/widget/iframe.js
Requested by
Host: yummy.consumable.com
URL: https://yummy.consumable.com/9769/cnsmbl-container-300x250-ads/widget/unit.js?cb=1663018653689
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-128.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a424ae4b920750d36ab54506a8a12071255b0526936d6dbe5a59cec1cb4c2ca3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:34 GMT
content-encoding
gzip
last-modified
Tue, 06 Sep 2022 12:53:02 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
W/"36797d0bbf3bd0ba4a4532a50d46b006"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-amz-cf-id
zeuNliSf2WNqJ0dMJ0IaXzJAtrG4VAUl6Gl3uku1D_GB1QitEPUB3g==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 39A1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
176309
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 20:39:04 GMT
expires
Sun, 10 Sep 2023 20:39:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8359 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
928020bc3c73ccd5ce29c497048d8d2d75373cbc9c545d922f661f552d8be660
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qn5OpkstDt6RBwkC2UhwEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-qn5OpkstDt6RBwkC2UhwEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:33 GMT
expires
Mon, 12 Sep 2022 21:37:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 3622 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsst9KeUu6SbI2KSfxcRJ80605bn2mUTPwvnAsWgGMsN4Ci8F76mCiIFBsKQ_cZK6bVvFh7YRgcGg94JUilqYc57n2py9iXPuyL44l1xG0q7kiMwq-iGSZp6M_tfloqSOuMEjLZmjdNCHOqzZUrazt8GO8P0cMch0XbjdhawtKRheydcYW2mTKbmJT8J805plFNuthWpA5dtV_KVTNB_zSJ-WQjPcxjrZ6q8tsNWIJzd4-0LWRP2vFrHT8JYDodbeWH1DlvaDuK8tbMplandwjf103HVkUR-ldHWONZyPCSt-4pC0h2sTqvl6_qFgv4fbk_5wAme85lZuYSxV9EL-BZX_UuOnwS_rBIsCr1eOaDzOzdxoQfTiZb9-0QOlNfpiKAtfJO-e-1ztQ&sai=AMfl-YQXMA8VPLpSbn6U3ZKCBjoS0bbT6AkqXxVTWRvofG3pBmqXPXJ-UCRbFlS6aQlI2sOlR23SQ5cSMegR6uYaL2sc9sfA9ft5FodRHJsN8HwaHx-BOjEmgLIQgWeenO4&sig=Cg0ArKJSzBSPh9eNpOtjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 12 Sep 2022 21:37:33 GMT
truncated
/ Frame 3622 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48cc9f8565ce9d0bd052c69334f988a131be4ad0bf65d5ecb5341ae2f9124b9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2022090601.js
securepubads.g.doubleclick.net/gpt/ Frame 4FC8 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191315
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133157
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 08:35:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 10 Sep 2023 16:28:58 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/156319/4551/ Frame 4FC8 		199 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/156319/4551/pwt.js
Requested by
Host: yummy.consumable.com
URL: https://yummy.consumable.com/9769/cnsmbl-container-300x250-ads/widget/iframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.205 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5bc637d23f58146dbbcbfc139302e613a40025a72da4d05ebe127e3e6f93be7e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 14:57:34 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=132210
accept-ranges
bytes
content-type
application/javascript
content-length
62023
expires
Wed, 14 Sep 2022 10:21:03 GMT
action.json
yummy.consumable.com/9769/cnsmbl-container-300x250-ads/js/ Frame 4FC8 		2 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yummy.consumable.com/9769/cnsmbl-container-300x250-ads/js/action.json?ac=IMPRESSION&fp=&ts=1663018653838&tba=0&et=0&furl=&dd=0&vi=true&vd=0&sid=9d09a475-c22e-4b38-efa7-b70c7453ad6e&cb=1663018653838&hr=https%3A%2F%2Fwww.krem.com%2F&hn=www.krem.com&pl=
Requested by
Host: yummy.consumable.com
URL: https://yummy.consumable.com/9769/cnsmbl-container-300x250-ads/widget/iframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-128.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:34 GMT
via
1.1 4b6e1bc9480bffb0b8980e408fffa59e.cloudfront.net (CloudFront)
last-modified
Tue, 06 Sep 2022 12:53:02 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
"d751713988987e9331980363e24189ce"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-max-age
60
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
2
x-amz-cf-id
9ThD-OHibWzZ8clwMz6vCMiZ4pcN-SU15ejl12fwBrFzk-ZyUG4sIw==
v2
e.serverbid.com/api/ Frame 4FC8 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: yummy.consumable.com
URL: https://yummy.consumable.com/9769/cnsmbl-container-300x250-ads/widget/iframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
052eb0ac1c0a953672478588a30a10b4c9e34e68c9397a211e57e458deedf439

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
2678
sodar
pagead2.googlesyndication.com/pagead/ Frame 8359 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090701&jk=4276998265919443&rc=05AOj27MdQUdoJ0lPOyRT-ORbfNmBn6r53Yz7PuW6zQS55pP5mEu8SAFVe1wXrLgeum2F77fSA2qUnQk9ZjxlvauKsdzdvpN7sWV9vV-R_xGSP3DFueo-yb6AF_TAfa3yKHR4evoNI4xDt9Nq-T8gDoYXXreX2B1II0DAgQyyF5RthFQ
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 39A1 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 14:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Sep 2023 14:40:19 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 3622 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e5ecdc767dab401677a88743ed088fcae15b6670aa22ec28cad585cd5da876d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 20:39:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3487
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24190
x-xss-protection
0
server
cafe
etag
6142364239576130187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Sep 2022 21:39:26 GMT
csi
csi.gstatic.com/ Frame 3622 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l7zad9tu&chm=1&c=4276998265919443&ctx=2&qqid=COXr6aCbkPoCFQPOhwodmMIHGg&met.4=fb.e~lb.2o~ol.62~idt.tz~dt.-2z&met.3=739.2o~735.39_1~740.39~738.61_1~113.7s_1~112.7s_1&met.1=1.l7zad9m2~14.c~15.1~16.c~17.c~18.c~19.c~20.c~21.c~22.2z~23.2z&met.7=CCIQBBgBIA8oDzA7OCxoEHA7eKwCsAEBuAED~CBsQCiAPOBU~CCoQChgBIA8oDzBDODQ~CCIQBBgBIF4oXjCIATgqaF9whwF4rAKwAQG4AQM~CCgQChgBINsBKNsBMPEBOBZo3AFw8AF4qr8BgAH-vAGIAfD3A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:815::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4621 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_IXbm4I8uXZsubZ4WscSRcEt3JeoCjFe9NjMVKdd7NqUKMSnHmkiyhAr8pgByv5Z9yM3T7dWqyiB8TAoFGAHR_MnAT-btviaMGEwuP_e0zUxsgkWevJvaLUQy8BJ7G0EbEY4&sai=AMfl-YTNo9FdHnTmnl13R-1Nx2OtLVXpMJwsXzRiMG_a4uQLCGygMSX8HRTUStEixgOoYqwxOMaDnZabMhwBabew06czmN16Aol3Y8NKkTDJI_EnGXyw8DbYIe8mQpBt&sig=Cg0ArKJSzKhSB97X8QAxEAE&cid=CAASJeRoz5k_ae_RwcB-WNd6EhkpL1zKbZ_ZHc5eCqH4zyHNb8e1WqE&id=lidar2&mcvt=1007&p=472,1040,722,1340&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20220912&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1124529942&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663018652085&rpt=803&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 39A1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?830L2A
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
integrator.js
adservice.google.ca/adsid/ Frame 4FC8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.krem.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4FC8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.krem.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4FC8 		487 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=467673310874485&correlator=3801327904609995&eid=31068498%2C31069443%2C31067826%2C31068920&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=133810016%3A32805352%2CTEGNA%2Ctegna-9769-cnsmbl-container-300x250-ads-dr-d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=1216929539&sfv=1-0-38&fsapi=false&prev_scp=hb_format_consumable%3Dbanner%26hb_size_consumable%3D300x250%26hb_pb_consumable%3D0.11%26hb_adid_consumable%3D34c192702a8b76%26hb_bidder_consumable%3Dconsumable%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.11%26hb_adid%3D34c192702a8b76%26hb_bidder%3Dconsumable%26rfsh%3D1%26invw%3Dtrue%26rfshtime%3D17&eri=1&sc=1&cookie=ID%3D843597edcd88eea1%3AT%3D1663018651%3AS%3DALNI_MZYWZSTJysn7YFTeP3wr4tRISYe6Q&gpic=UID%3D00000969e70febff%3AT%3D1663018651%3ART%3D1663018651%3AS%3DALNI_MZBVDtQn4ayLjs9MasmKMlbyxHwpQ&abxe=1&dt=1663018654165&lmt=1663018654&dlt=1663018653715&idt=158&adxs=985&adys=1470&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=j5myd2redy0w&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=4&url=https%3A%2F%2Fwww.krem.com%2F&ref=https%3A%2F%2Fwww.krem.com%2F&top=https%3A%2F%2Fwww.krem.com%2F&frm=23&vis=1&psz=300x-1&msz=300x-1&fws=260&ohw=300&ea=0&ga_vid=1086046727.1663018650&ga_sid=1663018654&ga_hid=1498615447&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
539f38cf693c655f193195e6ef2e9ce741b4fe6db080d36ccd35e9863fdb3d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
239
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4FC8 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11d3349b2591191c58109aeaeecd79f850f2e458761a430ab6bc0fff45ff9b1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11152
x-xss-protection
0
container.html
247a278a3953c10040512acd4e2b1350.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 003A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://247a278a3953c10040512acd4e2b1350.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:34 GMT
expires
Tue, 12 Sep 2023 21:37:34 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
SPug
simage4.pubmatic.com/AdServer/ Frame AAD7 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160138&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4FC8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 21:37:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E786 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
176310
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 20:39:04 GMT
expires
Sun, 10 Sep 2023 20:39:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CD77 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9d47cf99756dc667b48425736c08335ec9de9b241b6544119aea4d76698f35b6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NiHTH9xxsBymzp6T0r-gAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-NiHTH9xxsBymzp6T0r-gAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:34 GMT
expires
Mon, 12 Sep 2022 21:37:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame E786 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 14:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Sep 2023 14:40:19 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CD77 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090601&jk=467673310874485&rc=05AOj27MdQUdoJ0lPOyRT-ORbfNmBn6r53Yz7PuW6zQS55pP5mEu8SAFVe1wXrLgeum2F77fSA2qUnQk9ZjxlvauKsdzdvpN7sWV9vV-R_xGSP3DFueo-yb6AF_TAfa3yKHR4evoNI4xDt9Nq-T8gDoYXXreX2B1II0DAgQyyF5RthFQ
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E786 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?T4aMFA
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame E7CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090701&jk=4276998265919443&bg=!UlGlURXNAAZTikH4c4o7ACkAdvg8WtnPVv2CArH3o9WW0feZ6Le-0bSrpXi0-iOc0s7M_PDiyOE_GQIAAABrUgAAAANoAQeZAxg2hcngc6hhCSCRXAXcRXwC1-KFLkhCvMEaDq6sOyNjCJC9WDoKyYvbZIVCmwWURzK0gz5sJRxjeXk0rd3rechj9FRqcqrXAqiWi3gTskTYdIfKNcAZzl27STgTM_299zIEgcG-04WPfyPmSybWpiuBwcyuIy4yRz7fxIcu-vO4sVK65DLRJztRlaVyOLP4tRuJDApq6OTa_krBLkvDjNEh8PhLA6DTk4nG4-9vimzMkaYaMMfGRKt0fYJd9FfBBBFZ5mSxvD9iTbu5v-fh2HbLPR9ro1-Z5kcKgJPfCB7xVvyCwac1d6zGccfqXVVxjEOyIGhf3qitqgWGEA-NzZSG5VdjGE3MvsRy3XhDvR7rJ_sRlz9Q81RnqDn4JkFO7k3Oin4mKwTSIpFv5ePk0X6zCMFGD4hKUSdVTmewoc832MFAhjdOfPJ8YDu17CEqjs30hIk03EtSF-MBCO7yIMQ4nao1nyft0_DxUKPTKJWKDzpPiVcmrUPATkCo8-n384Tz2ktaQ0cBv6rZlMz3MTzG48phRj8OjI9XZ3qP5nFTtqEQg1gnu18RjQvIyL5LipDo4Dfa29HlYNG3eONf_byUn4Q07KBn6eza3nnwFBnwGWi_ODQXcWbR8UOT3aNkJbCbfaaeb0KMGKDAQFqnof4CFr_1CZoTf-br10tBZQPykbyTfxG2VykGLUAODODDRICuNywijRGT0Z028InafdQIqQjBJpZZ1nIHkvAgX9Uw_llF5Q7eKbBkg3cdAZ3c6tpcLVkOg_eif5MPitgVL_b6TjeZul-RKjxRnEK5FmV1iQOynI3R9MFSCmbhwsOcsbryrsWEeRmNWrD6Ji5Y26NOeyoVcZQD6-WbeHPaeAaRnssJmZJheurcv7sb37AgEO370b1wwIWzd2-h73YC6y79JKAnBQLk7gcoRDvKo76s4nxIK72fWSfolcVZPaHlmLH0FUOl8XVMOesiLnI_yOoeAA_LlayzvoYUlyahhyNw0OrhX6-eessDNgvufMq9ue3KjP9T7B8y27e2AF2PWnbwaPQIUZluq6w
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame D7D6 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75674759&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
181de6c0732b19c40bb433dfa1cfa2a0167a8e83f2ae8a642e7111469361e39b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:34 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame BC4D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=87691658&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
106beeb3fac4077adf9c3813ab56befd99a44fa7e93f8fa4f58d105588af6ebc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1843
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame A5C8
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=1d49be3a-32e3-11ed-94f2-677f45bc236b
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=1d49be3a-32e3-11ed-94f2-677f45bc236b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Sep 2022 21:37:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 12 Sep 2022 21:37:34 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=1d49be3a-32e3-11ed-94f2-677f45bc236b
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-10
server
Cowboy
Pug
image2.pubmatic.com/AdServer/ Frame 0092
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ded8d05cbe0549d4aaea1
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ded8d05cbe0549d4aaea1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Sep 2022 21:37:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Mon, 12 Sep 2022 21:37:33 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ded8d05cbe0549d4aaea1
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame 5803
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Sep 2022 21:37:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:33 GMT
expires
Mon, 12 Sep 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1517007
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame CE0D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IEik9TknQUVu429l2S6RgZU4mbU
42 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IEik9TknQUVu429l2S6RgZU4mbU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Sep 2022 21:37:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Mon, 12 Sep 2022 21:37:34 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IEik9TknQUVu429l2S6RgZU4mbU
33141
tags.bluekai.com/site/ Frame BC4D
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=0C65799C-ADAA-4108-A890-30B257FC431D
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4332f1d165c6a3ec4434c642cb2c8bc3&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=a2c2f461-deb4-4461-8898-1773ade8bb97&icm&gdpr=0&gdpr_consent=&cver
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=d986af95a5b85d04
62 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=d986af95a5b85d04
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:35 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=d986af95a5b85d04
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame BC4D
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=0C65799C-ADAA-4108-A890-30B257FC431D&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=0C65799C-ADAA-4108-A890-30B257FC431D&addseg=10,33,39
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

date
Mon, 12 Sep 2022 21:37:34 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=0C65799C-ADAA-4108-A890-30B257FC431D&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame BC4D
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0C65799C-ADAA-4108-A890-30B257FC431D&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0C65799C-ADAA-4108-A890-30B257FC431D&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0C65799C-ADAA-4108-A890-30B257FC431D&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:34 GMT
Frontend-ID
3
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:34 GMT
Frontend-ID
15
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=0C65799C-ADAA-4108-A890-30B257FC431D&sInitiator=external&gdpr=0&gdpr_consent=
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame BC4D 		43 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=0C65799C-ADAA-4108-A890-30B257FC431D
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.146.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-146-27.ewr52.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:34 GMT
via
1.1 57a894c75d329d29ecabaa7a88eb80a4.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR52-C2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
a-CitS4ldsr30HsoIVGosHi9wka7GplG3FzVXnq6IWCT55CvSBi3-Q==
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame BC4D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6740448256026770921&gdpr=0&gdpr_consent=
42 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6740448256026770921&gdpr=0&gdpr_consent=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:34 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
9727913f-6bbd-4f58-be28-70112ea0af92
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6740448256026770921&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame BC4D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BIle6FOMVu0fjw67UIlC7QWIV70f2Qq-A493HM49
42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BIle6FOMVu0fjw67UIlC7QWIV70f2Qq-A493HM49
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:34 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BIle6FOMVu0fjw67UIlC7QWIV70f2Qq-A493HM49
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame BC4D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=
42 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:33 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame BC4D 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.70.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-70-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:34 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame BC4D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=840b9800-7fd1-40bd-a695-2bd7ac05ae93&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_db10aaf7-f2cb-45a7-8792-228a2ed7fc3e&bsw_param=840b9800-7fd1-40bd-a695-2bd7ac05ae93&expires=10
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=840b9800-7fd1-40bd-a695-2bd7ac05ae93&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=840b9800-7fd1-40bd-a695-2bd7ac05ae93&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=840b9800-7fd1-40bd-a695-2bd7ac05ae93&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 12 Sep 2022 21:37:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sn.ashx
pmp.mxptint.net/ Frame BC4D
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B331_F61CC78F_5FCF8828&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
HTTP/1.1
Server
4.78.226.233 Fort Worth, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-346005455; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:34 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-346005455; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Mon, 12 Sep 2022 21:37:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
csi
csi.gstatic.com/ Frame E7CB 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l7zad9k8&c=4276998265919443&e=31068929%2C31069465%2C31061691%2C31061693&ctx=1&met.9=1.uh~2.wy~9.0~3_1.yh~7_1.0~4_1.112~5_1.119~6_1.11n&met.3=74.x4_1~947.x5~43.x5_1~947.x6~6.x6~91.x6~947.x8~95.x6_2~77.x4_4~724.xc_1~894.xg~660.xz~808.yi~808.yi~112.zg_1~94.10s~243.10u_3~947.10x~573.10x~598.10x~113.10t_5~646.112_1~800.113~800.113~800.114~800.114~800.114~774.11m~653.11n_3~801.11q~844.11q~825.11r~801.11r~844.11r~355.11r~825.11r~647.11s~965.11s~783.11w~863.122~863.124~863.12r~863.14a~863.14k~863.14k~863.14l~863.16e~863.16f~680.16g~863.16m~863.191~863.194~863.194~863.1bb~863.1bu~863.1bu~863.1e3~863.1er~863.1f3~863.1f4~863.1gv~863.1hk~863.1hk~863.1jv~863.1ke~863.1ke~863.1mn~863.1py~863.1py~863.1s9&met.10=1_1.IN4JEAAI-MkEGICYdSgA&met.7=CBIQBxgBIAcoBzBdOFZACEgIUAhYN2AbaDpwXXjYB4ABrAWIAfw9qgEXChVPcGVuK1NhbnM6NDAwLDYwMCw4MDCwAQG4AQPAAdbHu8gK~CDsQChgBIAcoBzCFCDj9B2gJcP8HeNbiAYABquABiAGmngWwAQG4AQPAAeLN6pYJ~CBsQBiAIOEXAAbTxpogG~CBsQCiDVAjhpwAHivNy9CA~CBsQCiDFBDgUwAG6kYTvBA~CBsQCiCeBjhGwAHg88-HCQ~CBsQCiCRBzgtwAHvutGfAw~CA4QChgBIMoIKMoIMP8IODZozAhw3wh4jpIIgAHijwiIAcvwF7ABAbgBA8ABx_a94wI~CDwQDRgBIMoIKMoIMPEIOCdozAhw7Qh4sgOAAYYBiAH7AbABAbgBA8AB6NSvzQk~CCgQChgBIK4JKK4JMMUJOBdorwlwxAl4qr8BgAH-vAGIAfD3A7ABAbgBA8ABm-H6cA~CC8QBxgBIMkJKMkJMJoKOFFQyQlY8glgyglo8glwmQp4kAOAAWSIAWuwAQG4AQPAAfGR6JoJ~CC8QBxgBIMkJKMkJMJ0KOFRAywlIywlQywlY9Qlgywlo9QlwnQp4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CBsQBRgBINwJKNwJMJIKODZo7QlwkQp40BqAAaQYiAHOL7ABAbgBA8ABv-yJ2wE~CA8QDRgBINkJKNkJMLUKOFxo2glwtAp4slGAAYZPiAGstAGwAQG4AQPAAb_emusG~CCcQDRgBIK0KKK0KMNoKOC1orQpw2Qp47FmAAcBXiAGic7ABAbgBA8AB8_LLrgs~CCcQChgBINsKKNsKMIELOCbAAeLBm9oF~CBwQBhgBILIKKLIKMIMLOFBoswpwggt4rAKwAQG4AQPAAZSE4rUO~CCcQBRgBIIYLKIYLMJ8LOBjAAZmVn6AL~CBsQBRgBIIgLKIgLMLILOCrAAc_G2uIB~CBwQBhgBIJERKJERMLYROCXAAaHZ1rIJ&met.1=1.l7zad8ks~14.5~15.0~16.5~17.5~18.5~19.6~20.6~21.6~22.ag~23.ag&ec=6o.1rijrwm_6c.1lg12xw_-7pr_1_18e_46~8l.1rijrwm_3a.1lg12xw_tb_sy_74_1o~a9.8nncsn_3lj_6e_vo_1qo&qqid.1=COXr6aCbkPoCFQPOhwodmMIHGg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:815::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:35 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
x.serverbid.com/ Frame 2E2B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=6227&spui=&dpui=a6f37f0123013099a595be2217fc435a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://vid.vidoomy.com
access-control-max-age
10080
date
Mon, 12 Sep 2022 21:37:34 GMT
usersync
x.serverbid.com/ Frame F2EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=6227&spui=&dpui=a6f37f0123013099a595be2217fc435a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://vid.vidoomy.com
access-control-max-age
10080
date
Mon, 12 Sep 2022 21:37:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4FC8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090601&jk=467673310874485&bg=!4uGl4aXNAAZTikH4c4o7ACkAdvg8Wq_lDyXSXsklsUGylhfQOOwOUWt0LGLQLeMtIRQvrLN1d6S2bgIAAABOUgAAAAJoAQeZAzRBV878MT2Kbgy34Vkd6v2Qiq03qHDbpYppndLzKhboan6xFwRIer6uQwFlO9cRHBcQLD5NwXokN6c3m685vr4lkz3oC9ddpp0qaFq8BFiKoeGSnO3u4_CG-I9gpoQgnuRICQAFFm4SRZ1HpJDaz50gPkpsyO33EwHaDJGA5rUKeg_psIrfIGbfPHiFTIwtRIfKl2VWVziyje-Gzt7dGhkzvLJUfVVIypo3zB1emyAkSpLBRc1GDxcISKn3JsjmaOAPEhEMsZvEDYri3s9pLkJV8Z6hPPQU_6DRnrWg1gZzSQfgVHYBjNtPIvNhC2iB5QBW4DFd_5WK11Ggnpv6axFEHp9YDum1xFvG0NHQWt7DnvGECW7luGfEUmZpsYMgtX0MBWm0OpjRYtOiFNcP0SsHN2uT-CCSD1_CJsKOOSGepiIJhEjL69MJPU563npqNO0WA-eetzwxTeQ_h4Xw-QPTLO8FGwrs2Ih0PlxGx-bdrDYaEsvvsA3GaWkrM1UJGgmJn-aRF4maEZ3mHAJkvUdQKriaXR74SE1Rj-zWSmsDFlIPUZj2IDbkdZepPqIx_Th-8Wq_I3tFCUSnbjMhuf8e6FWGacwMFXDliF3yQw-Vuwnw9T98vnrOumw5FEGCYFbdxVsr8-9FqSJ6Nt89SKdq_DN2vnS9_S04GdnXs21q0IlVZpx-D3NPd4oQl2tLtT927jpUjibux8pNC1d9YUA961WmdbP_zzSIM07QXGaTcFYi_tFKj9QjLuX6hdXY8DmEDX96WKHPB5Xx_hs71NlIQwHNZbxLgbFy7FixWpBpkXOPiXwf7Dyh26umxWklkQGSj5-qoyFsVC_mLEKSM_hMNxUYCa9WOjQgom97ganbTGWB0jjj_mRVnrZbQ0tlJospCDvCEMEiRDj_EuE30fsWMr5Fu40Nsc7JCMqDQymzDXfG0yCiGzD4raJgVPjo4eZEpxevMx65S8lpdqzNXh--7oL1FrGai2aTAovXFHabaVtMCK9ZR7WzSQ8_T_hsHdmJYqByqG_QH5ILua8TLWWmMW-ndvMaVuBpHXTYq2S7hvCqtr9xLz927rEBvo7fQCTjuB2d
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
usersync
x.serverbid.com/ Frame B39E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=6227&spui=&dpui=a6f37f0123013099a595be2217fc435a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://vid.vidoomy.com
access-control-max-age
10080
date
Mon, 12 Sep 2022 21:37:34 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame AB89 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=8464425&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d752bd177fc892e88ed290e24b59f6fd6aacc04798d86538610b5bcfdd2c5361

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:34 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame DFB1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:a6VH6ePW1OxR7x5&gdpr=0&gdpr_consent=
42 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:a6VH6ePW1OxR7x5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Sep 2022 21:37:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 12 Sep 2022 21:37:34 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:a6VH6ePW1OxR7x5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0bda0781e5b899a6e@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame B038
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=692474668868
42 B
190 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=692474668868
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Sep 2022 21:37:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=692474668868
Pug
simage2.pubmatic.com/AdServer/ Frame 2277
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=2238415957
  • https://sync.1rx.io/usersync3/centro/1508/06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341?zcc=0&sspret=1&rndcb=2238415957
  • https://sync.targeting.unrulymedia.com/csync/RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005
42 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Sep 2022 21:37:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Mon, 12 Sep 2022 21:37:35 GMT
ETag
RXaa4e4e25838b4a7bb968928038c26e99005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Transfer-Encoding
chunked
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame D081
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=f85aa32f-15ad-48ee-967f-eeda0b87f821&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=0C65799C-ADAA-4108-A890-30B257FC431D
42 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=0C65799C-ADAA-4108-A890-30B257FC431D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.131.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-131-238.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Mon, 12 Sep 2022 21:37:35 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 12 Sep 2022 21:37:33 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=0C65799C-ADAA-4108-A890-30B257FC431D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
i.match
a.tribalfusion.com/ Frame 6D8B 		43 B
658 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
749bc903ef6f713c-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 12 Sep 2022 21:37:35 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
simage2.pubmatic.com/AdServer/ Frame DCE5
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 12 Sep 2022 21:37:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
749bc903eb454bcb-YUL
content-length
0
date
Mon, 12 Sep 2022 21:37:35 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
cloudflare
Pug
simage2.pubmatic.com/AdServer/ Frame CCE9
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7163050551832802892&uid=Q716305055183280...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7163050551832802892
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7163050551832802892
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Sep 2022 21:37:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=27936
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Mon, 12 Sep 2022 21:37:35 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7163050551832802892
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame DEEC
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
54 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Mon, 12 Sep 2022 21:37:35 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12831-YUL
x-timer
S1663018655.359783,VS0,VE19

Redirect headers

accept-ranges
bytes
content-length
0
date
Mon, 12 Sep 2022 21:37:35 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12831-YUL
x-timer
S1663018655.326407,VS0,VE19
x-vcl-time-ms
19
Pug
image2.pubmatic.com/AdServer/ Frame 14C3
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=VCRczv1jBNucJV6jn6YfYw
42 B
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=VCRczv1jBNucJV6jn6YfYw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Sep 2022 21:37:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Mon, 12 Sep 2022 21:37:35 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=VCRczv1jBNucJV6jn6YfYw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
pub
matching.truffle.bid/sync/ Frame 4122 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 12 Sep 2022 21:37:35 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame B4A9 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 12 Sep 2022 21:37:35 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-3f2c4f18d354@version_1.525v2
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 9FD6
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=Iuo35QDap
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=Iuo35QDap
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Sep 2022 21:37:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
content-type
text/html; charset=utf-8
date
Mon, 12 Sep 2022 21:37:35 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=Iuo35QDap
vary
Origin
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 12A2
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=b757b3fd-5c48-4f82-8ee8-ea2d7cbe9229
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=b757b3fd-5c48-4f82-8ee8-ea2d7cbe9229
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 12 Sep 2022 21:37:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 12 Sep 2022 21:37:35 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=b757b3fd-5c48-4f82-8ee8-ea2d7cbe9229
strict-transport-security
max-age=15724800; includeSubDomains
epx
um.simpli.fi/ Frame 5777
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://um.simpli.fi/epx
43 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um.simpli.fi/epx
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.60.66.35 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
23.42.3ca9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
content-type
image/gif
date
Mon, 12 Sep 2022 21:37:35 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
pragma
no-cache

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 12 Sep 2022 21:37:35 GMT
expires
Sun, 11 Sep 2022 21:37:35 GMT
location
https://um.simpli.fi/epx
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 7F14
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0F544501480B4ED1A98BD63E61B44B8D
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0F544501480B4ED1A98BD63E61B44B8D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 12 Sep 2022 21:37:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 12 Sep 2022 21:37:35 GMT
expires
Sun, 11 Sep 2022 21:37:35 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0F544501480B4ED1A98BD63E61B44B8D
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
usersync
x.serverbid.com/ Frame 8E02 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=0C65799C-ADAA-4108-A890-30B257FC431D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Mon, 12 Sep 2022 21:37:34 GMT
/
io.narrative.io/ Frame AB89
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:0C65799C-ADAA-4108-A890-30B257FC431D
  • https://io.narrative.io/?io.narrative.guid.v2=1d9ce560-32e3-11ed-90ee-126ccf625bfb&companyId=673&id=pubmatic_id:0C65799C-ADAA-4108-A890-30B257FC431D
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=1d9ce560-32e3-11ed-90ee-126ccf625bfb&companyId=673&id=pubmatic_id:0C65799C-ADAA-4108-A890-30B257FC431D
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
HTTP/1.1
Server
35.171.38.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-38-224.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:35 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=1d9ce560-32e3-11ed-90ee-126ccf625bfb&companyId=673&id=pubmatic_id:0C65799C-ADAA-4108-A890-30B257FC431D
Date
Mon, 12 Sep 2022 21:37:35 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame AB89 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0C65799C-ADAA-4108-A890-30B257FC431D&gdpr=0&gdpr_consent=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.231.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-231-13.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:35 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.12.45
content-type
image/gif
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame AB89
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0C65799C-ADAA-4108-A890-30B257FC431D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1ae18a8f-69ba-4fa5-9048-7e4f69043c66%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2c2f461-deb4-4461-8898-1773ade8bb97&ttd_puid=1ae18a8f-69ba-4fa5-9048-7e4f69043c66%2C
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2c2f461-deb4-4461-8898-1773ade8bb97&ttd_puid=1ae18a8f-69ba-4fa5-9048-7e4f69043c66%2C
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:35 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2c2f461-deb4-4461-8898-1773ade8bb97&ttd_puid=1ae18a8f-69ba-4fa5-9048-7e4f69043c66%2C
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
353
Pug
simage2.pubmatic.com/AdServer/ Frame AB89
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8514218752795873796
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8514218752795873796
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:35 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8514218752795873796
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame AB89
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6740448256026770921
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6740448256026770921
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:35 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
20fd44c7-2d73-453b-8489-2f0082be20b7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6740448256026770921
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AB89
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:071774bb-d327-4273-a3dd-56debf77e4fe&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:071774bb-d327-4273-a3dd-56debf77e4fe&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:071774bb-d327-4273-a3dd-56debf77e4fe&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 12 Sep 2022 21:37:35 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
d1ba4609
rtb.gumgum.com/getuid/ Frame AB89 		35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.73.10 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-73-10.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:35 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 0C8B 		47 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=22400501&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
47
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame C180 		47 B
101 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=8008586&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
47
content-type
text/html; charset=UTF-8
usersync
x.serverbid.com/ Frame DD99 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=0C65799C-ADAA-4108-A890-30B257FC431D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Mon, 12 Sep 2022 21:37:34 GMT
usersync
x.serverbid.com/ Frame 985D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=0C65799C-ADAA-4108-A890-30B257FC431D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Mon, 12 Sep 2022 21:37:34 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.krem.com%2F&domain=www.krem.com&bundle=zCh4B19WMVRLcVBmTDAlMkJxQUNyRzVzNCUyQlM4eGFYeE5hVEFaQlh3JTJCbFYxWnFiZzBkUWg0U3hLNXZOQjRRS3NuY2RReVZ6SHZrREJ0SSUyRiUyRlFlUEVyUlIyUG5PbjQ1ek5pRHZsciUyQk1JbmVoYUJaczBUR3VaVnduOVRUSGFUT3NQOFBJUHZBZ0dEakNsaWNQbUt6aXJ6biUyQnIzaTc4dyUzRCUzRA&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.krem.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 12 Sep 2022 21:37:34 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
666543
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame E7CB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.krem.com%2F&domain=www.krem.com&bundle=zCh4B19WMVRLcVBmTDAlMkJxQUNyRzVzNCUyQlM4eGFYeE5hVEFaQlh3JTJCbFYxWnFiZzBkUWg0U3hLNXZOQjR...
  • https://mug.criteo.com/sid?cpp=fjoKI3w4VnE0RTRNejJtbEQ0R3o1OC9sRi9jdzNSRU1Md2hzbWVsdmlpOU5tSzdQTHhEVHMyM0haSkp3RnY2THFOdGxKemJDdDNtcFFOTFlMOVNkWW05R3hTbG9HMmFQQ3p6U0kreWZabFE3Sit2d1VlYjU4c1FXMmwwVD...
425 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=fjoKI3w4VnE0RTRNejJtbEQ0R3o1OC9sRi9jdzNSRU1Md2hzbWVsdmlpOU5tSzdQTHhEVHMyM0haSkp3RnY2THFOdGxKemJDdDNtcFFOTFlMOVNkWW05R3hTbG9HMmFQQ3p6U0kreWZabFE3Sit2d1VlYjU4c1FXMmwwVDdXVDRmdkRuaFl3WWxGLy83SmNDamNFVzR5OGhlZm8wdUdzRktjdit1OUpWcjlBQWN1ejZOSEg4QjdrcjNXOG9xL0syVC9zcXltZE1sVVZUamYzRDNReldhdldhaHVYRTE3bTI3a1hpTGJaQTNLM0lONjA0V3VWeG1TTGVaS2lyYUt1bVpxQ245a2JsR3A0ekthRmcvdk9zMERUVTdlVGJOZzBzWXNQcHVjZ0diOC9pa1dYWT18&cppv=2
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
20cbf3399bf25d45cfa18b3b3eeb4c4999772145926cbf9f462713327f619d76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:34 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
902949
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:35 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=fjoKI3w4VnE0RTRNejJtbEQ0R3o1OC9sRi9jdzNSRU1Md2hzbWVsdmlpOU5tSzdQTHhEVHMyM0haSkp3RnY2THFOdGxKemJDdDNtcFFOTFlMOVNkWW05R3hTbG9HMmFQQ3p6U0kreWZabFE3Sit2d1VlYjU4c1FXMmwwVDdXVDRmdkRuaFl3WWxGLy83SmNDamNFVzR5OGhlZm8wdUdzRktjdit1OUpWcjlBQWN1ejZOSEg4QjdrcjNXOG9xL0syVC9zcXltZE1sVVZUamYzRDNReldhdldhaHVYRTE3bTI3a1hpTGJaQTNLM0lONjA0V3VWeG1TTGVaS2lyYUt1bVpxQ245a2JsR3A0ekthRmcvdk9zMERUVTdlVGJOZzBzWXNQcHVjZ0diOC9pa1dYWT18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
633686
content-length
0
expires
0
id
id.crwdcntrl.net/ Frame E7CB 		154 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156319/4551/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.231.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-231-13.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
4063ae133c3836b3ba43779dc6b030a3e44c0e7396b7435bd102947218745ef7

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:35 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.krem.com
cache-control
no-cache
x-server
10.40.45.175
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=fjoKI3w4VnE0RTRNejJtbEQ0R3o1OC9sRi9jdzNSRU1Md2hzbWVsdmlpOU5tSzdQTHhEVHMyM0haSkp3RnY2THFOdGxKemJDdDNtcFFOTFlMOVNkWW05R3hTbG9HMmFQQ3p6U0kreWZabFE3Sit2d1VlYjU4c1FXMmwwVDdXVDRmdkRuaFl3WWxGLy83SmNDamNFVzR5OGhlZm8wdUdzRktjdit1OUpWcjlBQWN1ejZOSEg4QjdrcjNXOG9xL0syVC9zcXltZE1sVVZUamYzRDNReldhdldhaHVYRTE3bTI3a1hpTGJaQTNLM0lONjA0V3VWeG1TTGVaS2lyYUt1bVpxQ245a2JsR3A0ekthRmcvdk9zMERUVTdlVGJOZzBzWXNQcHVjZ0diOC9pa1dYWT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 12 Sep 2022 21:37:35 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
287290
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 6268 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID0C65799C-ADAA-4108-A890-30B257FC431D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 12 Sep 2022 21:37:35 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
TTC4KX4VBHCGMTWVGHKA
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.krem.com%2F&domain=www.krem.com&bundle=zCh4B19WMVRLcVBmTDAlMkJxQUNyRzVzNCUyQlM4eGFYeE5hVEFaQlh3JTJCbFYxWnFiZzBkUWg0U3hLNXZOQjRRS3NuY2RReVZ6SHZrREJ0SSUyRiUyRlFlUEVyUlIyUG5PbjQ1ek5pRHZsciUyQk1JbmVoYUJaczBUR3VaVnduOVRUSGFUT3NQOFBJUHZBZ0dEakNsaWNQbUt6aXJ6biUyQnIzaTc4dyUzRCUzRA&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.krem.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 12 Sep 2022 21:37:35 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
332836
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 4FC8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.krem.com%2F&domain=www.krem.com&bundle=zCh4B19WMVRLcVBmTDAlMkJxQUNyRzVzNCUyQlM4eGFYeE5hVEFaQlh3JTJCbFYxWnFiZzBkUWg0U3hLNXZOQjR...
  • https://mug.criteo.com/sid?cpp=3L8BCnxsRndPMDdGNGZzL0ZFQjNsZEZBTTlZUTdWUERRNWFmWkozY21ZVDhMWXNjVXNER1V1TkRDSllEaEpRQmJtKythaTI3WFNsK2kvTi8rWDQ4L1Frb1hOVGdlR2JxdjJ2bGhkckl3SG1UOEM4eDVwWnN3RXc5cjlxdG...
427 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3L8BCnxsRndPMDdGNGZzL0ZFQjNsZEZBTTlZUTdWUERRNWFmWkozY21ZVDhMWXNjVXNER1V1TkRDSllEaEpRQmJtKythaTI3WFNsK2kvTi8rWDQ4L1Frb1hOVGdlR2JxdjJ2bGhkckl3SG1UOEM4eDVwWnN3RXc5cjlxdGc4NWdRRkdGbWtZVHNodkZvU2xSVVU1eTFSZW1DZnI3ZmVEUFV2ckxiV1h0eUlRbnJhRmZML1V4YlNoNi9lUjBjeERUSmN0QzNnT3hGNmNvWDRhYTVPdGsrYUo2TzRSWk9DZXBmNVVXUjIvZlJaMWhCYkt2ajdsemVsa01zQXVzSDVSRXVqU05qU01xdFE5ZFFzVmQzaU9LanVYOUFDZGd6NjlaNHAyMitXa1FESjJ2bjNtOD18&cppv=2
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ac6001a1c69c19b366fafa0a8112e1f76323a0e354abb3f27a4e0dd32538a90c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:35 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1501647
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:35 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=3L8BCnxsRndPMDdGNGZzL0ZFQjNsZEZBTTlZUTdWUERRNWFmWkozY21ZVDhMWXNjVXNER1V1TkRDSllEaEpRQmJtKythaTI3WFNsK2kvTi8rWDQ4L1Frb1hOVGdlR2JxdjJ2bGhkckl3SG1UOEM4eDVwWnN3RXc5cjlxdGc4NWdRRkdGbWtZVHNodkZvU2xSVVU1eTFSZW1DZnI3ZmVEUFV2ckxiV1h0eUlRbnJhRmZML1V4YlNoNi9lUjBjeERUSmN0QzNnT3hGNmNvWDRhYTVPdGsrYUo2TzRSWk9DZXBmNVVXUjIvZlJaMWhCYkt2ajdsemVsa01zQXVzSDVSRXVqU05qU01xdFE5ZFFzVmQzaU9LanVYOUFDZGd6NjlaNHAyMitXa1FESjJ2bjNtOD18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
454134
content-length
0
expires
0
id
id.crwdcntrl.net/ Frame 4FC8 		154 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156319/4551/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.231.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-231-13.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
f8e04afdc2f6ee5ac15f842be5d59fb6d5f02091080f250c764023df488b5d14

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:35 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.krem.com
cache-control
no-cache
x-server
10.40.7.94
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3L8BCnxsRndPMDdGNGZzL0ZFQjNsZEZBTTlZUTdWUERRNWFmWkozY21ZVDhMWXNjVXNER1V1TkRDSllEaEpRQmJtKythaTI3WFNsK2kvTi8rWDQ4L1Frb1hOVGdlR2JxdjJ2bGhkckl3SG1UOEM4eDVwWnN3RXc5cjlxdGc4NWdRRkdGbWtZVHNodkZvU2xSVVU1eTFSZW1DZnI3ZmVEUFV2ckxiV1h0eUlRbnJhRmZML1V4YlNoNi9lUjBjeERUSmN0QzNnT3hGNmNvWDRhYTVPdGsrYUo2TzRSWk9DZXBmNVVXUjIvZlJaMWhCYkt2ajdsemVsa01zQXVzSDVSRXVqU05qU01xdFE5ZFFzVmQzaU9LanVYOUFDZGd6NjlaNHAyMitXa1FESjJ2bjNtOD18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 12 Sep 2022 21:37:35 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
400225
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame C3CA 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=0C65799C-ADAA-4108-A890-30B257FC431D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 12 Sep 2022 21:37:36 GMT
Expires
0
Pragma
no-cache
2.m3u8
livevideo.tegnadigital.com/krem/v1/manifest/f9c1bf9ffd6ac86b6173a7c169ff6e3f4efbd693/KREM/60864e9e-a147-4319-ba2d-8880ed2cbf20/ 		2 KB
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo.tegnadigital.com/krem/v1/manifest/f9c1bf9ffd6ac86b6173a7c169ff6e3f4efbd693/KREM/60864e9e-a147-4319-ba2d-8880ed2cbf20/2.m3u8
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.178 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
49646ba4037f0789a2229fa3bfda2c5dcc8f2d1a9844bcab2acfbac30fa3c766

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amzn-RequestId
d3d2fd71-01df-4604-90c4-6c495ae17500
Connection
keep-alive
Content-Length
303
Pragma
no-cache
Akamai-Mon-Iucid-Del
926974
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Mon, 12 Sep 2022 21:37:36 GMT
live-31_01375.ts
livevideo01.krem.com/hls/live/2017156/elvs/20220808T103539/live-3/00256/ 		496 KB
497 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo01.krem.com/hls/live/2017156/elvs/20220808T103539/live-3/00256/live-31_01375.ts
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.166.107 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-166-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
25c5394beb45020f49ad44bc5155d759849739bf10197ef0375082e59cf1abd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:36 GMT
Akamai-Path-Timestamp
i=1663018651.785;xi=1663018651.800;xo=1663018654.249;s=1663018654.311;
Akamai-Mon-Iucid-Ing
2017156
Connection
keep-alive
X-Akamai-Live-Origin-QoS
d=7000;t=1663018651.787
Content-Length
508352
Pragma
no-cache
Akamai-Mon-Iucid-Del
283193
Last-Modified
Mon, 12 Sep 2022 21:37:31 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535977
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Tue, 12 Sep 2023 21:37:13 GMT
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/32_2_3/infra/ 		825 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_2_3/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
74c35f65412520f76d71f258c7d7fec748ba5b83707a5b58925cce8bdaf410ca

Request headers

Referer
https://www.krem.com/
Origin
https://www.krem.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:36 GMT
via
1.1 varnish
age
570321
x-amz-meta-mtime
1662448202
x-cache
HIT
x-amz-meta-ctime
1662448202
x-amz-meta-mode
33188
content-encoding
br
content-length
141089
x-amz-id-2
kTIVfC1WNUQ5//iSucmFBG1WLlH5L+vZuAaBtQUlzvHPjHQ6U9avvQWQu7krYD4carh8uIhA1sk=
x-served-by
cache-yul12832-YUL
accept-ranges
bytes
last-modified
Tue, 06 Sep 2022 07:10:03 GMT
server
AmazonS3-br
x-timer
S1663018657.544861,VS0,VE0
etag
"98e17939db0de6131abcf52f52ca0309"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
A98E7AFRDXAX9TB3
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
54847
cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_2_3/assets/css/ 		63 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_2_3/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:36 GMT
via
1.1 varnish
age
570321
x-amz-meta-mtime
1662448220
x-cache
HIT
x-amz-meta-ctime
1662448220
x-amz-meta-mode
33188
content-encoding
br
content-length
8297
x-amz-id-2
vv4sBJi/qI4BADAYROHnjz7cNKd2dbOXAefPLbX/KugHBUHrMl2OVB3VK1ucUAt85nx3Ytfz41E=
x-served-by
cache-yul12831-YUL
accept-ranges
bytes
last-modified
Tue, 06 Sep 2022 07:10:21 GMT
server
AmazonS3-br
x-timer
S1663018657.518698,VS0,VE0
etag
"a28320a69408adba1f01f56d6eb80708"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
A98EGCQ1QS8QJFXV
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
583030
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v14.8.0/ 		427 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.0/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_2_3/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
353a4268a37810e1a3b66ebdbeefc3cb7f658794a00fbfa1c9928dc8c8405837

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:36 GMT
via
1.1 varnish
age
570508
x-amz-meta-mtime
1662448084
x-cache
HIT
x-amz-meta-ctime
1662448097
x-amz-meta-mode
33188
content-encoding
br
content-length
86924
x-amz-id-2
ZuiNbH4ruYMDS9m2PzEaB/5b7T/SnlzyXpZpaJnnG7KM0qG6apDYzOUZyD/1jzxNugSLNtdrPdk=
x-served-by
cache-yul12831-YUL
accept-ranges
bytes
last-modified
Tue, 06 Sep 2022 07:08:18 GMT
server
AmazonS3-br
x-timer
S1663018657.719001,VS0,VE0
etag
"c2a8868b0771ea96f81cfb8bedfb1704"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
V8MAHEDWF5Z8SKRY
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
539620
sync
us-match.taboola.com/ Frame BACD 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V7oqoCFgNbSF7ciR5n2gRbSF7ciR5n2gUAAAAGBvQHJOUbDic2k3Ot3Gw2a9FuOHMLV7vNWrkaLjajhW1iXI6MQFK-4XBiMznXys1msxbthjO3cLXbrJWr4WIzWtgmxuXICiPGcpkMaoGEZfb7DmqG027Q8M2ut90gKrreFrvDafa8oQJNp8Pnutfrfr-71vJy2zV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAJhsC0SEHQvvtpsvLYfYHAAAAAAgAAAAACYAA4GQJgAdZ6cn_________f8wAfeaNzP____-NQg_Agw_AgxAAAMDFEAAG4Vev66Y-EYFiESMAAACASpzM2qNJnVBZVP3___dbAVwBAAQMzoguM2XpDkq8hQEAAACMLdDD4vebHXaN3-2y_________3-z_7N_NCEbAIA04UkUe7VfQACAtV9AAAC2cQMAeAuACzqCVgwGqyOI3XI4OwAAAIC7____fz0Qm5hsI8_MNxq5TLOFbWXbmDYT58xmGlk2zo1tuD3eAqcLrdUh2b4SYZn9voOa4bQbNHyz6203iIqut8XucJo9B_FBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0v4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYoWDSar0WiymAxXo8lqtlzsdhukaNVqNtoMhqvZZLbbrYaD4XI0wglbjFaTyWY5nC0Xk8FwNByNhggzw8VoNvEs3CrjaOIWrSyDtXI5WrkVo8Vy47KZLDbfYi16fUwPx3KycSy8KBhQsRfJ0yKdKDa-1XAzGiw2Nstk5plMZhvXxDib2RwL32aw2kzEEs3JIp3ILvvaxGQbeWa-0chlmi1sK9vGtJk4ZzbTyLJxbmzDfWe4GM0mnoVbZRxN3KKVZbBWLkcrt2K0WG5cNpPF5lusRa-P6eFYTjaOhb8xm20Gi-FsNdg3ZrPNYDGcrQb7DpPpmfqcjcbD9-8xubymazJ9cxgULoPFu1KdVtqC5KDNXkVOl2amLOqMyud35DUoPAeP6jOsKZ7PcC0knk2-B6Milggu0ono5bM73FrLy20RS5Smi3SiL_rdLsPD5_JXxBLB6SKdCP1ul0X9R4cYLeeq2Vyx2swVw8UqAQAAAAAAAAAsYcq8CQAAAMBpELPNcrhb50Esl4vhaLVcgAfrFN2fcnsWpeze3N1cD8kauCsq5eLGjxXo5bM73FrLy21lgAdrBebNnwlirVbLGgAAQAAbAABAgFs3b4HoUPz___9_HAAAgIwcPQAAAP0-EFUD3Oi1Qg__QKsGAw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_2_3/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
bb5334349c484ba60ba5a100be2c130f2c098ecf712e341074f908ff80a0d123

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 12 Sep 2022 21:37:36 GMT
machineid
3107
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.krem.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 12 Sep 2022 21:37:36 GMT
via
1.1 6e873fe6803a6da3d6232f8bb9104e9e.cloudfront.net (CloudFront), 1.1 varnish
age
2041808
x-amz-meta-mtime
1497790207
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-yul12831-YUL
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1663018657.764239,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
YUL62-C2
accept-ranges
bytes
content-type
video/mp4
access-control-allow-headers
*
x-amz-cf-id
0Wwp0qQPTOe4z1VTy46V7usYwzVot9xEt7H5eXIsV8sUReRowYzRVA==
x-cache-hits
924624
SPug
simage4.pubmatic.com/AdServer/ Frame D7D6 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160138&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame BC4D 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160138&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160138&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
2000210.html
sync.serverbid.com/ss/ Frame 833C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2000210.html
Requested by
Host: yummy.consumable.com
URL: https://yummy.consumable.com/9769/cnsmbl-container-300x250-ads/widget/iframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-99.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dfbebe61b59d122f656a1e968a56f023bae266057f6138950214a971dd9ae620

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
53575
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 06:44:43 GMT
etag
W/"e0a2ffda3ba4c2e59fae557b277a7f63"
last-modified
Sun, 11 Sep 2022 17:21:41 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
x-amz-cf-id
9a_q59-tj8CWH0FYWY1v_JX_-6Bc-LX0e04UxJYSWEeRV5lumo_e8w==
x-amz-cf-pop
EWR53-P1
x-cache
Hit from cloudfront
pubcid.min.js
sync.serverbid.com/id/ Frame 833C 		58 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/id/pubcid.min.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-99.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77255410684dbbba858c6fabae907a3e8ab1b2a85e43a0ca144fd723d1400327

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/ss/2000210.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 13:37:30 GMT
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
last-modified
Tue, 17 May 2022 13:13:32 GMT
server
AmazonS3
age
28808
etag
"6347b683934f37cb70a4ee686f0c036a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
59798
x-amz-cf-id
1kht6Oxr9a0mi7H3KbhOJucuwP3G_URIGHxeCJ207BmivC8zNhFsCg==
usersync
x.serverbid.com/ Frame 833C
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F181%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc334e879-c81b-40a9-83e7-1a00900a...
  • https://prebid.a-mo.net/cchain/0/181?gdpr=&gdpr_consent=&us_privacy=&A=c334e879-c81b-40a9-83e7-1a00900a3b88&bidder=sovrn&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNu...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F181%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc334e879-c81b-40a9-83e7-1a00900a3b88%2...
  • https://prebid.a-mo.net/cchain/1/181?gdpr=&gdpr_consent=&us_privacy=&A=c334e879-c81b-40a9-83e7-1a00900a3b88&bidder=pubmatic&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJ...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F181%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc334e879-c81b-40a9-83e7-1a00900a3b88%26bidder%3Dappnexus%26cbx%3DaHR0c...
  • https://prebid.a-mo.net/cchain/3/181?gdpr=&gdpr_consent=&us_privacy=&A=c334e879-c81b-40a9-83e7-1a00900a3b88&bidder=appnexus&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJ...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F181%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dc334e879-...
  • https://prebid.a-mo.net/cchain/5/181?gdpr=&gdpr_consent=&us_privacy=&A=c334e879-c81b-40a9-83e7-1a00900a3b88&bidder=index_rtb&cbx=aHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0w...
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=c334e879-c81b-40a9-83e7-1a00900a3b88&gdpr=&gdpr_consent=&us_privacy=
35 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=c334e879-c81b-40a9-83e7-1a00900a3b88&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:37 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=c334e879-c81b-40a9-83e7-1a00900a3b88&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 12 Sep 2022 21:37:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usersync
x.serverbid.com/ Frame 833C
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FTkxeLZHR3PtEe5nScqbdRwo
35 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FTkxeLZHR3PtEe5nScqbdRwo
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:36 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Mon, 12 Sep 2022 21:37:37 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FTkxeLZHR3PtEe5nScqbdRwo
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usersync
x.serverbid.com/ Frame 833C
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=6740448256026770921brt53451663018651931712bd
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=6740448256026770921brt53451663018651931712bd
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:36 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=9&spui=&dpui=6740448256026770921brt53451663018651931712bd
date
Mon, 12 Sep 2022 21:37:36 GMT
content-length
0
content-type
text/html
i.gif
e.serverbid.com/udb/9969/sync/ Frame 833C
Redirect Chain
  • https://p.rfihub.com/cm?pub=42786&in=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=978477409158715723
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=978477409158715723
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:36 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=978477409158715723
Date
Mon, 12 Sep 2022 21:37:37 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
x.serverbid.com/ Frame 833C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yx.mm01KsayL.r.TyKhWBAAA%262923
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yx.mm01KsayL.r.TyKhWBAAA%262923
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:36 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dN83W5wIibEf%2B%2F%2Bi8PWmYIKHCLbPSObtIaPQonBUPIdQOroxSifdIaiphmvPs%2F2IPtd8eoKE0Iz2dpqKDeNDXfl3D2b2jwVhLOmjetrohr6Y6%2F2nfwqTkwjqkABCwoez01yvKHHU06LFw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Yx.mm01KsayL.r.TyKhWBAAA%262923
cache-control
no-cache
cf-ray
749bc90f8ed2cab4-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
usersync
x.serverbid.com/ Frame 833C
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=5382a571-0a97-4a06-8f36-7cc48eea876f
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=5382a571-0a97-4a06-8f36-7cc48eea876f
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:36 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:36 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5531&spui=&dpui=5382a571-0a97-4a06-8f36-7cc48eea876f
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
gvo2qi56iprii4q2ro2p51qeavge7jca
usersync
x.serverbid.com/ Frame 833C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6740448256026770921
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6740448256026770921
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:36 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:37 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
7e939fe4-c289-47ab-88b4-7cfdbe6e43eb
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6740448256026770921
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
x.serverbid.com/ Frame 833C
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=5c63b8fc-35f1-4969-a16b-e4efe07de565
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=5c63b8fc-35f1-4969-a16b-e4efe07de565
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:36 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:37 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-12
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=5c63b8fc-35f1-4969-a16b-e4efe07de565
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 833C
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:36 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
date
Mon, 12 Sep 2022 21:37:37 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 91B4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.168.205 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-168-205.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=40299
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Sep 2022 21:37:37 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 13 Sep 2022 08:49:16 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
sync
vid.vidoomy.com/ Frame 76F1 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Mon, 12 Sep 2022 21:37:37 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
HIT
x-77-nzt
AZySJBacH4b/n00NAA
x-77-nzt-ray
tWgW082/WMc
x-77-pop
newyorkUSNY
x-accel-expires
@1663183618
x-age
871839
x-cache
HIT
rid
match.adsrvr.org/track/ Frame 833C 		109 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
423576d0784c7f72dc8ee510894066a067b3c05f7c61040e39f4a6d81a83b966

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:37 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 12 Oct 2022 21:37:37 GMT
usersync
x.serverbid.com/ Frame 833C
Redirect Chain
  • https://sync.colossusssp.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=6ace4f04-dc3d-4653-8c3d-6ef7c5dceeaf
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=6ace4f04-dc3d-4653-8c3d-6ef7c5dceeaf
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:36 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:37 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=6ace4f04-dc3d-4653-8c3d-6ef7c5dceeaf
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
0
usersync
x.serverbid.com/ Frame 833C
Redirect Chain
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=2362538231446745451
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=2362538231446745451
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:36 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=2362538231446745451
date
Mon, 12 Sep 2022 21:37:36 GMT
content-length
0
usersync
x.serverbid.com/ Frame 833C 		35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=22&dpui=939bee39-5c52-4625-b1ce-b6b9c37f0000
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:36 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
usersync
x.serverbid.com/ Frame 833C 		35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=5573&dpui=33c6de2e-0f72-4e1f-ac93-2a6332dc0eea
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:36 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
usersync
x.serverbid.com/ Frame 47AF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=0C65799C-ADAA-4108-A890-30B257FC431D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Mon, 12 Sep 2022 21:37:36 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame AB89 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156319&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bid
c.amazon-adsystem.com/e/dtb/ 		136 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.krem.com%2F&pid=DY9fHcKPMJx5X&cb=5&ws=1600x1200&v=22.8.252032&t=1000&slots=%5B%7B%22sd%22%3A%22front_mid1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F32805352%2Fwa-spokane-KREM-B3354_DesktopTablet%2Ffront_mid1%2Fhome%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*LcQdgUxELN9N8tSqHLD_1WUWiBHl01q65lQo9qoP3hkiwM9YRJr9cWHTNYi46rs4%22%2C%22lotame%22%3A%22afad73d82eb9e17e5570a6e38f5a16d5393898b17612b8b68700dd793c54f5c1%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-93.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
4f7403a4d0c2a281f85c7aa0fb9012f596bdede4e5ce5bf8376534d61c474520
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:39 GMT
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
EAQCYKQYXWPA3BAXW39H
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
136
x-amz-cf-id
gS2negOSLbDmmbb5kT374VDPJtavgAkmt1Ogf9f5hH0RzMLta-g4EA==
targeting
tegna.profiles.tagger.opecloud.com/v1/ 		98 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tegna.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.krem.com%2F&fpid=ae8e460c-8bff-4416-9d55-a67bfab48a7b
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.221.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-221-162.eu-central-1.compute.amazonaws.com
Software
akka-http/10.2.4 /
Resource Hash
922f2e6a9addce02f48cd495377a00419a47e684e37f82e43368a12eb79fc146

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.4
cache-control
no-cache
content-type
application/json
bid
c.amazon-adsystem.com/e/dtb/ 		136 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.krem.com%2F&pid=DY9fHcKPMJx5X&cb=6&ws=1600x1200&v=22.8.252032&t=1000&slots=%5B%7B%22sd%22%3A%22front_mid2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F32805352%2Fwa-spokane-KREM-B3354_DesktopTablet%2Ffront_mid2%2Fhome%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*LcQdgUxELN9N8tSqHLD_1WUWiBHl01q65lQo9qoP3hkiwM9YRJr9cWHTNYi46rs4%22%2C%22lotame%22%3A%22afad73d82eb9e17e5570a6e38f5a16d5393898b17612b8b68700dd793c54f5c1%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-93.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
61177542a4e6fb6521d201aa8a0fb695e642ad3d42422f69555d9af2567e0bfb
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
VVG0M09F9EDC1MYWH3W9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
136
x-amz-cf-id
IH2URJbJeA70IqVVc5fbbXMXK3C4X5Mzm4pQKOdtlgGkpSisVIei4A==
targeting
tegna.profiles.tagger.opecloud.com/v1/ 		98 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tegna.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.krem.com%2F&fpid=ae8e460c-8bff-4416-9d55-a67bfab48a7b
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.221.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-221-162.eu-central-1.compute.amazonaws.com
Software
akka-http/10.2.4 /
Resource Hash
922f2e6a9addce02f48cd495377a00419a47e684e37f82e43368a12eb79fc146

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.4
cache-control
no-cache
content-type
application/json
bid
c.amazon-adsystem.com/e/dtb/ 		136 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.krem.com%2F&pid=DY9fHcKPMJx5X&cb=7&ws=1600x1200&v=22.8.252032&t=1000&slots=%5B%7B%22sd%22%3A%22front_mid3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F32805352%2Fwa-spokane-KREM-B3354_DesktopTablet%2Ffront_mid3%2Fhome%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*LcQdgUxELN9N8tSqHLD_1WUWiBHl01q65lQo9qoP3hkiwM9YRJr9cWHTNYi46rs4%22%2C%22lotame%22%3A%22afad73d82eb9e17e5570a6e38f5a16d5393898b17612b8b68700dd793c54f5c1%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-93.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
a95965df410eb11b32a1a91c238b42336e83905c4faf7223ca321f3e78de6716
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
MD8E54KCK9KJH98205R2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
136
x-amz-cf-id
RwU8fGZXfeVSTYL3fx8YzrdE1yXsrE6T_YAH00DEre_YkCfngfLoUg==
targeting
tegna.profiles.tagger.opecloud.com/v1/ 		98 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tegna.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.krem.com%2F&fpid=ae8e460c-8bff-4416-9d55-a67bfab48a7b
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.221.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-221-162.eu-central-1.compute.amazonaws.com
Software
akka-http/10.2.4 /
Resource Hash
922f2e6a9addce02f48cd495377a00419a47e684e37f82e43368a12eb79fc146

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.4
cache-control
no-cache
content-type
application/json
bid
c.amazon-adsystem.com/e/dtb/ 		136 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.krem.com%2F&pid=DY9fHcKPMJx5X&cb=8&ws=1600x1200&v=22.8.252032&t=1000&slots=%5B%7B%22sd%22%3A%22front_mid4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F32805352%2Fwa-spokane-KREM-B3354_DesktopTablet%2Ffront_mid4%2Fhome%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*LcQdgUxELN9N8tSqHLD_1WUWiBHl01q65lQo9qoP3hkiwM9YRJr9cWHTNYi46rs4%22%2C%22lotame%22%3A%22afad73d82eb9e17e5570a6e38f5a16d5393898b17612b8b68700dd793c54f5c1%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-93.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
7d9e1b6d1ee612109da1727c68a099ddafcf60f35816b4fde211381546dc56d6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:39 GMT
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
733J7RWCN1NV7YC0TWHF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
136
x-amz-cf-id
yAWFLllBsuEtfsnED8EOQj7L5m9ku5FIfUyAhOpxmc-qVF4lSUwunA==
targeting
tegna.profiles.tagger.opecloud.com/v1/ 		98 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tegna.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.krem.com%2F&fpid=ae8e460c-8bff-4416-9d55-a67bfab48a7b
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.221.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-221-162.eu-central-1.compute.amazonaws.com
Software
akka-http/10.2.4 /
Resource Hash
922f2e6a9addce02f48cd495377a00419a47e684e37f82e43368a12eb79fc146

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.4
cache-control
no-cache
content-type
application/json
/
hb.emxdgt.com/ 		0
0
v2
e.serverbid.com/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e536b2c1882bb1a4099bce0174bf7159388d0bc7b63d66e4e0f20fccb620fcde

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
2862
cygnus
htlb.casalemedia.com/ 		12 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=645680&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2278649c496da0d46%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.krem.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.3%22%2C%22userIds%22%3A%5B%22id5id%22%2C%22criteoId%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2279ab18a41c060e5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22645680%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a2c2f461-deb4-4461-8898-1773ade8bb97%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a6fea980de946f4c2504676c6a402e6dde845b1915a23845d70b5de03af0222

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUY%2FLZM02Ta6ZNv0i6UxuJK7FKX63Z5qpvIlE9WGf43k0fgfPjSgUg5hz41gUPE4VC4%2BPXD2mhtXyLYyPhjxA6JigDO6%2BcOJApbgP3%2F7Vv0so83mtNDk0D72U51wyAHe4mmgQ7sw"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.krem.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
749bc9192e753fcd-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
auction
tlx.3lift.com/header/ 		19 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.20.3&referrer=https%3A%2F%2Fwww.krem.com%2F&tmax=950&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.67.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-67-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:38 GMT
accept-ch
user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
hb.undertone.com/ 		0
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3009&domain=krem.com&ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-89.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:38 GMT
via
1.1 8ca36406fe3aa11c1641e5bc917c8a74.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.krem.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-id
UnvyaLD7X-bsbd30uewIu8Egvm69NxtMCfD4HAOk5UHkmEdNJar21A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.3&cb=39676889306
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
v1
btlr.sharethrough.com/universal/ 		875 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.20.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-20-69.compute-1.amazonaws.com
Software
/
Resource Hash
d61b6901954ff2c0aaf9b5e6a470776ba3e23f12f2c5d455ed7276294b67e6cb

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.krem.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
495
bid
c.amazon-adsystem.com/e/dtb/ 		136 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.krem.com%2F&pid=DY9fHcKPMJx5X&cb=9&ws=1600x1200&v=22.8.252032&t=1000&slots=%5B%7B%22sd%22%3A%22front_mid4_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F32805352%2Fwa-spokane-KREM-B3354_DesktopTablet%2Ffront_mid4%2Fhome%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*LcQdgUxELN9N8tSqHLD_1WUWiBHl01q65lQo9qoP3hkiwM9YRJr9cWHTNYi46rs4%22%2C%22lotame%22%3A%22afad73d82eb9e17e5570a6e38f5a16d5393898b17612b8b68700dd793c54f5c1%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-93.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
bc519a148d36c7106566d222724cfb7ded9c3bf637d3b12b9a8c070bc69953af
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
2RDCHHNMPGT5WAHQZD5H
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
136
x-amz-cf-id
7TnMdX-pdn7P0wJ6ilzS0y7HvuXKmpRxKxt_9202fZlh-11tNvmWkg==
targeting
tegna.profiles.tagger.opecloud.com/v1/ 		98 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tegna.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.krem.com%2F&fpid=ae8e460c-8bff-4416-9d55-a67bfab48a7b
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.221.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-221-162.eu-central-1.compute.amazonaws.com
Software
akka-http/10.2.4 /
Resource Hash
922f2e6a9addce02f48cd495377a00419a47e684e37f82e43368a12eb79fc146

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.4
cache-control
no-cache
content-type
application/json
bid
c.amazon-adsystem.com/e/dtb/ 		137 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.krem.com%2F&pid=DY9fHcKPMJx5X&cb=10&ws=1600x1200&v=22.8.252032&t=1000&slots=%5B%7B%22sd%22%3A%22front_mid5%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F32805352%2Fwa-spokane-KREM-B3354_DesktopTablet%2Ffront_mid5%2Fhome%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*LcQdgUxELN9N8tSqHLD_1WUWiBHl01q65lQo9qoP3hkiwM9YRJr9cWHTNYi46rs4%22%2C%22lotame%22%3A%22afad73d82eb9e17e5570a6e38f5a16d5393898b17612b8b68700dd793c54f5c1%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-93.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
ea71cb853afd282eb3897cf4acbb2ec1ba230631bf065d1c1829b7d482ebe762
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:39 GMT
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
KZZHQVBXC96DM4PYXM8P
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
137
x-amz-cf-id
2LX5qBqS9qCfDJFG9W5lpRRoRdg1sZ_vCAWrK914OfQZOFHG3_jUvQ==
targeting
tegna.profiles.tagger.opecloud.com/v1/ 		98 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tegna.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.krem.com%2F&fpid=ae8e460c-8bff-4416-9d55-a67bfab48a7b
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.221.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-221-162.eu-central-1.compute.amazonaws.com
Software
akka-http/10.2.4 /
Resource Hash
922f2e6a9addce02f48cd495377a00419a47e684e37f82e43368a12eb79fc146

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.4
cache-control
no-cache
content-type
application/json
bid
c.amazon-adsystem.com/e/dtb/ 		137 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.krem.com%2F&pid=DY9fHcKPMJx5X&cb=11&ws=1600x1200&v=22.8.252032&t=1000&slots=%5B%7B%22sd%22%3A%22front_leaderboard_btf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F32805352%2Fwa-spokane-KREM-B3354_DesktopTablet%2Ffront_leaderboard_btf%2Fhome%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*LcQdgUxELN9N8tSqHLD_1WUWiBHl01q65lQo9qoP3hkiwM9YRJr9cWHTNYi46rs4%22%2C%22lotame%22%3A%22afad73d82eb9e17e5570a6e38f5a16d5393898b17612b8b68700dd793c54f5c1%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-93.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
ad34f3ba91a2787950f4c7349509c097c10a71cb9fa663adde66c83dab8d4d4f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:39 GMT
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
0WCRVJNG1G6ZCC4VHY9N
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
137
x-amz-cf-id
cAtDKWKd4layUA59K2XUhd2JciEM5EW-JmjfEUvQN4Pn5ZSnjzqS8Q==
targeting
tegna.profiles.tagger.opecloud.com/v1/ 		98 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tegna.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.krem.com%2F&fpid=ae8e460c-8bff-4416-9d55-a67bfab48a7b
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.221.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-221-162.eu-central-1.compute.amazonaws.com
Software
akka-http/10.2.4 /
Resource Hash
922f2e6a9addce02f48cd495377a00419a47e684e37f82e43368a12eb79fc146

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.4
cache-control
no-cache
content-type
application/json
v1
btlr.sharethrough.com/universal/ 		701 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.20.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-20-69.compute-1.amazonaws.com
Software
/
Resource Hash
293561fc09e4ff39e90c2020da189e45ed82adf4494832bf6de0e3a227c27b85

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.krem.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
456
auction
tlx.3lift.com/header/ 		19 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.20.3&referrer=https%3A%2F%2Fwww.krem.com%2F&tmax=950&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.67.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-67-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:38 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=645681&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22968008b2ec9719%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.krem.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.3%22%2C%22userIds%22%3A%5B%22id5id%22%2C%22criteoId%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22979d516b505bd1c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22645681%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22645681%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a2c2f461-deb4-4461-8898-1773ade8bb97%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e7d0a668919264c3cf9eb290b51efa557043f86927e3acab6f606a5a572212b

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUN13ermME87WizhiY0YcuS%2F%2FSFG4BSb%2Byq2J3%2BUBZWSRSVHaH1UBqpm2errZ25E%2FhUkRF1J7gvsY7aXYeDsS8oM77m5yhPlP%2BStufi7BZ6nGSmKRUrRlY46ZLp2fg%2BYgBUsfeyo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.krem.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
749bc9193e783fcd-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
cdb
bidder.criteo.com/ 		18 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.3&cb=10749740296
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
hb
hb.undertone.com/ 		0
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3009&domain=krem.com&ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-89.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:38 GMT
via
1.1 8ca36406fe3aa11c1641e5bc917c8a74.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.krem.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-id
y1MN7CgrCpfYYazndgdfaqXTPdDxfwX0Sss_gmJH2wxxrwLBJnM8fA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
hb.emxdgt.com/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=950&ts=1663018658741&src=pbjs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.27.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-27-177.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
v2
e.serverbid.com/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6cdf359ba2260248f8a9d4f527e53d5dcd7d02d2d653c0a28907c0158b293840

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
2859
bid
c.amazon-adsystem.com/e/dtb/ 		137 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.krem.com%2F&pid=DY9fHcKPMJx5X&cb=12&ws=1600x1200&v=22.8.252032&t=1000&slots=%5B%7B%22sd%22%3A%22front_interstitial%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F32805352%2Fwa-spokane-KREM-B3354_DesktopTablet%2Ffront_interstitial%2Fhome%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*LcQdgUxELN9N8tSqHLD_1WUWiBHl01q65lQo9qoP3hkiwM9YRJr9cWHTNYi46rs4%22%2C%22lotame%22%3A%22afad73d82eb9e17e5570a6e38f5a16d5393898b17612b8b68700dd793c54f5c1%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-93.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
fc17530752af6e7db1489ceffc6f6e5332f925bf9cd3c6a4f486eed8e3349f10
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
3VRXXN2PQYH09R13HSWQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
137
x-amz-cf-id
LaiMBmieOnRTypC2wA2S23FTq3iap7MNMGaLO0-mebOo4_uLNXSTHA==
targeting
tegna.profiles.tagger.opecloud.com/v1/ 		98 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tegna.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Fwww.krem.com%2F&fpid=ae8e460c-8bff-4416-9d55-a67bfab48a7b
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/krem-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.221.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-221-162.eu-central-1.compute.amazonaws.com
Software
akka-http/10.2.4 /
Resource Hash
922f2e6a9addce02f48cd495377a00419a47e684e37f82e43368a12eb79fc146

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.4
cache-control
no-cache
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=645682&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221097c0b9205bb539%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.krem.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.3%22%2C%22userIds%22%3A%5B%22id5id%22%2C%22criteoId%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221104e7f6b4b29551%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22645682%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22645682%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a2c2f461-deb4-4461-8898-1773ade8bb97%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b17bda2d04c03d4032b97ab83a8b7d382abe88f679c7ed01e0da6e204bec275

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2agpm94x2NfKPToKTP9EzBEMl40Cc544IFQKemOJcLYF9W1ttf0aemVCk9pUWDB32HSthw4t1iMTkJawpqXsc8rFCDfZNKzRbQBvCgXSxsRck2xW%2FWkkNfoIanoU5mkL7xUZG9w5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.krem.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
749bc9195e943fcd-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
v1
btlr.sharethrough.com/universal/ 		610 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.20.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-20-69.compute-1.amazonaws.com
Software
/
Resource Hash
87ecdfd85e154483ba32dd52e4eb8bf1f65ad92762b18b6639ce816f3676e2cd

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.krem.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
439
cdb
bidder.criteo.com/ 		18 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.3&cb=29292927584
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/ 		19 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.20.3&referrer=https%3A%2F%2Fwww.krem.com%2F&tmax=950&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.67.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-67-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:38 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v2
e.serverbid.com/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
0fd4fd72dced22d2465a4108522f4aed9d06b387c43db0673ab40ca6ff57583b

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
2861
/
hb.emxdgt.com/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=950&ts=1663018658763&src=pbjs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.27.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-27-177.compute-1.amazonaws.com
Software
/
Resource Hash
e9a087a125682aea2e97c088c5fcc623b45d714487f79f82a714c77bd14c1918

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
content-length
4542
content-type
application/json
hb
hb.undertone.com/ 		0
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3009&domain=krem.com&ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-89.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:38 GMT
via
1.1 8ca36406fe3aa11c1641e5bc917c8a74.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.krem.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-id
9fpSbmoedleRQZNlfA6SUHD4OkGS-IU_m3JP13i1TFu2OsYLf3R_jQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=645683&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2212635f4bd9be60df%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.krem.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.3%22%2C%22userIds%22%3A%5B%22id5id%22%2C%22criteoId%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22127b10f93c80705%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22645683%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a2c2f461-deb4-4461-8898-1773ade8bb97%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1840ab1d48297c8d9eb95c59ec03d554ad6ae128ff431cdfb2122b347bae29a8

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mzh6885I%2Bix%2BFJfC9Tdy7zEvgC7xXhb0sAS9s8AD364oCDSnXbH1VfEZvlmZ93wULZ0bhLqjsDV2%2BNGpD5AvHNBN9dsAyNGuhHqGxsd4uKfq6%2FZCAEF7%2Fa4jegV7mL2NQlyPLijB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.krem.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
749bc9196ea83fcd-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
auction
tlx.3lift.com/header/ 		19 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.20.3&referrer=https%3A%2F%2Fwww.krem.com%2F&tmax=950&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.67.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-67-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:38 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/universal/ 		716 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.20.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-20-69.compute-1.amazonaws.com
Software
/
Resource Hash
0f9d990667b5952791aa09f73d59ba739faebb4a8e7ae88d7346612056efe507

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.krem.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
453
hb
hb.undertone.com/ 		0
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3009&domain=krem.com&ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-89.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:38 GMT
via
1.1 8ca36406fe3aa11c1641e5bc917c8a74.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.krem.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-id
kcrMFtmU-lPv5MiyWvgvlmYUJrnpKnf7vK2YE6tIEe-ByXVHdCT4IQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.3&cb=43449927132
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
/
hb.emxdgt.com/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=950&ts=1663018658773&src=pbjs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.27.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-27-177.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
v2
e.serverbid.com/api/ 		16 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
usersync
x.serverbid.com/ Frame 76F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=6227&spui=&dpui=a6f37f0123013099a595be2217fc435a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://vid.vidoomy.com
access-control-max-age
10080
date
Mon, 12 Sep 2022 21:37:38 GMT
v2
e.serverbid.com/api/ 		16 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
cygnus
htlb.casalemedia.com/ 		20 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=645683&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22142737c7d307fb25%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.krem.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.3%22%2C%22userIds%22%3A%5B%22id5id%22%2C%22criteoId%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214323d2ec7488944%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22645683%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22645683%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a2c2f461-deb4-4461-8898-1773ade8bb97%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd99f527ba9626ab3b99fd526418bb14542153c24acfa93e80f0616221cbe320

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vJHS13rIVEhyrKL6uU22tB24YK%2FGbIrO%2BYw8fZkh8IITPXgLz89OvltniHFVkcjuURXGThhzXtpZjToKQiZOU9TFHmV1PDc0TtkvwSMKEXUH1HD1yQEPwA6wFya9lO3tBWv52wL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.krem.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
749bc91a6fd43fcd-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
/
hb.emxdgt.com/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=950&ts=1663018658926&src=pbjs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.27.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-27-177.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		781 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.20.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-20-69.compute-1.amazonaws.com
Software
/
Resource Hash
be1ccbff52cd3b34de345efe7f2168dfc039d46e35b78a491d0e275e30b2d274

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.krem.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
496
cdb
bidder.criteo.com/ 		18 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.3&cb=11729841433
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
hb
hb.undertone.com/ 		0
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3009&domain=krem.com&ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-89.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:38 GMT
via
1.1 8ca36406fe3aa11c1641e5bc917c8a74.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.krem.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
22
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-id
xf3Ux0NYGhIsi5bttnD-P2-GO9criaSkoU6fYIU4ptOzqMTa3wzQfg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.20.3&referrer=https%3A%2F%2Fwww.krem.com%2F&tmax=950&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.67.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-67-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:39 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=645684&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22157d20d3e98e3a52%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.krem.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.3%22%2C%22userIds%22%3A%5B%22id5id%22%2C%22criteoId%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22158d87bad29da784%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22645684%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a2c2f461-deb4-4461-8898-1773ade8bb97%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb749673b2dc793267b0acaed8a8db2489083aca737701da8073adf4794256b

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9K%2BsZwxYs9l%2BzCruEt4a3rLCqqK8avdS9YEdkpMyPNHF%2FqVkqmsR9aAAETlsnBu9DYwid6QcDVKdOJV8VPjnTIbIM6sOX2DWci948RqHFV%2FE9jZ0rGt%2B2fmonK3Ow8jYMJrdmjH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.krem.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
749bc91a98163fcd-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
/
hb.emxdgt.com/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=950&ts=1663018658968&src=pbjs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.27.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-27-177.compute-1.amazonaws.com
Software
/
Resource Hash
94b92f18e218aa64d2ef492b296eecf4d3bb3a85bc36851155b4e5113dc7a27f

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
content-length
4561
content-type
application/json
cdb
bidder.criteo.com/ 		18 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.3&cb=46988128180
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/ 		19 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.20.3&referrer=https%3A%2F%2Fwww.krem.com%2F&tmax=950&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.67.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-67-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:39 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v2
e.serverbid.com/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
30230b320ac7cc4555cb9be8a48e0fe229beb9302923e1ea41701b83d675e199

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
2866
v1
btlr.sharethrough.com/universal/ 		513 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.20.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-20-69.compute-1.amazonaws.com
Software
/
Resource Hash
b827654fd70402513d5340d5eb285bce5d9f1326dfb2fad2f76d796fa7347299

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.krem.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
282
hb
hb.undertone.com/ 		0
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3009&domain=krem.com&ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-89.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:38 GMT
via
1.1 8ca36406fe3aa11c1641e5bc917c8a74.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.krem.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-id
jDGSe6iJoAO0jh1bgltaDXWPc24ordN75znCW1djuorHep6u32awiA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		18 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.3&cb=92834012543
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
v1
btlr.sharethrough.com/universal/ 		385 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.20.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-20-69.compute-1.amazonaws.com
Software
/
Resource Hash
c1e3776e46d46ba266df8bfb2126d981d51c2077b7a480d8cc718ce5765f6ace

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.krem.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
298
hb
hb.undertone.com/ 		0
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3009&domain=krem.com&ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-89.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:38 GMT
via
1.1 8ca36406fe3aa11c1641e5bc917c8a74.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.krem.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-id
YCH4u7TBBo01sBUbpzhJLoNu8zHjJbZvS4IWgwP-kTGvP1-PCGjWHA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=645679&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221798893159b7094d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.krem.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.3%22%2C%22userIds%22%3A%5B%22id5id%22%2C%22criteoId%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221806cf3770693624%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22645679%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a2c2f461-deb4-4461-8898-1773ade8bb97%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd81803f0fece4c1cbd5fce9947ccf5c4bce36afe4eb50c5353527f030cbe085

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ixUKltV41%2FtM3%2BetFZvQ%2FU3%2BPXkvnE3ktlNHNtxJJyvidc3RgxqPWoAvLtSj0mkASv8rwMW7%2FZqGuZtyTpw%2BIrkfSgC6k8lnGb1OkN11nYiWoULbfbuRdNjWOtcKqBBwxjLXgzo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.krem.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
749bc91ac84e3fcd-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
/
hb.emxdgt.com/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=950&ts=1663018658995&src=pbjs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.27.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-27-177.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krem.com
date
Mon, 12 Sep 2022 21:37:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v2
e.serverbid.com/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
c05064bcf2f7a1a0a4bf1c24c4a4b64eb0ecb7ea3f714368a0a7c3d88e612ab2

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Sep 2022 21:37:38 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.krem.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
2877
auction
tlx.3lift.com/header/ 		19 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.20.3&referrer=https%3A%2F%2Fwww.krem.com%2F&tmax=950&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.67.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-67-133.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:39 GMT
accept-ch
user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.krem.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.krem.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		469 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3091401030922614&correlator=1403206827980504&eid=31068458%2C31069443%2C44768258%2C31068883%2C44752585&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=32805352%2Cwa-spokane-KREM-B3354_DesktopTablet%2Cfront_interstitial%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=6&adks=3632451170&sfv=1-0-38&fsapi=false&prev_scp=refresh%3DFalse%261plus-x%3D2r%252C33%252C1q%252C22%252C1r%252C34%252Ca%252C2t%252C1t%252C2u%252C1u%252C1c%252C3i%252C30%252C31%252C3r%252C32%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cust_params=video_included%3DFalse%26ttid%3D%26pgtype%3Dindex%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.krem.com%252F&ppid=ae8e460c-8bff-4416-9d55-a67bfab48a7b&sc=1&cookie=ID%3D843597edcd88eea1%3AT%3D1663018651%3AS%3DALNI_MZYWZSTJysn7YFTeP3wr4tRISYe6Q&gpic=UID%3D00000969e70febff%3AT%3D1663018651%3ART%3D1663018651%3AS%3DALNI_MZBVDtQn4ayLjs9MasmKMlbyxHwpQ&abxe=1&dt=1663018659025&lmt=1663018659&dlt=1663018649016&idt=1499&adxs=800&adys=7305&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.krem.com%2F&frm=20&vis=1&psz=1600x18&msz=0x0&fws=4&ohw=1600&psts=AEC3cPJk_Yo7w5tP5PwyD7FmvhNy0xFa29YaZUA4MsGS600QXLR_ouINxwQzWIKq_x0-MymCqa-erW-UCrYOu7q1bTyXQI7AnRYN2bObw0ix1Q%2CAEC3cPKbFm5AOnf2RT1XozKC91dypkpcjTMs0o6ZR2qIHVzHzB57AoXy9XDaD_e7FiGiu5UhysFGxqBpxDiMayxWkKfQJodpdkOfCTpCogI%2CAEC3cPJUVy7R4JdAfupfpPtsmHXiYY65QlZS4rOdUCfHJ0yGdBfmjnO_S7UnBrEDH6ZA_hrQk7WlM6Y3gIBaKwv9FzTuzkXk8wC-8kfjJXY&ga_vid=1086046727.1663018650&ga_sid=1663018651&ga_hid=348046418&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
300cd737387a6d27fb9a843983d280eefdac085e5f3d571cf1a9b6df1c58cdcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		71 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3091401030922614&correlator=1368438953821274&eid=31068458%2C31069443%2C44768258%2C31068883%2C44752585&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=32805352%2Cwa-spokane-KREM-B3354_DesktopTablet%2Cfront_mid2%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=7&adks=396454626&sfv=1-0-38&fsapi=false&prev_scp=refresh%3DFalse%261plus-x%3D2r%252C33%252C1q%252C22%252C1r%252C34%252Ca%252C2t%252C1t%252C2u%252C1u%252C1c%252C3i%252C30%252C31%252C3r%252C32%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26pwtsid%3D138095274166b169%26pwtbst%3D1%26pwtecp%3D0.12%26pwtpid%3Dconsumable%26pwtpubid%3D160138%26pwtprofid%3D3953%26pwtverid%3D7%26pwtsz%3D300x600%26pwtplt%3Ddisplay&eri=1&cust_params=video_included%3DFalse%26ttid%3D%26pgtype%3Dindex%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.krem.com%252F&ppid=ae8e460c-8bff-4416-9d55-a67bfab48a7b&sc=1&cookie=ID%3D843597edcd88eea1%3AT%3D1663018651%3AS%3DALNI_MZYWZSTJysn7YFTeP3wr4tRISYe6Q&gpic=UID%3D00000969e70febff%3AT%3D1663018651%3ART%3D1663018651%3AS%3DALNI_MZBVDtQn4ayLjs9MasmKMlbyxHwpQ&abxe=1&dt=1663018659061&lmt=1663018659&dlt=1663018649016&idt=1499&adxs=1040&adys=2206&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.krem.com%2F&frm=20&vis=1&psz=360x310&msz=360x310&fws=516&ohw=1600&psts=AEC3cPJk_Yo7w5tP5PwyD7FmvhNy0xFa29YaZUA4MsGS600QXLR_ouINxwQzWIKq_x0-MymCqa-erW-UCrYOu7q1bTyXQI7AnRYN2bObw0ix1Q%2CAEC3cPKbFm5AOnf2RT1XozKC91dypkpcjTMs0o6ZR2qIHVzHzB57AoXy9XDaD_e7FiGiu5UhysFGxqBpxDiMayxWkKfQJodpdkOfCTpCogI%2CAEC3cPJUVy7R4JdAfupfpPtsmHXiYY65QlZS4rOdUCfHJ0yGdBfmjnO_S7UnBrEDH6ZA_hrQk7WlM6Y3gIBaKwv9FzTuzkXk8wC-8kfjJXY&ga_vid=1086046727.1663018650&ga_sid=1663018651&ga_hid=348046418&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1e9fbe889409754c41031bd11c912d001f6f894075e32ad2f17e2b5330c9c1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
84552
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19965
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
106208
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		71 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3091401030922614&correlator=2171304876943011&eid=31068458%2C31069443%2C44768258%2C31068883%2C44752585&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=32805352%2Cwa-spokane-KREM-B3354_DesktopTablet%2Cfront_mid3%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=8&adks=4026828632&sfv=1-0-38&fsapi=false&prev_scp=refresh%3DFalse%261plus-x%3D2r%252C33%252C1q%252C22%252C1r%252C34%252Ca%252C2t%252C1t%252C2u%252C1u%252C1c%252C3i%252C30%252C31%252C3r%252C32%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26pwtsid%3D1440821b397a24be%26pwtbst%3D1%26pwtecp%3D0.12%26pwtpid%3Dconsumable%26pwtpubid%3D160138%26pwtprofid%3D3953%26pwtverid%3D7%26pwtsz%3D300x600%26pwtplt%3Ddisplay&eri=1&cust_params=video_included%3DFalse%26ttid%3D%26pgtype%3Dindex%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.krem.com%252F&ppid=ae8e460c-8bff-4416-9d55-a67bfab48a7b&sc=1&cookie=ID%3D843597edcd88eea1%3AT%3D1663018651%3AS%3DALNI_MZYWZSTJysn7YFTeP3wr4tRISYe6Q&gpic=UID%3D00000969e70febff%3AT%3D1663018651%3ART%3D1663018651%3AS%3DALNI_MZBVDtQn4ayLjs9MasmKMlbyxHwpQ&abxe=1&dt=1663018659076&lmt=1663018659&dlt=1663018649016&idt=1499&adxs=260&adys=2726&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.krem.com%2F&frm=20&vis=1&psz=360x310&msz=360x310&fws=516&ohw=1600&psts=AEC3cPJk_Yo7w5tP5PwyD7FmvhNy0xFa29YaZUA4MsGS600QXLR_ouINxwQzWIKq_x0-MymCqa-erW-UCrYOu7q1bTyXQI7AnRYN2bObw0ix1Q%2CAEC3cPKbFm5AOnf2RT1XozKC91dypkpcjTMs0o6ZR2qIHVzHzB57AoXy9XDaD_e7FiGiu5UhysFGxqBpxDiMayxWkKfQJodpdkOfCTpCogI%2CAEC3cPJUVy7R4JdAfupfpPtsmHXiYY65QlZS4rOdUCfHJ0yGdBfmjnO_S7UnBrEDH6ZA_hrQk7WlM6Y3gIBaKwv9FzTuzkXk8wC-8kfjJXY&ga_vid=1086046727.1663018650&ga_sid=1663018651&ga_hid=348046418&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e80708b06d26554dcb145cf91ee7030a9a8bc3a5d0052ac33af41eae333fc09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
84552
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19723
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
106208
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.krem.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.krem.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		71 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3091401030922614&correlator=4336407996605904&eid=31068458%2C31069443%2C44768258%2C31068883%2C44752585&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=32805352%2Cwa-spokane-KREM-B3354_DesktopTablet%2Cfront_mid1%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=9&adks=315828405&sfv=1-0-38&fsapi=false&prev_scp=refresh%3DFalse%261plus-x%3D2r%252C33%252C1q%252C22%252C1r%252C34%252Ca%252C2t%252C1t%252C2u%252C1u%252C1c%252C3i%252C30%252C31%252C3r%252C32%26pwtsid%3D136697d02b0ffa9b%26pwtbst%3D1%26pwtecp%3D0.12%26pwtpid%3Dconsumable%26pwtpubid%3D160138%26pwtprofid%3D3953%26pwtverid%3D7%26pwtsz%3D300x600%26pwtplt%3Ddisplay%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cust_params=video_included%3DFalse%26ttid%3D%26pgtype%3Dindex%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.krem.com%252F&ppid=ae8e460c-8bff-4416-9d55-a67bfab48a7b&sc=1&cookie=ID%3D843597edcd88eea1%3AT%3D1663018651%3AS%3DALNI_MZYWZSTJysn7YFTeP3wr4tRISYe6Q&gpic=UID%3D00000969e70febff%3AT%3D1663018651%3ART%3D1663018651%3AS%3DALNI_MZBVDtQn4ayLjs9MasmKMlbyxHwpQ&abxe=1&dt=1663018659150&lmt=1663018659&dlt=1663018649016&idt=1499&adxs=1040&adys=1827&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.krem.com%2F&frm=20&vis=1&psz=360x310&msz=360x310&fws=4&ohw=1600&psts=AEC3cPJk_Yo7w5tP5PwyD7FmvhNy0xFa29YaZUA4MsGS600QXLR_ouINxwQzWIKq_x0-MymCqa-erW-UCrYOu7q1bTyXQI7AnRYN2bObw0ix1Q%2CAEC3cPKbFm5AOnf2RT1XozKC91dypkpcjTMs0o6ZR2qIHVzHzB57AoXy9XDaD_e7FiGiu5UhysFGxqBpxDiMayxWkKfQJodpdkOfCTpCogI%2CAEC3cPJUVy7R4JdAfupfpPtsmHXiYY65QlZS4rOdUCfHJ0yGdBfmjnO_S7UnBrEDH6ZA_hrQk7WlM6Y3gIBaKwv9FzTuzkXk8wC-8kfjJXY%2CAEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=1086046727.1663018650&ga_sid=1663018651&ga_hid=348046418&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e0826ce44b9630c7fb715cf7f333d615b0d1407e088c6db2c9ec8c5ec7b69ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
84552
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19984
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
106208
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		71 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3091401030922614&correlator=2174914103132222&eid=31068458%2C31069443%2C44768258%2C31068883%2C44752585&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=32805352%2Cwa-spokane-KREM-B3354_DesktopTablet%2Cfront_mid4%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=10&adks=2316187191&sfv=1-0-38&fsapi=false&prev_scp=refresh%3DFalse%261plus-x%3D2r%252C33%252C1q%252C22%252C1r%252C34%252Ca%252C2t%252C1t%252C2u%252C1u%252C1c%252C3i%252C30%252C31%252C3r%252C32%26pwtsid%3D1412699755aa4a66%26pwtbst%3D1%26pwtecp%3D0.01%26pwtpid%3Dix%26pwtpubid%3D160138%26pwtprofid%3D3953%26pwtverid%3D7%26pwtsz%3D300x250%26pwtplt%3Ddisplay%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cust_params=video_included%3DFalse%26ttid%3D%26pgtype%3Dindex%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.krem.com%252F&ppid=ae8e460c-8bff-4416-9d55-a67bfab48a7b&sc=1&cookie=ID%3D843597edcd88eea1%3AT%3D1663018651%3AS%3DALNI_MZYWZSTJysn7YFTeP3wr4tRISYe6Q&gpic=UID%3D00000969e70febff%3AT%3D1663018651%3ART%3D1663018651%3AS%3DALNI_MZBVDtQn4ayLjs9MasmKMlbyxHwpQ&abxe=1&dt=1663018659170&lmt=1663018659&dlt=1663018649016&idt=1499&adxs=1040&adys=3083&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.krem.com%2F&frm=20&vis=1&psz=360x310&msz=360x310&fws=516&ohw=1600&psts=AEC3cPJk_Yo7w5tP5PwyD7FmvhNy0xFa29YaZUA4MsGS600QXLR_ouINxwQzWIKq_x0-MymCqa-erW-UCrYOu7q1bTyXQI7AnRYN2bObw0ix1Q%2CAEC3cPKbFm5AOnf2RT1XozKC91dypkpcjTMs0o6ZR2qIHVzHzB57AoXy9XDaD_e7FiGiu5UhysFGxqBpxDiMayxWkKfQJodpdkOfCTpCogI%2CAEC3cPJUVy7R4JdAfupfpPtsmHXiYY65QlZS4rOdUCfHJ0yGdBfmjnO_S7UnBrEDH6ZA_hrQk7WlM6Y3gIBaKwv9FzTuzkXk8wC-8kfjJXY%2CAEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=1086046727.1663018650&ga_sid=1663018651&ga_hid=348046418&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0db1445b4d8edbcfee6abb667462954bd263c93ace94daa57ea5af2c751b0e60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
84552
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19906
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
106208
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		71 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3091401030922614&correlator=598364890355957&eid=31068458%2C31069443%2C44768258%2C31068883%2C44752585&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=32805352%2Cwa-spokane-KREM-B3354_DesktopTablet%2Cfront_mid4%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=11&adks=983436420&sfv=1-0-38&fsapi=false&prev_scp=refresh%3DFalse%261plus-x%3D2r%252C33%252C1q%252C22%252C1r%252C34%252Ca%252C2t%252C1t%252C2u%252C1u%252C1c%252C3i%252C30%252C31%252C3r%252C32%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26pwtsid%3D15103ead5a4ff1d%26pwtbst%3D1%26pwtecp%3D0.08%26pwtpid%3Dix%26pwtpubid%3D160138%26pwtprofid%3D3953%26pwtverid%3D7%26pwtsz%3D300x250%26pwtplt%3Ddisplay&eri=1&cust_params=video_included%3DFalse%26ttid%3D%26pgtype%3Dindex%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.krem.com%252F&ppid=ae8e460c-8bff-4416-9d55-a67bfab48a7b&sc=1&cookie=ID%3D843597edcd88eea1%3AT%3D1663018651%3AS%3DALNI_MZYWZSTJysn7YFTeP3wr4tRISYe6Q&gpic=UID%3D00000969e70febff%3AT%3D1663018651%3ART%3D1663018651%3AS%3DALNI_MZBVDtQn4ayLjs9MasmKMlbyxHwpQ&abxe=1&dt=1663018659191&lmt=1663018659&dlt=1663018649016&idt=1499&adxs=1040&adys=3603&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.krem.com%2F&frm=20&vis=1&psz=360x310&msz=360x310&fws=516&ohw=1600&psts=AEC3cPJk_Yo7w5tP5PwyD7FmvhNy0xFa29YaZUA4MsGS600QXLR_ouINxwQzWIKq_x0-MymCqa-erW-UCrYOu7q1bTyXQI7AnRYN2bObw0ix1Q%2CAEC3cPKbFm5AOnf2RT1XozKC91dypkpcjTMs0o6ZR2qIHVzHzB57AoXy9XDaD_e7FiGiu5UhysFGxqBpxDiMayxWkKfQJodpdkOfCTpCogI%2CAEC3cPJUVy7R4JdAfupfpPtsmHXiYY65QlZS4rOdUCfHJ0yGdBfmjnO_S7UnBrEDH6ZA_hrQk7WlM6Y3gIBaKwv9FzTuzkXk8wC-8kfjJXY%2CAEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=1086046727.1663018650&ga_sid=1663018651&ga_hid=348046418&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92411bb6cf7a2487b53b53a202a740f50ce44b1fb5aec4640969a28bbc36b091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
84552
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19941
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
106208
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.krem.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.krem.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		73 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3091401030922614&correlator=99317624349440&eid=31068458%2C31069443%2C44768258%2C31068883%2C44752585&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=32805352%2Cwa-spokane-KREM-B3354_DesktopTablet%2Cfront_mid5%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=12&adks=4091415716&sfv=1-0-38&fsapi=false&prev_scp=refresh%3DFalse%261plus-x%3D2r%252C33%252C1q%252C22%252C1r%252C34%252Ca%252C2t%252C1t%252C2u%252C1u%252C1c%252C3i%252C30%252C31%252C3r%252C32%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26pwtsid%3D153ecc2b0c436c61%26pwtbst%3D1%26pwtecp%3D0.12%26pwtpid%3Dconsumable%26pwtpubid%3D160138%26pwtprofid%3D3953%26pwtverid%3D7%26pwtsz%3D300x600%26pwtplt%3Ddisplay&eri=1&cust_params=video_included%3DFalse%26ttid%3D%26pgtype%3Dindex%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.krem.com%252F&ppid=ae8e460c-8bff-4416-9d55-a67bfab48a7b&sc=1&cookie=ID%3D843597edcd88eea1%3AT%3D1663018651%3AS%3DALNI_MZYWZSTJysn7YFTeP3wr4tRISYe6Q&gpic=UID%3D00000969e70febff%3AT%3D1663018651%3ART%3D1663018651%3AS%3DALNI_MZBVDtQn4ayLjs9MasmKMlbyxHwpQ&abxe=1&dt=1663018659220&lmt=1663018659&dlt=1663018649016&idt=1499&adxs=1040&adys=4136&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.krem.com%2F&frm=20&vis=1&psz=360x310&msz=360x310&fws=516&ohw=1600&psts=AEC3cPJk_Yo7w5tP5PwyD7FmvhNy0xFa29YaZUA4MsGS600QXLR_ouINxwQzWIKq_x0-MymCqa-erW-UCrYOu7q1bTyXQI7AnRYN2bObw0ix1Q%2CAEC3cPKbFm5AOnf2RT1XozKC91dypkpcjTMs0o6ZR2qIHVzHzB57AoXy9XDaD_e7FiGiu5UhysFGxqBpxDiMayxWkKfQJodpdkOfCTpCogI%2CAEC3cPJUVy7R4JdAfupfpPtsmHXiYY65QlZS4rOdUCfHJ0yGdBfmjnO_S7UnBrEDH6ZA_hrQk7WlM6Y3gIBaKwv9FzTuzkXk8wC-8kfjJXY%2CAEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=1086046727.1663018650&ga_sid=1663018651&ga_hid=348046418&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83ccf955657d58ec18d8178ea04258f7eb133784dd4fa66bfaf0e5a20951c0bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
84552
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19838
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
106208
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3091401030922614&correlator=2007393681879981&eid=31068458%2C31069443%2C44768258%2C31068883%2C44752585&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=32805352%2Cwa-spokane-KREM-B3354_DesktopTablet%2Cfront_leaderboard_btf%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=13&adks=90128309&sfv=1-0-38&fsapi=false&prev_scp=refresh%3DFalse%261plus-x%3D2r%252C33%252C1q%252C22%252C1r%252C34%252Ca%252C2t%252C1t%252C2u%252C1u%252C1c%252C3i%252C30%252C31%252C3r%252C32%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26pwtsid%3D15542f9ce2a62f01%26pwtbst%3D1%26pwtecp%3D0.12%26pwtpid%3Dconsumable%26pwtpubid%3D160138%26pwtprofid%3D3953%26pwtverid%3D7%26pwtsz%3D728x90%26pwtplt%3Ddisplay&eri=1&cust_params=video_included%3DFalse%26ttid%3D%26pgtype%3Dindex%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.krem.com%252F&ppid=ae8e460c-8bff-4416-9d55-a67bfab48a7b&sc=1&cookie=ID%3D843597edcd88eea1%3AT%3D1663018651%3AS%3DALNI_MZYWZSTJysn7YFTeP3wr4tRISYe6Q&gpic=UID%3D00000969e70febff%3AT%3D1663018651%3ART%3D1663018651%3AS%3DALNI_MZBVDtQn4ayLjs9MasmKMlbyxHwpQ&abxe=1&dt=1663018659254&lmt=1663018659&dlt=1663018649016&idt=1499&adxs=436&adys=4493&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.krem.com%2F&frm=20&vis=1&psz=1140x150&msz=788x150&fws=4&ohw=1600&psts=AEC3cPJk_Yo7w5tP5PwyD7FmvhNy0xFa29YaZUA4MsGS600QXLR_ouINxwQzWIKq_x0-MymCqa-erW-UCrYOu7q1bTyXQI7AnRYN2bObw0ix1Q%2CAEC3cPKbFm5AOnf2RT1XozKC91dypkpcjTMs0o6ZR2qIHVzHzB57AoXy9XDaD_e7FiGiu5UhysFGxqBpxDiMayxWkKfQJodpdkOfCTpCogI%2CAEC3cPJUVy7R4JdAfupfpPtsmHXiYY65QlZS4rOdUCfHJ0yGdBfmjnO_S7UnBrEDH6ZA_hrQk7WlM6Y3gIBaKwv9FzTuzkXk8wC-8kfjJXY%2CAEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=1086046727.1663018650&ga_sid=1663018651&ga_hid=348046418&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbcbf5f2acc0127b002a13f8a0473ee849a9a2a92aa38697f3c967f707f42a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9534
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 302E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:31 GMT
expires
Tue, 12 Sep 2023 21:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AA86 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:31 GMT
expires
Tue, 12 Sep 2023 21:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 302E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
680
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
15013890920676311251
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:26:19 GMT
css
fonts.googleapis.com/ Frame 302E 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 21:04:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 21:37:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 21:37:39 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/ Frame 302E 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.css
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:45:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 17:45:23 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/ Frame 302E 		357 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
253d9f8f590d4a7587f9ea63e6a1ec9a58800359dfb311dbf9d793bcfd46b128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126309
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:45:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 17:45:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 302E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:32:28 GMT
l
www.google.com/ads/measurement/ Frame 302E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5FyY7m6CxA4cMogI9UU6fSPTaYjXXjJkgbX-JkJZjSLrqmyPm-LGMwtFfkOcilzYEfKC4mvRW7EgsqAqCB9pk0TRQxQ
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 302E 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 16:52:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17107
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 12 Sep 2023 16:52:32 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame AA86 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
680
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
15013890920676311251
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:26:19 GMT
css
fonts.googleapis.com/ Frame AA86 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 20:32:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 21:37:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 21:37:39 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/ Frame AA86 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.css
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:45:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 17:45:23 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/ Frame AA86 		357 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
253d9f8f590d4a7587f9ea63e6a1ec9a58800359dfb311dbf9d793bcfd46b128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126309
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:45:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 17:45:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame AA86 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:32:28 GMT
l
www.google.com/ads/measurement/ Frame AA86 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPa6b-N00O35BXp5g6ayaEX4vWLAtQYksLwL1YDWVlEscdR9jFBovA8Zeh5E663f74e-aPBh9W9oJtxDdtJ1CwFaUpOA
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame AA86 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 16:52:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17107
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 12 Sep 2023 16:52:32 GMT
container.html
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6555 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:31 GMT
expires
Tue, 12 Sep 2023 21:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 6555 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
680
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
15013890920676311251
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:26:19 GMT
css
fonts.googleapis.com/ Frame 6555 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 20:58:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 21:37:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 21:37:39 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/ Frame 6555 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.css
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:45:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 17:45:23 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/ Frame 6555 		357 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
253d9f8f590d4a7587f9ea63e6a1ec9a58800359dfb311dbf9d793bcfd46b128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126309
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:45:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 17:45:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 6555 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:32:28 GMT
l
www.google.com/ads/measurement/ Frame 6555 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQY8qdfLhXcRVmBUvi7GxgduSyFt3gkfF8TvIm6lQm-uUolW8eIurMKW70enVVpmU7v9DA2xohIsm5y3vcMw0PW0QvJCg
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6555 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 16:52:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17107
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 12 Sep 2023 16:52:32 GMT
container.html
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2C23 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:31 GMT
expires
Tue, 12 Sep 2023 21:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 554E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:31 GMT
expires
Tue, 12 Sep 2023 21:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9121 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:31 GMT
expires
Tue, 12 Sep 2023 21:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 302E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l7zadeaj&c=8513863176125&slotId=4256931588062.5&qqid=CNbtu6ObkPoCFZNGhwodADoBug&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:815::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 302E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 19:32:04 GMT
x-content-type-options
nosniff
age
439535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 19:32:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 302E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 10:24:38 GMT
x-content-type-options
nosniff
age
299581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 10:24:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 302E 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CSIi3o6YfY5aQCZONnQSA9ITQC56hoa5cofno_p8DwI23ARABIABg_eiigfADggEXY2EtcHViLTM2ODY5ODE0MDc4Mzk2NDKgAafKkKcDyAEF4AIAqAMByAMCqgSIAk_QUshDfXXa331Ozkpj0Cy75Cfs2Dguv-kOblmJWULqQerveeb07HihWsUF1VytUBLDz76o8tGlpbzBKpVB8U4lHr8EiU6yEkTkHXvnQltbDxaMP9svGvtkOomUjmIUbgBLfQkmgNve6zsWdI5SzUH8sNb7oTnxWV4eGu7j-E4BRNw7hETcCD6U7l63Zm-Rii3OUJr4v5n0X11khEuv5Xvb5Z7pUScU_Y74rvB15-XDX9todNpcKhN559qsQXPmJNYMcpXg3jlSnFkmSWToiNi4kxpPLW96u5iOvcpMF9eY4iDcr5-gV98R-8K4O1B6bJ44dQOHW1qzaQw-m3SaaOSU02lxlmbMkuAEAYAGt8z07paz7ontAaAGKqgHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE&eventType=clickstring&clientTime=1663018659786&ai=CSIi3o6YfY5aQCZONnQSA9ITQC56hoa5cofno_p8DwI23ARABIABg_eiigfADggEXY2EtcHViLTM2ODY5ODE0MDc4Mzk2NDKgAafKkKcDyAEF4AIAqAMByAMCqgSIAk_QUshDfXXa331Ozkpj0Cy75Cfs2Dguv-kOblmJWULqQerveeb07HihWsUF1VytUBLDz76o8tGlpbzBKpVB8U4lHr8EiU6yEkTkHXvnQltbDxaMP9svGvtkOomUjmIUbgBLfQkmgNve6zsWdI5SzUH8sNb7oTnxWV4eGu7j-E4BRNw7hETcCD6U7l63Zm-Rii3OUJr4v5n0X11khEuv5Xvb5Z7pUScU_Y74rvB15-XDX9todNpcKhN559qsQXPmJNYMcpXg3jlSnFkmSWToiNi4kxpPLW96u5iOvcpMF9eY4iDcr5-gV98R-8K4O1B6bJ44dQOHW1qzaQw-m3SaaOSU02lxlmbMkuAEAYAGt8z07paz7ontAaAGKqgHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 302E 		31 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CJkpoO29rRbYhrzl61mwgKKJKnAkDX4U99-W_GtkG_U152F-jFJ7_2sU15xfe_r_UqwIbTDm68-OySRQwrA0pTuvP6xw&dbm_d=AKAmf-DNgzRUs6dfVo6lii1AawWs3jti3YJiswG9RgLRVvERsAhQ8RZVqCo_Je_5BlD1BWkFPfS7b1_ockzf24_hdtKTfu__0HK5KccA2x4rneDbDsuVxsBTiaMblWY5r4ii3dEqu65--iI9GcjSSSqL3HmH-vJapHRW6lJGLLDPW6Ovi-m4AZZssvA0OrEL_BtcqWVQF22OlhfrnaQqS6Vk8vH-_DK_z7atVWFIpJzOkUz3oLa2nqnxIbUgTf9WdCWR6y-bFjyfKwkuYDTKJWgV_o052kinMUKSm2GtOEvBqHKPtBxvoNshk9amvazM03yzGurd4340IIFMZGaOb5BuBMd1FJL9jaoqU5uH0Z7yk_0llZLPurOrNjl3Poa0F8Ww04nsZZe9RKQKFrBhfvT3Aeij1tX2MFqoKmgAAJsPOa-_P7i_V7yRf-hHbWK1WRM1mEswuhFjVKOzAIr1GyI9PzlNhTzfzq2GaY4FOxQ9dc6VCBg0GZTf8_VgsCS0HdPmyyqVtw52zhaeiUX6eHtO0tIrha3znxaN72tB1fL2hsSKUoNXbx6K_Z_l6gJxaAvlNMlgEwje5wBJR_ad8nf_HCFIVOqJwSM88yYylHao26E5Es0WegBLnImWkHDeICMyjzGcTcPiAL-cX475OvMTow2bFuj_-EW_rDDjuvBzkat62MGaYIJNtWLuWimGWqebqjX0RvUcC3gkKwbiIAhQxvZMLXFF5g3H2mX00llLzlTRE6RiQ3cJMHaF9L-JkA6Y80YFqDS79kCes0xC_3h2tmu7R8Zbm-f0VSoo4zvpqW6yIIeY5pH2HOw2QOVvrossyYCf_U3WGSL_3OcAsQ3RIFLvQqqN2b4X-IeBsWCLELo3BWFSDbqxPZhF-PDXl_qObi8HP6lbHSSiU4UnV4S63-ezQY1yOKS5ducBwKmUY4V9yKwwtqJITrSirkG_JuSsATbws9mT2ujEz4ChEzgWNQ0GOxrC9_v1nj6xo4tbBZR4f5iMn6A3WRHsqGfq2UrfROWC5nvz44gz02e4ElfJ_bGvBqp54_b_xb8fvRSzdBrIR7m_rdpHLa0JxLfkjfQWNI5eLd2lQX1yTWL0Mu2WjdiYbgoRCPMIHC-OvXME2dv_RCeQsvWBPB7TXcI34cIEZU4_AbpwnrqszxYbqtoFvgCWexFKrQigwe0WmeobuNzsYbzbng71Wpu0IYtp-PwOOO4HgRE4tYUmMfhE7DMZPIhlx99M7EGbCm8F_cL81db3gmwrQ7JPxl_uRpOAkH9GSLZlYSkOVEFhJiEV52MnmyHNaxCczAzmiX39LExiQ5ae9_pPjp7l9Bj39FZ-hBP1BOSeWiD4oZ7dmV2mGBLZOMvNf4Vr6hGdp0DCxvSvenSxCr-YoDJPxr-vEMmV72Eh4svMoTZnyVuSSeXRgD09Zx4QotiA_wFR0k4bA1zll8iq6fNE1GI3b6NjDBNvoyBGBN0Oy8Dlv7oqBQtRkujgq52vCbFFtwBlxPxZO62JIDjcf3-Tjmb-qVbIRtpyuBaZdpGvcbolVqm1LgWlmKnlyCNVAvT1YiaPOOt0U9bgtU4d_uuEt8EUCqWsGyFhhZTV1hLrWLVqcKbrXdsgJVeP-TstGxFvi9xHPh7qVurdyMqYmz2ySvArLfLQrbBZuYYRqCKDkVRJQQjwJEy9e6xEexprVE-eSLNRwfsZZDRDgEDUyXBJ8zUg1AHlXyM3XAUJrd2CUF3jP3mG_Y0-FkXL8_IPDO1B4HDeMv9G5bNouJDfzeFCRKmg85BQCEC_0OrHXMbLb0F-QIkO4Fm5Jyu0BdSwixPQNUKEeCQ5h09_lCj-R5amfStacBgQ15QuMdbA4x6XaiwJaF2mCsSSEx9K0bgTSdLE-W7ApVSqlqQmPoZRANeS_3ZTi3MEhvy9jz2n6C8FXg1MWsm96Rf1PFJ9GsvSxmjygcbXXCev70YKEHUGKTUlPKeiwnDd8GfGFz_NRSAUI_p-M0rfgQnQb3RW50YAyqafAxKATo09Qk2VVIjTAXzhGCmU4p5LlgDrLJa1SXtduLxJtfgIdKC4kdhRDmtTKeBcNgc5etBQvmanXdyyq_pNDu4FUWS1sQm0dchnibq_i4n9dxrAc8abUPIVHqWWvXiXzLGg5sq84Ql9LxErWW9xvrOJtWKjSSFFmLSJeoZi0Uel8ceUTLqhilgqYZY5bF6wXAw7_OxeFEdAZCqmD-u28fy45zs60YECIQ8-TcoOPUkbE1Rq6NarmjFd82HEB8gygQQ_K3GO8b4OVHYO2LH3zs5HedyOiI_A_sLlEco98aNd8xk5UjDrtl2eOT7AF8EY7jhDOJvFo4x4dLzidCQpiGGU-x38Yh7ux5JlG3zbx19IwTn_rYCCiRnAWseQI9_OxwjZvZsnwCn8UIvfFPg4bdVFrnu2KsFkP0zhXMS85FTc_gM7wQYEBgRCN-wAgtf4p4CHeNdPbYFRQWVq_U_6ZXO0uWm70nMZNcYTj6otzVTSCdIwjouAuUvNp6TG1xxLTGlFe6vGtav7m6ZPMtKLWKSaL4bu06GCPo086z8tcm6b5RW_GmxfsvUB2kFqESLD-vj26P97K5fzd4mPeCeWVLXikxIdON97jvY8ZUPGaDjdSYOO2RH7oSfR98pFUoHipApzkVzbGWm8QKmXui6pKngKSz_BeMsy6e2NP6LQahCWsNgrAhId5ZEipMsUxq4MLnjD-r1D5nFYYn_P1FWwjDhwiJXrDEqtgj-bHNhdJG-POB-ui32HWXNRg59-0AHuM0n9tItnN48l26bHh3RtiY9EI1Cy5GVtJgVU0CQV6cM_OZ23ReVgREV50R9yAsQtMjcUfAZSQaiPESeupmXwdEtkeBOaojHOy1btgidWCTVJlcsiv6uYKlmesIbaFGsKSGBzRwUaxe422TgXX3hXu-CLV20uOQv8LxuPM08mHqmT6MKm1xLEoxCuTLeFHrEu4fieUeJew0lo90xTGH41DIa3BPNIKIqX4kM6jorCpizNshr6HY4ZWJ3tOV3bF8M8wxhkldejfcIQ4L_zxdpcNosY1cjJ2f_Z0eh0oqVY8ELcb-MoUyoqorM8thwH1Xyh4YS5h81DAoTGHLXa2hFSF72h-P87EP1wWQ8XhwJquYlN&cid=CAASEuRoR7ZKJcZ5ZBA5GWIA0lloTQ&pr=13%3AYx-mowAAAADhmCn9hWJVpg30RW2exwVyCjAWYw&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ad0fb1c28b23d11ad0c18aa75022fefc84b22219cc92a1257de4776cf0f8a890
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16393
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 302E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cexmxo6YfY5aQCZONnQSA9ITQC56hoa5cofno_p8DwI23ARABIABg_eiigfADggEXY2EtcHViLTM2ODY5ODE0MDc4Mzk2NDKgAafKkKcDyAEF4AIAqAMBqgSFAk_QUshDfXXa331Ozkpj0Cy75Cfs2Dguv-kOblmJWULqQerveeb07HihWsUF1VytUBLDz76o8tGlpbzBKpVB8U4lHr8EiU6yEkTkHXvnQltbDxaMP9svGvtkOomUjmIUbgBLfQkmgNve6zsWdI5SzUH8sNb7oTnxWV4eGu7j-E4BRNw7hETcCD6U7l63Zm-Rii3OUJr4v5n0X11khEuv5Xvb5Z7pUScU_Y74rvB15-XDX9todNpcKhN559qsQXPmJNYMcpXg3jlSnFkmSWToiNi4kxpPLW96u5iOvcpMF9fa4AFOfxYyPWeDhhtaQo2wVIky8QqpQ598k3XjW8iERPxGf-MbLuAEAYAGt8z07paz7ontAaAGKqgHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM2ODY5ODE0MDc4Mzk2NDIYyPoa&sigh=BzBmsiexOws&uach_m=[UACH]&cid=CAQSPACsnQUxC_sdnN83X8HhoAJyIb6mlJ-lLR_6ZpU3qI64Xzmd367RZwNVTntZ4tOfomuhY3Mv-xObg7UjjRgB&vt=10
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B3D2 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
13936
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 17:45:23 GMT
etag
48472445140208031
expires
Tue, 13 Sep 2022 17:45:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame AA86 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l7zadear&c=7290698633559&slotId=3645349316779.5&qqid=CLWtuqObkPoCFUR5hwod3nYAjA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:815::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AA86 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 19:32:04 GMT
x-content-type-options
nosniff
age
439535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 19:32:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AA86 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 10:24:38 GMT
x-content-type-options
nosniff
age
299581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 10:24:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA86 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CAVxqo6YfY_XPB8TynQTe7YHgCJ6hoa5cofno_p8DwI23ARABIABg_eiigfADggEXY2EtcHViLTM2ODY5ODE0MDc4Mzk2NDKgAafKkKcDyAEF4AIAqAMByAMCqgSIAk_QnM4cHihL4U2zRWbbs2jHN_Fnoi7IE7lYlthYFLqJbCYpw3EfPUSTNjtfaMNn1I_CaFAO4bq5cF14r6obttE6auBWBEpot3Cox9yG2pD1U5Ep1SOiK4SDOloDwFXMHYapeLJ6G25RoiBNg9jJtQdu6yAtpLV_FnFwHuc4thPVyWJzFoCENExpm2MaFZ9PJ4PgFHEBi4OvRHXcadbuooSARsQDdHeUSFdZmUY_ffGY8QU1LsN5qyEENZmJ_8UwXppYBpgS9Jyb7d_DEf0p87pv9wqBeQ74kWWRTfDgYg6Rwv77LclAJIjyI66-orl7_y-vKyW13OaN23XiNyP1DQYKAsco4-wEweAEAYAGt8z07paz7ontAaAGKqgHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE&eventType=clickstring&clientTime=1663018659814&ai=CAVxqo6YfY_XPB8TynQTe7YHgCJ6hoa5cofno_p8DwI23ARABIABg_eiigfADggEXY2EtcHViLTM2ODY5ODE0MDc4Mzk2NDKgAafKkKcDyAEF4AIAqAMByAMCqgSIAk_QnM4cHihL4U2zRWbbs2jHN_Fnoi7IE7lYlthYFLqJbCYpw3EfPUSTNjtfaMNn1I_CaFAO4bq5cF14r6obttE6auBWBEpot3Cox9yG2pD1U5Ep1SOiK4SDOloDwFXMHYapeLJ6G25RoiBNg9jJtQdu6yAtpLV_FnFwHuc4thPVyWJzFoCENExpm2MaFZ9PJ4PgFHEBi4OvRHXcadbuooSARsQDdHeUSFdZmUY_ffGY8QU1LsN5qyEENZmJ_8UwXppYBpgS9Jyb7d_DEf0p87pv9wqBeQ74kWWRTfDgYg6Rwv77LclAJIjyI66-orl7_y-vKyW13OaN23XiNyP1DQYKAsco4-wEweAEAYAGt8z07paz7ontAaAGKqgHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame AA86 		31 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AIknnwmw9BofDUo5XOAN5FQY2aERwbcWIduC1SQZxWWOkQE9J49WAVkb2hWWKBhe9LVHgMjA1zezPcSKsI28erPV4Ktg&dbm_d=AKAmf-A0-oghZnNAoStjLExILHh3kVSwVZeFC8Mtsf7MDRK2zo8KS2Y-diMK_z9RzZmUJWUJkJn3v_OKB-bktjxIVCnKlUVBuXy_J7Ig_eBEbrG7w2V1QlQ4HxFw5BsIfp__gn4HlneYXeMo-hqleSCI0mclWNT_xBGUU2Rof3ov19twgXEAfuVSkdxg56PlnsO2KdxJZefyv4GcruxOvN6VirpNCnN9cUDyDdyF-UZWBewS6-73SZlJKGaKejMIhMvZ0c6J8pZJ8VTqKtp3SKAcAqBh_8HgV9bbfhKUMEYtvJB-Q1M_pVBCW_aaGF3DaDPhUkyrxB2i_-4lyOziPKqwjtEU67aen68fQEDEluFogBMz9ARF1X5-PMBUYemPXBqNngrdaRNsfJAHeGBkAstI5Z35bXBUlzKyJy8XmujKHUAiOj9joAnVpxWnvlRf9Qhetk4XB2u2e-YR8JVRGfqsPyiTILBs9mrlX1ddV_UvHU0DILiCv6TWls7KARIAKf-qErfjOGHA2mpMsLwI3XAX-Lzp-qMqlbd6IsXM6W0LkdMeCrpmWVg1yOKqcM5EKBhdsnn02cPCb6DwHB0_t_OjWaFtmrAyoi_9i9-U5w1PhaJhdhkV1_ndCf22gE0n6BZXniy6zQQ8dZkD-uzyOBBy54Tk8CsTbcLmhDvIx408oBlIL2DXM46i0ZTyFas7eHg-SyVxxS90HTr3zoHg_4LqoSAI5jbZU8W5ap5AXW-mkgX0UiXycUc2W4kI_r-kGbZGFtTVJ9QchoL3YkNqOf7t9xUP3rNmewN65I7hdxOYMDateQgr6p3FvEBt-9lUb2t-LOH2hDf5Wo71v0tyhIhPE-uuTigPKNEIQJwoqRDZWwlzDXXpAqo2-V4w67_IloFqV92CIsGM7hNUn7jOBsDfzNJBoBIwT16dhAx01--H_og_-JdeOCv7GscQcMwSJX0cl602vBdlZHhB_zvXasydXx6wmbFewjjL92J8zXUAVPxA7Dd7l0oTnqxN-8lkPiJjzuPOf5WxMsEolWXC4fUNydiB1OwfvfimYk_YDbtpZy9pweo3yEDoDwDm5RYWgLXwsFPbbwQ23Gt-9hVT1ek9tAvKrjFbVT0p49YZZndD0N98p81tIiTMHm_W97jdSaq03e_X-6H_c5xgWvBjbvgB_9-lfHhZyAK3TPaVaKyI24tcESkpLXSILrJg-7BnB2bnknWwMBXw2wQM6nDAXq-2fVbbYxhJSkEeshPE6n-2VhcrUmTPTv-X5W87hW578r7K-xMh0_FqtlQfErroIuYqNCAG3aO1ya2__STRC1nRfPUxTisARzwHhzKEmMR420Cqo9Ohsd-ovo1NP_UQn0WnRPQ_O4TwSKx5YVLz3CIsjvN2_f1he7fmzARqJ09f0trHcljkYwN7mRiOibwtO6hNqbRp_B_jISJiH41LacrtmVPYbVHGMrH_mPt8pcVoLJdjPs9ElDm1QHBPZ0gynNgmERcjfg2qJTM0LDEaF7mO-72iLcKDZkJMiZR_oij--JxxNwGms3WxTtNt4txyDAG-HIfm08WTwJRLR4A16PDpoJbf9zGMLZ1MssbiNdR2XV3QIGPSDCDCTGqGfQOWZgXcjliOw-TdBxJ4hK6mCGAWM19YaOhzOPjl78osmzEgUNwHs9jqvTdkQ7YbMf6_ZIGIUKlOAgboqy2rDNVYvHyuBnF3DCdrr_uQaYU2UtWx2zb-e5m2FdpxwLTDp0oJnPVTUnE64Csty5asl38lsisFD5mv0n2XpLpEJe0SilrE6GqT-PO39qCbYLIir-cxE5ayGRso3KKIRZOaPYIj-KIhThpBxO8tm1m8o0HuobY0p_Dis2kJewAMEpSpz9MtErVV2sBvasAshNPuLi2ShXUDzIZgaAtPXb7wnqS0bWqVDBnZzugkko5kLNKEq0IIPoPvVAhTc97eef39FmzKwM0Ie3In_4_sMBuqDwpeuKVsHNoGmSGREjt968woAiXRCBx8KECegZxzBmZFSmSt518uhCJKtbHPsO4_5vs9254qxoVMpzV-aFX_jeVgT3MiwZRcw8P_NYumjERwirz63HO4JQmaMQXf_nnXex2IIvg3robFYn7BR03EkDdVS8PhxC3zc6q99Gkfyzu9AWaKIc9xqDZWhPfjbQG--JcMQeGoEM9DNoXV6AR7XqJKguKKlPXsMNmD4aPtuB7ZkPWaHGV4K-jRY1Xv8iNFcZUmJTMYCQnx2pcaBz0pbwVcpBOPA6YSIlK2qbKknO1TaYWxGGsKVYxVom4yNH0Kdp9BgTbXVd-BSSWB2udKzYDGvuoZ8g5gsMfyf6yO5ke0-J0BPW7TD2_TbxN-Ur81h0i6NCQETD0qkqjIKHJ3e17pyYlMxqUZg079pV_d8Zv7YlBFuUH_7CjHI8aKki3GguZEJ-S3X2rK_J9f5FtAyKvS_zyzB_fuBytkV8CH0z1ceU4ZrEm5GMimzimIIWR13vYJqx6RVRHW8DCAEZLO-um8kt5uyjXZWZIZTDCorLFGOFy4FLWoDEtq6KPjBCYY8A6jzcd646rW8Q0kwu6py38vxFR8ae7VxywlrgNYhvYlDyGtTAyBhdoBjg5f6sNk5YttNVuTGIsYICtRKPrIZ3m91BiHbe4RIEjIChbbq8FXKcKasdJiqVlD7zaukEcJhXWcyfjZWP9vZtoj9eKDbmofXLufe_DltEZSbWhob7LnWCc5wyTvnpqzBsI9fWSb-2pLGcHyng1RzUPOVL-iIxPwAPgZBWlpiI3I2Aa-Kingce6323j27b4-3-GzKnYUp2QGn9fKzPmd_xyIBlasOKG7K8iwy4CRkbTxijEUjXjFM6GuqjGaeiBmz7FvemdUrh_i1itFNgnEGC58wAUJ5c0jgJ2ptv8OBOko42MTfpesG8KRziMWRfXCms4oAxrlD3wa57K8eN2v2C2Fjj3RhLGr7-BYP_3XQKcpO36aoLIMxQo1t-bo8cE_3RQReLylR8AsG5RTafZgdovJH4MNaoa1gEiLg3lZdVxX3JBgA_pMiUC__W3xr4J1yaWMSyIyudNA-ohLGHN2ueoIPZy1yqBAkpjaGG_inV1IP1FGEujrNl8VdG7qmlTAPe8rgEXwd1-5G2vQuKLIbKgOao15CQ0zmJ4Q1GE3bVqXDRgiQw&cid=CAASEuRoRuLcQKf0QRTmxJUxUcR2OQ&pr=13%3AYx-mowAAAAAat2iQOdUd3Sf6pmLMg3qloAMRAg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
847e901895ecfdfd06cac35221d75fe3685aa322f3620a35af16c88537812dc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16376
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame AA86 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqnPho6YfY_XPB8TynQTe7YHgCJ6hoa5cofno_p8DwI23ARABIABg_eiigfADggEXY2EtcHViLTM2ODY5ODE0MDc4Mzk2NDKgAafKkKcDyAEF4AIAqAMBqgSFAk_QnM4cHihL4U2zRWbbs2jHN_Fnoi7IE7lYlthYFLqJbCYpw3EfPUSTNjtfaMNn1I_CaFAO4bq5cF14r6obttE6auBWBEpot3Cox9yG2pD1U5Ep1SOiK4SDOloDwFXMHYapeLJ6G25RoiBNg9jJtQdu6yAtpLV_FnFwHuc4thPVyWJzFoCENExpm2MaFZ9PJ4PgFHEBi4OvRHXcadbuooSARsQDdHeUSFdZmUY_ffGY8QU1LsN5qyEENZmJ_8UwXppYBpgS9Jyb7d_DEf0p87pv9wqBeQ74kWWRTfDgYg7TwN9p_UDSTjBgXndc22SxxzilryybxCNCIQw_95_rIR7Yrk1CW-AEAYAGt8z07paz7ontAaAGKqgHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM2ODY5ODE0MDc4Mzk2NDIYyPoa&sigh=It4hn2lZ4EM&uach_m=[UACH]&cid=CAQSPACsnQUxyyyp67Sh254aAMGZnO0or7gwrGXLKXhPceA1nQFLi9d_MkbzYT2uFva9DmL0o84iv_eAOqIcgBgB&vt=10
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4986 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
13936
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 17:45:23 GMT
etag
48472445140208031
expires
Tue, 13 Sep 2022 17:45:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 302E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f058db621ce232a79fb505060c5292f679acf50885ae1fd2dddc19c0c1bcfd4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AA86 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bfa6188735c1e0ef795f5ec5020e6d6fca4a04ea1bcf0c553206997149130ff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 2C23 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
680
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
15013890920676311251
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:26:19 GMT
css
fonts.googleapis.com/ Frame 2C23 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 20:59:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 21:37:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 21:37:39 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/ Frame 2C23 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.css
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:45:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 17:45:23 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/ Frame 2C23 		357 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
253d9f8f590d4a7587f9ea63e6a1ec9a58800359dfb311dbf9d793bcfd46b128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126309
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:45:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 17:45:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 2C23 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:32:28 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2C23 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 16:52:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17107
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 12 Sep 2023 16:52:32 GMT
container.html
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 874E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:31 GMT
expires
Tue, 12 Sep 2023 21:37:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 6555 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l7zadefb&c=516439249001&slotId=258219624500.5&qqid=CKHtwqObkPoCFeeHgwgdLHMM-A&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:815::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6555 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 19:32:04 GMT
x-content-type-options
nosniff
age
439535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 19:32:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6555 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 10:24:38 GMT
x-content-type-options
nosniff
age
299581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 10:24:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6555 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CpcqQo6YfY-GPEOePjvQPrOaxwA-eoaGuXKH56P6fA8CNtwEQASAAYP3oooHwA4IBF2NhLXB1Yi0zNjg2OTgxNDA3ODM5NjQyoAGnypCnA8gBBeACAKgDAcgDAqoEiAJP0BKYkLi2W9gsMcKyTJZzwTSLRsJA_LQxNkoJH76uH0RuDycA-bXTn7LwVPwbWXXjjUVKdqneY--beg_tGQGkzsDXQb9BcaAkYZfBeLnUn1NpeDmw4BOF1HufAX9-yXq3YD8Tk3mAVIy8idRLCxJo-yBXP8OBAIoo_V9IcIVCHKG_oKd7LLEf6f4yBdak-PW3zx3PlV19LL5RfjxsgM0Qzqf6u3GACutgPVeTO3n22mYHoVp6on2jhtLe5cbC1jMmOZ-3hxyMySNv9GFHFWlhEIeFQ0HTlZjIRJeqVh5nx5A0bZgiAJNb2y07E3smXbxrkXBNotJtFE9GbcNxd24LpdhFn8V__p3gBAGABrfM9O6Ws-6J7QGgBiqoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB&eventType=clickstring&clientTime=1663018659917&ai=CpcqQo6YfY-GPEOePjvQPrOaxwA-eoaGuXKH56P6fA8CNtwEQASAAYP3oooHwA4IBF2NhLXB1Yi0zNjg2OTgxNDA3ODM5NjQyoAGnypCnA8gBBeACAKgDAcgDAqoEiAJP0BKYkLi2W9gsMcKyTJZzwTSLRsJA_LQxNkoJH76uH0RuDycA-bXTn7LwVPwbWXXjjUVKdqneY--beg_tGQGkzsDXQb9BcaAkYZfBeLnUn1NpeDmw4BOF1HufAX9-yXq3YD8Tk3mAVIy8idRLCxJo-yBXP8OBAIoo_V9IcIVCHKG_oKd7LLEf6f4yBdak-PW3zx3PlV19LL5RfjxsgM0Qzqf6u3GACutgPVeTO3n22mYHoVp6on2jhtLe5cbC1jMmOZ-3hxyMySNv9GFHFWlhEIeFQ0HTlZjIRJeqVh5nx5A0bZgiAJNb2y07E3smXbxrkXBNotJtFE9GbcNxd24LpdhFn8V__p3gBAGABrfM9O6Ws-6J7QGgBiqoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 6555 		31 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ASpctnb14hCcbipFoD30MiMK_hcRroU_YbzK8sHDpxGj73lWZs8lsPvBMn7chCgeD1iPgWf8XNpoO7FAlSQbJoERjgpw&dbm_d=AKAmf-CevqLwL0AsoG2ORwWIUMYDRyS514Ce-crvQa4yejJAdMrjRoNOUgDXgPJop2Hajht_0FssDmOtazuHqHAH7ml4FBAO44MrIJmOS9G1dzVEob3rqca32Nki0SQVMJaOynsUY2l0quua_XgxtSzdqOWOuSnzaeSycBklG6IOCUqpIYwj8wIHUt5LLDomqHw5CrK1_TBcsk-h7azvjWfJ3EbI5yYdmQIpU7iuvnSPtvEdqY9k2TVpsBde4eJCS5xlZ-t5UQzP83H5Qw7awlyPD042FYAkQVoCs1FMkR4QCjzcFY5SAY--90OB2TTztvNkaYyjoP4rFxf_Vx9CXSwd7NP4FMZWoy5PLGk_zd-HQQlue2e_6RRXo7IPwT05kruB2H8NZEjaCoxAEwXQJrHXKcOOShdADIcyhDsyD54rHxsyLgkAyqXePO-YhkVhsxD5LSXnPczexezHbZo8pAszeNke2YEGoAFLU0lNa3Nr3pHJpbo8enwRvgBJHTjtyD56GBzLuDm-yfzvPLyKEv5aSk0tC59S72xuBT919YpIk-ZBQCicg5Ew1362Tornb9K_tMyPKTlV6tmlkyERzfXI2jg4G7Ko_Nw1nbaSDoMCbJrJCsbFMe1Fk8ZgO2dbpRY6aXId2JJvgIVfTULM4l6jHuwWcJc9S3JoCJkHxhZtIDJh1hHd7euKbtJdzJwO9BOVM3INwuDfzlU85W46GU6xEm-OVizRG2Sd_cUtAAtOVBrue8clILMI569gy1J-1rxCAVwLbxC-z70QbcVZOKDnzV4Cp-j3PKD7CX8_VOSMzyB1YSC43U_NmenCSlIihslPdgLZqDSuSx7Oq61UDX5uNBNiWQqTpcAA_-GuraNKbJpVv_sByCHDSbq2VC-1HppFiyS7_D9jHITA2Jqx_H2UANTG-M0TfOJ3nZw3woftolBw1YKqVNBaa3D3hkasG_Kt5M2B9GB_kQdhS95tSvKyUg5F_uRcGPG6IazGjGBLJxg0lYpvaD6cf1D_OH9uklrC6wS-PI_OU37LTPoP5KbTgDT7A8WJX7mXjpASCw00i7KdH4rXsYFSVcpWOKLUuZ2M3Yqayk1Toy9Zj062CZg5Gl6aWMiYN8uE9duvKh0sixKt9rFIDFqGHrdfFudYCaQceZxftPVyTzPlff1UtlgMig7SHm6QtSVMOR3sGYd0DdHaBouCs-xieK13y67aWR0IVATNwGr78WFkUYKnFoxc43AF7FgU9TA6VqgViHqxZFrM-FP3CJLN-l7il_TOTKbwwDko-EGv83Qr5l8VMjIX02MY-sPk30DjifZx-1-eHVQkf_5OaU01eLwadYqvns62nSCPl1fd1RpPb1PLZZqY1uJdEKgtedm3cfjG7iZQYvhi-ZwAHea9nYZ7k2EhS2O4ZcB_dOS2iTzP1zojkoPvRR-vCeMal6i2RFQcfxFqKF8Pl0xJ1vrR_lY_PYnHbOI-igykvFHMHdMGFcdI-olt5ZZAjJR99yr8O50yx5L6r7o-aaXcQ7JvXjYSPu9oO5jXM__XnptZZJKLUO6SMU_2I3XRcnZKuyiS3ENQTXAeFahVpxUY4w56iUcBdrhaSIVBphN0_xaImiVcOZBwzNTYN6tYdXn62glNnwzQ3kh4mSPSsWXeVT9HBaZVvghUJS-W7J2xTud-oRqIBhJvm8CpKC2MhW8jqjNfY7SdpIR_hJ7c29NEIraT6WfAeXtIxXktrrDWGP6dLZYhi_H5tkR_NhQSb6qzkgMgP2wX3b7_5mUufzJ2UwV0dq25b4ogcJK90uLjUdSgRblbqEmgqY2TNfIjALS9w-xIagjHTzLKpqtw1VmkCND5smEJngO485-sSOy6rwFFt_DRmMKE5a_DOZYH5UfnHiKHlO8a7-JWeNZ_xR3A6zt_UOfdsxXciCT8z3aG0qVdbsOuzy1PVlsWdGGVLLcs9BuDJWIvym0i7POUcj_PU5tjrPYHmMYghu5sb4kfgCjN5AEkADpWKZSC6EQxVYaYIBQa_9mQ1kD6wFtOISx1vv8Xo2Y0v-uCPTTrbBKDWqbKClCR1j5_6pr5yFhZqiCxUwyfeJQxsqHOxgNqgdRHbmKZpXdtXUtR8HvvNG5j1mhOKigOcmclG8O_zRNDsJwXMUeNzq4ceD6px_V5e1leynx_8UTugtXTTveYnC5URhIbw5Rjkdm2kppMXzWS71UxFBZGkbnvCoKUvu6u7rlurDmywwB2uwoAx98RKpRBzAg5Ye9GWZnJlXjWghEgBFKM_ag-pA3ge70bfIqVwYssHieURZyOMEwMUqHpQRlysUtnSgKiVWQPymeKX_EPi7GvdH6-D-gt7KFPIYceK4EEJTrvYFnsAWfrPZO67VQ0zs982khVFaP5JDqtOGAx8WxF7hsvidDKVsyVEBpZZ283zkzVcRVg650KfduPvqZlrN2PQDT7CiyXf_QhfRGLCDAkgC2ZdyK8RvRrEW4pYR4ujesXm0n0Y8z65FYnbmF59OWuuAKc4acFJxeCv8-An-51c7gNo0-yPHsQ_x8EPCNuQL1B_cVmyYvQeZ2gKSvYLqkR7PA_yEKS5nBkYCLU4wvTcjtq2_l3__n91pNXnulCfU61yOXl_WirjPoUM8rpj1cjE3lhTNjUcRadaPnaQqFLsJRdehBOdjjtEumUtn5aZBLamvktD_BuvFiUhyCV7q9yBIXzpsdag_rxLLmJoClhLc6cTMFSs2MjLfHwE38GOXpAddifLew7yUficr-g6qTEEEE0nEGOms3S4XFoIp8n1ehu9zVnWMso4DFOK8eLYXEs_p2hCSBypCj6GuqlRhollDBR2c5eCT05TExRlz2DVqjSO3Q8Wdj1ZwQM_jq3E3S71IxBArmq8PYNly6b8IdZoTDOh7WHlPnnF2p_v5ZTQKn0r2ZGSRkMT9CSwKkKMQnu0SqNi-MgpC0zqkYAHmDd6JMa4oxE7qOlu_kzJfWnN3r2eVrewQhuyTaiD1cTUzjVFbpYAg3G6wyVtpTEKxRnImb9x2bul0P66go9c01Jf6yG6PXe6wKirwGZlmLo2I64CJBrG_sDtk3D-ybArUKDpp8wSlCE8HqkWnrauCeu-_rKAbNdfj2kBHyOgQlHLsHqa14lT6OgsrnK4RMhev15H4lkYnRXnVe5WihJHIsgL15WsiK9TNfse8umBN9npgNmr8GOL-yPDOYjQZfNvwdj3v1uhUOucIn_RfrSrS-vZbCVHhj1Xov5iPA3y8EawCQ&cid=CAASEuRoUyjSPgmrOYw-9TT1lPwqjg&pr=13%3AYx-mowAAAAAPGfljrSl2B7CxCOUOi-JSPOuQWA&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
c7a1002653530b6b1c892953fac1420baba27e0ee400a9db37479227dcf612e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16487
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6555 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C18Xho6YfY-GPEOePjvQPrOaxwA-eoaGuXKH56P6fA8CNtwEQASAAYP3oooHwA4IBF2NhLXB1Yi0zNjg2OTgxNDA3ODM5NjQyoAGnypCnA8gBBeACAKgDAaoEhQJP0BKYkLi2W9gsMcKyTJZzwTSLRsJA_LQxNkoJH76uH0RuDycA-bXTn7LwVPwbWXXjjUVKdqneY--beg_tGQGkzsDXQb9BcaAkYZfBeLnUn1NpeDmw4BOF1HufAX9-yXq3YD8Tk3mAVIy8idRLCxJo-yBXP8OBAIoo_V9IcIVCHKG_oKd7LLEf6f4yBdak-PW3zx3PlV19LL5RfjxsgM0Qzqf6u3GACutgPVeTO3n22mYHoVp6on2jhtLe5cbC1jMmOZ-3hxyMySNv9GFHFWlhEIeFQ0HTlZjIRJeqVh5nhZIV_0irkvnjSVDi8QL7l4R8m_REjMqo27U_sAPNaUITd3TP9X3gBAGABrfM9O6Ws-6J7QGgBiqoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zNjg2OTgxNDA3ODM5NjQyGMj6Gg&sigh=2dGYTWXvdZk&uach_m=[UACH]&cid=CAQSPACsnQUxZXmV5z6RnjYEp0AOag9KKbaad3-KzIcCsTNmw319ChvDdJCV_btueW1A0wJ-4BnyLgMVx8bwORgB&vt=10
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1E13 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
13936
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 17:45:23 GMT
etag
48472445140208031
expires
Tue, 13 Sep 2022 17:45:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 554E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
680
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
15013890920676311251
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:26:19 GMT
css
fonts.googleapis.com/ Frame 554E 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 20:10:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 21:37:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 21:37:39 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/ Frame 554E 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.css
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:45:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 17:45:23 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/ Frame 554E 		357 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
253d9f8f590d4a7587f9ea63e6a1ec9a58800359dfb311dbf9d793bcfd46b128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126309
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:45:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 17:45:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 554E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:32:28 GMT
l
www.google.com/ads/measurement/ Frame 554E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7KW8zH28AihkL3f-ltPoYN1Ei6cNKmwXnUQAF029zRnFxdYRmDcGinfXrjpIwdEX5NgMmGC_d1tVOjFq_jvamw8eo9Q
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 554E 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 16:52:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17107
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 12 Sep 2023 16:52:32 GMT
truncated
/ Frame 6555 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d84d438f1cdfa10e1eb81e115ad2799be8f35e8219fb8adfc87eaf89fdcee3f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame DE62 		482 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Y84y3wAEwAQ&v=APEucNUQcKnssh0MYKQ9OgZ2Puc05zKzNHCPcJSgvvtQoYXrjvJYo1pRd-kPpUXDW6YEHDHLwpL0_8vgavBHujFSd__y8u-Yww
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
253
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 21:37:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 9121 		82 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjYvyGyELyJSRO5Rt9jivIWRS-NMAW6k6Wa6EstnfdC1uHm4rT0Knr1v5Tma4Ie2_0UyYCr7qqPcyf2MKlmU1nE6Dtqw&cry=1&dbm_d=AKAmf-CaLyC9wr-niw7QLgc-8TXjpBHHeNA44ksZ38suY3h-ixmTk_pZB7uMMarXJn4bkLlucllcqJPoF4zkXhm6oCTqelYOj-TDoH9KgrLkOuuv3muCcFqkH9gy7Nqas1G2CZ4hKHLQoC7thvaiXRwgw1TKQipRAISPp0DHeRUMQWTO1A7FNqx6fKPnJ5CisB_B-22sxuv4Z_UMYvE-aW_59MknFvvXU5sitNrK58XWFnACi7xmZ4Qa3GlJygRo7Tm3GV1bppZD72JzegDcElRSvXzHdgSQXIkUkYbk-KPcLYXKmaUIj7X0YhgoIdsHjRalic38ODxfb_we2PM9Gc7ATGhpGOmyr4wpyUjO8l0ocU1KxWO0lik1DKa5t9p0QPL2cDI8D_5EBrMxdWg35NbAJtTI2qD4mGXrtcArj3tZrE4tkFiBpzGEWydyloCevDX3aMSaY6HK56Wv1xqVIqbEVshBfqNoj7s_CzecHn8WDaqIe3cMzozhgUFRIerGQmU9VA_xkj12G1n2I7Q2CPv7buDUG86DwJe4UZbgfVtCpIDtIcM3ZQ2cEqxi_17mcXF0Wf_YIZbilol31oQomBU8bp-btiV7Qp-fOGRBcilx38xeGn7o-2fAfZlsn9ZljBRxDnCOqv21UXVQIUMgFDBJadz0WrmZnm-LPqjVMGXoCew4paAD701TkJ9oBjQ02t6RpqiKXvcnQL-zRYLgtSfEwuj2gF5smpDl1cn_iUW2mBRk61bzVg4h4zXfGWjKyjbV80rIvjlCGNc7inUdxdRYF-X78dEAFnrR8G6exs6xa01BPFeTkBw2HigpTHK9WMrDuA2Rja1nDtjfGK5ORtXPOEo9XWYL58VXoOJz67iO13-ZMMUon8AJA5ZrSAclQeHyWAoREgid9-6MJ9u310mhmqD8AskwWkzWneRSLK7VErKuH75_IVI_bO6wESkTvOeb9ne25rOIJ1fhwYnbIOQYkxqilnRXdngkJgr3mhLe8AoDZNNSLWyESNc6FQFGfoorOwXsNHWbLvgD9OH1ybP_bj-5K88QAOLslubKNQcMs-UgzEWpQeXmx8EZw-oOKroupF6OFLhLCwFdgcO2-k-GKqOnJgym-f-xZnzP4WG2Nq2AL7gVTFx2_VxMEfh1Wmnp8lsTZaB7QZIiQZjoncL3O0NV87r6C5dODtq3Anz8rveDID-6vkYkF5t7HHv35oR-5QIWhP0PGRRh5Zb5CwpD_eWdf1hKUKT388uvIso6KH7ssAvUuxqRv6OAXujfiUH_ZK3Qv6rCN6_qkrnLTOTvVVomYc9s93NswGoTogSeKQqJAJmrar_Xnx_cicK6YG86VfUqQsahjR9toFJUxZCcxlKds93x0D092vH6kb_cQK1Zp0YUZMszhhf2IDJCYPKyNYJyoxMPSHLWAhqsgw2a0H1Aov-0_hFtBtnVOME_JRgH91yqHI_OVbtWTvt7HsZMbLS7JMJbI4hO3K6RVE2090YT-YOzAHQ4_xK004WIKDbK0fXPu-IgJ2-q7zer6hIdlYgoAzm78q0l-CHyIpCVeem8l6R5aYs3hLnTWWi1_6-0pb9M6a1bR3nA_lVTDXi-gCFGhjBECP9JmADSWhxEsc9OtCcLRuIOmHvSyl1cRzuBGPY0uG2zQyikNIoVOP-R6k6xTXAUGUxtQjVu3m5pTKap83mi0aeT2bfPWBJ0rR_NHyPYcStpR3kVyxXzwUsXCTNw5EKcmT-JJDHsj1NNhAKngsJ6gdl41UWJSzxtx1RjFxpyh9Asf5GMeRn5nfn9kHNjnH3zKTUOHf-nVDZj1WZDJkvJFhcfQb02OZ8KHXSbxNollhNMQ2a1l0MHV1xXnU4Coav22li12SxOC63oezw-zs42Z2pErhnW1eYSw9rGCWEgtYBfpDaHEW42UUpIFRJGHQ-Hkmj3pJFMvA4PAA3kWZQuBYIXX1apy5m08ND_pk-ZRaM7un47k5RBCfheAhRcFVTECUyUF6MRRrM14Jyr-aPa4jAuCBJL4--cB85l5vdyiBkOgGLGmyKZRn5reMD8fL5ynrAv44r4puf9kzNNXqapsSc0nkjetMRV_ahLjyVMQHcPigvWLabm_A5EkU6gpMGIrvwmkdRxWwqE9RWFmqJ5azSu6xSxUewooDVov8XK_leErLC8djGZBvNZqnO4VIF6f-kRNmhfLehx6nA0hCvw_7leDg5WAWrgebPLf-s3o5lhn6q_kGUGMULaXuaqRVy-Tl74RMO3ZiGVKj9DcjANGTLl7rzhymLqFIllVWWrPR2-yIzQPLVSh1Wt_j_mYTsA1RRexYBc4LfBxwRZqzFw3_XMFmPgrvHv8S2Ne2LWTpt5ht-HjnMrOZ-GgdbtJfZi0DQ6FVeXtOBr9FI2RH6zpQmPHzUjFRD8ghpzbtFI_XSOux66l-401rKlYlYf-6caxB5icV6Sct4DJEIq8mMW5hJ7OVAsL54JSgaY3mwCWCRfk7NxDKpL734UKMU8EBUludPCFcSGnP83pPGyvWJVToXY1ozjE0Bjx5cSPaox0ErBA_WYVkZBuWY41LrY6sSclqtXHK3vsmv9Od3VF1TRf1tH4Mw5kNQCB-i9ZY6akuMspjZZVbFPJIdtXqWYrlAIfhQVHz8gp5FSqO2MLz3G3DBmByiS2cuKVynY2r1EEycaNhGVWqFugADUgK7AiB9sUnUImVcPWjxPrIwEYw1SJROPTlsj3o_kdBRhH3HXig1BZJpUhD5iKXC0ADcbXiKdtR35gXAHN4hdA9ExfDKacTUjgEG_7n02BIEEYqzafAJ2HqPXNvam14nCK8Om5e0cEgGZxGt0FnAZTiTNjMgLOBaLexhYIBjWFMQo2bmTZTNaT1yz86KbF7b_Gj8ZimNwFzG-W0lnB3PNoHuYF0XIQwrOd7JYnNIyd25JI79X8nwRrrXHqfI8pkhA9wmxu9w6GoJ4wDr72JqrnCD82J7ncalYFVLbI4VoB9nhphHY01zxwjExdoVGGw6-BbeLqHYLyCNvBax_zNWT6t6qJxMOJhZEQwJW__hwya2ofTX03yiz7gkO3Gv9lF-_q9j0TpMBWvrKcaYV1OndKgdP6lnKk305lfuytjji0fsQuRtyGg3ID0Bj-Q9ubPdJ6lHCVsM_T5fVBO1jX1q1K4VnPoRL_Q&cid=CAASJeRoZdSAcqxjTo3pqnAeWm0pzkJ11U8MSVpxOHp2L2fk3khA8P0&rfl=1%2Chttps%253A%252F%252Fwww.krem.com%252F%240
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15857098a96a58a932231103f7e70f23f14ada491a869792a8c237b99a5055b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34611
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9121 		42 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dm2xkqsBNhGepJpqv44QcNu3Zhjua7ZvcCrfAgmRTjHU9YiC1zDfKZL5AvSuW-nFMp-_yp-6xQs8VtzoxbLAjzYggtYWTt5YL7waV6iqtuZGKlYRo
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 9121 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:36:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:36:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9121 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44876
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662981969255015"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 21:37:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 9121 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:32:28 GMT
l
www.google.com/ads/measurement/ Frame 9121 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkCNCXYPXmsgMS0MVF-rd8uYBg_CGW3B9Wmdfzy1i0yX0AfJm_efsCGfy7saP8fAD0ZbJP9VdtfQ4HVTolzFA0hYPTBQ
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame AA86 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 16:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
276329
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 16:52:10 GMT
file.mp4
r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame AA86
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2BBF78F5D7266041D7575C84E977110E50674CA8.6A2842D9BEFD6A42C3E284E82A62E8487FD430E4/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
2607:f8b0:4020:1::8 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:40 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2128698
Last-Modified
Mon, 06 Jun 2022 22:29:19 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 12 Sep 2022 21:37:40 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
651
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2BBF78F5D7266041D7575C84E977110E50674CA8.6A2842D9BEFD6A42C3E284E82A62E8487FD430E4/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 302E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 16:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
276330
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 16:52:10 GMT
file.mp4
r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 302E
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/06602F2DFCF399436B270A36D6CDB0E006D15259.4C5EABF691B51A3D181DE4607DB96DEB8FF6B235/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
2607:f8b0:4020:1::8 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:40 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2128698
Last-Modified
Mon, 06 Jun 2022 22:29:19 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 12 Sep 2022 21:37:40 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
651
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/06602F2DFCF399436B270A36D6CDB0E006D15259.4C5EABF691B51A3D181DE4607DB96DEB8FF6B235/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B3D2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEINQxf5LYN0nS5RUU7NlIoA&google_cver=1&google_push=AehlK4D437wfgIzTlCue_Elf0gZwA39mjZ6Gl8O-kGzPTmXq1lmhgBOI7k66V9d1tEwEcARHyva6EfxtDbtr4urL...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4D437wfgIzTlCue_Elf0gZwA39mjZ6Gl8O-kGzPTmXq1lmhgBOI7k66V9d1tEwEcARHyva6EfxtDbtr4urL1zLeehWw...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4D437wfgIzTlCue_Elf0gZwA39mjZ6Gl8O-kGzPTmXq1lmhgBOI7k66V9d1tEwEcARHyva6EfxtDbtr4urL1zLeehWwXxLQnw
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Sep 2022 21:37:40 GMT
Server
MT3 4505 5b23575 master iad-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4D437wfgIzTlCue_Elf0gZwA39mjZ6Gl8O-kGzPTmXq1lmhgBOI7k66V9d1tEwEcARHyva6EfxtDbtr4urL1zLeehWwXxLQnw
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Sep 2022 21:37:39 GMT
pixel
cm.g.doubleclick.net/ Frame B3D2
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4AFOYAWx6ih0bSxe16QwBT4cK2FiB5FBQF7p8D2cbQFsn9x9zHvy-PPyirp0Do5Vl9xVWDVuv5jq7...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4AFOYAWx6ih0bSxe16QwBT4cK2FiB5FBQF7p8D2cbQFsn9x9zHvy-PPyirp0Do5Vl9xVWDVuv5jq7...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4AFOYAWx6ih0bSxe16QwBT4cK2FiB5FBQF7p8D2cbQFsn9x9zHvy-PPyirp0Do5Vl9xVWDVuv5jq72DglcbKKDVIWoR-RGl&google_hm=MDYwMzAwMDJfNjMxZmE...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4AFOYAWx6ih0bSxe16QwBT4cK2FiB5FBQF7p8D2cbQFsn9x9zHvy-PPyirp0Do5Vl9xVWDVuv5jq72DglcbKKDVIWoR-RGl&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4AFOYAWx6ih0bSxe16QwBT4cK2FiB5FBQF7p8D2cbQFsn9x9zHvy-PPyirp0Do5Vl9xVWDVuv5jq72DglcbKKDVIWoR-RGl&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame B3D2
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAehlK4ARPqB0M4qEToDeMoNCKTC3hk4Lo6WetaLIDbURX0xnAo6h6h1jgyAApx7x4XhpwT_NrDFAu1ryi-...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4ARPqB0M4qEToDeMoNCKTC3hk4Lo6WetaLIDbURX0xnAo6h6h1jgyAApx7x4XhpwT_NrDFAu1ryi-tSHCW2mnAdLU076Rn81Q&google_hm=5c63b8fc-35f1-4969-...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4ARPqB0M4qEToDeMoNCKTC3hk4Lo6WetaLIDbURX0xnAo6h6h1jgyAApx7x4XhpwT_NrDFAu1ryi-tSHCW2mnAdLU076Rn81Q&google_hm=5c63b8fc-35f1-4969-a16b-e4efe07de565
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:40 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-12
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4ARPqB0M4qEToDeMoNCKTC3hk4Lo6WetaLIDbURX0xnAo6h6h1jgyAApx7x4XhpwT_NrDFAu1ryi-tSHCW2mnAdLU076Rn81Q&google_hm=5c63b8fc-35f1-4969-a16b-e4efe07de565
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B3D2
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEARf4h8jkzLbHxfH613lq6k&google_cver=1&google_push=AehlK4BAaGG0l-K-iqmVqDa5V6-CuxwpCeVCfCGVoEzpj0lS1tWTApceOIEcb-DigfRR_XBl7aoEfUipiu26kjGIb...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4BAaGG0l-K-iqmVqDa5V6-CuxwpCeVCfCGVoEzpj0lS1tWTApceOIEcb-DigfRR_XBl7aoEfUipiu26kjGIbITkyeai5xqd6A&google_hm=FTkxeLZHR3PtEe5nScqb...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4BAaGG0l-K-iqmVqDa5V6-CuxwpCeVCfCGVoEzpj0lS1tWTApceOIEcb-DigfRR_XBl7aoEfUipiu26kjGIbITkyeai5xqd6A&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Sep 2022 21:37:40 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4BAaGG0l-K-iqmVqDa5V6-CuxwpCeVCfCGVoEzpj0lS1tWTApceOIEcb-DigfRR_XBl7aoEfUipiu26kjGIbITkyeai5xqd6A&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame B3D2
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPfjGebC06lV1eEY1djKin0&google_cver=1&google_push=AehlK4DUAc6p0xFnporanHstoftL9SVZaBT8T9EJKtkVL9XGQO-N4g7k3odlhboZBxwXU4FQq16zG1b3Q3eq0xCLHv9CwYo_KswbXg
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4DUAc6p0xFnporanHstoftL9SVZaBT8T9EJKtkVL9XGQO-N4g7k3odlhboZBxwXU4FQq16zG1b3Q3eq0xCLHv9CwYo_KswbXg&google_hm=ZzVjNDdlNDgyMjIwZj...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4DUAc6p0xFnporanHstoftL9SVZaBT8T9EJKtkVL9XGQO-N4g7k3odlhboZBxwXU4FQq16zG1b3Q3eq0xCLHv9CwYo_KswbXg&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4DUAc6p0xFnporanHstoftL9SVZaBT8T9EJKtkVL9XGQO-N4g7k3odlhboZBxwXU4FQq16zG1b3Q3eq0xCLHv9CwYo_KswbXg&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame B3D2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIiS_Lim73JJvDJH0upw8KU&google_cver=1&google_push=AehlK4B__8aVodQnRlmdtdARIlrEZm_-4VSNMbd4emeNxgakHwN-5LqHo7le2wy_X84fr9i1U-...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1raDBiT0FGRTJ1RzFiNS5vM2FxcWF0NXQyeDNIN1VCcn5B&google_push=AehlK4B__8aVodQnRlmdtdARIlrEZm_-4VSNMbd4emeNxgakHwN-5LqHo...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1raDBiT0FGRTJ1RzFiNS5vM2FxcWF0NXQyeDNIN1VCcn5B&google_push=AehlK4B__8aVodQnRlmdtdARIlrEZm_-4VSNMbd4emeNxgakHwN-5LqHo7le2wy_X84fr9i1U-Lq9AQ_CQsgCJE4lXUtzfoelOcww4I
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1raDBiT0FGRTJ1RzFiNS5vM2FxcWF0NXQyeDNIN1VCcn5B&google_push=AehlK4B__8aVodQnRlmdtdARIlrEZm_-4VSNMbd4emeNxgakHwN-5LqHo7le2wy_X84fr9i1U-Lq9AQ_CQsgCJE4lXUtzfoelOcww4I
date
Mon, 12 Sep 2022 21:37:40 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame B3D2
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEAnbfEsDGdWeytNQhxu7NP8&google_cver=1&google_push=AehlK4Daox083TVyECVRntjfWr09n8Q_xSBbE8VcAUrOjcN_68OZTVsh38gNtaYUSxEjzf8EHSy5PZ1oMKQRIoH...
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4Daox083TVyECVRntjfWr09n8Q_xSBbE8VcAUrOjcN_68OZTVsh38gNtaYUSxEjzf8EHSy5PZ1oMKQRIoHTMkjRlYkBZ...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4Daox083TVyECVRntjfWr09n8Q_xSBbE8VcAUrOjcN_68OZTVsh38gNtaYUSxEjzf8EHSy5PZ1oMKQRIoHTMkjRlYkBZHI3yM0
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4Daox083TVyECVRntjfWr09n8Q_xSBbE8VcAUrOjcN_68OZTVsh38gNtaYUSxEjzf8EHSy5PZ1oMKQRIoHTMkjRlYkBZHI3yM0
Date
Mon, 12 Sep 2022 21:37:40 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame B3D2 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K28gJnadOw9FZQ5n4R80zjsE5gdIv3gDLEI_adZauguquUk5Z2fF2x0xUiiBXcatG2pEnjhFI
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 874E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
681
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
15013890920676311251
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:26:19 GMT
css
fonts.googleapis.com/ Frame 874E 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 21:04:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 12 Sep 2022 21:37:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Sep 2022 21:37:40 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/ Frame 874E 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.css
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13937
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:45:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 17:45:23 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/ Frame 874E 		357 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
253d9f8f590d4a7587f9ea63e6a1ec9a58800359dfb311dbf9d793bcfd46b128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13937
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126309
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:45:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 17:45:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 874E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
312
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:32:28 GMT
l
www.google.com/ads/measurement/ Frame 874E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT03cXQPNvyfOLIdRaEEbhyiEDhuh68-gdG2_7PoTWK_TlXH5oNhM-B6xIz3cF17QYJS4b6WuDyCeq4AsXH1QS3fSPwQg
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 874E 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 16:52:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17108
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 12 Sep 2023 16:52:32 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 6555 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 16:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
276330
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 16:52:10 GMT
file.mp4
r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 6555
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/51539FA3EE14AC31E742E1D5083A91C464C78278.25EA88271658D261AFBCD79D9E6A94EABA8444ED/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2607:f8b0:4020:1::8 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2128698
client-protocol
quic
last-modified
Mon, 06 Jun 2022 22:29:19 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
null
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
null
expires
Mon, 12 Sep 2022 21:37:40 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
651
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/51539FA3EE14AC31E742E1D5083A91C464C78278.25EA88271658D261AFBCD79D9E6A94EABA8444ED/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4986
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEINQxf5LYN0nS5RUU7NlIoA&google_cver=1&google_push=AehlK4Db0ArR2VU6_6QvzBl-1ef0Cm9bLeqqGduSfdvyyQj6n-sx4QZgu0ICZWlg79eBV5F0JSK89zlqAVr0SCJe...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4Db0ArR2VU6_6QvzBl-1ef0Cm9bLeqqGduSfdvyyQj6n-sx4QZgu0ICZWlg79eBV5F0JSK89zlqAVr0SCJexbJ1vbSZeV8
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4Db0ArR2VU6_6QvzBl-1ef0Cm9bLeqqGduSfdvyyQj6n-sx4QZgu0ICZWlg79eBV5F0JSK89zlqAVr0SCJexbJ1vbSZeV8
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Sep 2022 21:37:40 GMT
Server
MT3 4505 5b23575 master iad-pixel-x13 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4Db0ArR2VU6_6QvzBl-1ef0Cm9bLeqqGduSfdvyyQj6n-sx4QZgu0ICZWlg79eBV5F0JSK89zlqAVr0SCJexbJ1vbSZeV8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Sep 2022 21:37:39 GMT
pixel
cm.g.doubleclick.net/ Frame 4986
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMWoS1DT6QcYlXOUx_4KM8o&google_cver=1&google_push=AehlK4DLX6dSLl4IaVMlno_3LLhbuY4jhNsTcgmF76yaEFsswtjvNv8VsDmheGIEf9kGklGMh_I4rBpnCE-CDyPGw65CoaYk-p0
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4DLX6dSLl4IaVMlno_3LLhbuY4jhNsTcgmF76yaEFsswtjvNv8VsDmheGIEf9kGklGMh_I4rBpnCE-CDyP...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4DLX6dSLl4IaVMlno_3LLhbuY4jhNsTcgmF76yaEFsswtjvNv8VsDmheGIEf9kGklGMh_I4rBpnCE-CDyPGw65CoaYk-p0
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4DLX6dSLl4IaVMlno_3LLhbuY4jhNsTcgmF76yaEFsswtjvNv8VsDmheGIEf9kGklGMh_I4rBpnCE-CDyPGw65CoaYk-p0
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 11 Sep 2022 21:37:40 GMT
pixel
cm.g.doubleclick.net/ Frame 4986
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4BSICDr5IZ-7gGm48STPnNxgC4jg3ZI0AEsSrO7OZAKRZeIpdnanV1groe5ABvjEtL2PMy8FkQfE5...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4BSICDr5IZ-7gGm48STPnNxgC4jg3ZI0AEsSrO7OZAKRZeIpdnanV1groe5ABvjEtL2PMy8FkQfE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4BSICDr5IZ-7gGm48STPnNxgC4jg3ZI0AEsSrO7OZAKRZeIpdnanV1groe5ABvjEtL2PMy8FkQfE5RW2sQJqQx5RAqRtrg&google_hm=MDYwMzAwMDJfNjMxZmE2...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4BSICDr5IZ-7gGm48STPnNxgC4jg3ZI0AEsSrO7OZAKRZeIpdnanV1groe5ABvjEtL2PMy8FkQfE5RW2sQJqQx5RAqRtrg&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4BSICDr5IZ-7gGm48STPnNxgC4jg3ZI0AEsSrO7OZAKRZeIpdnanV1groe5ABvjEtL2PMy8FkQfE5RW2sQJqQx5RAqRtrg&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame 4986
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4CHLzp3FnGFtd8EykU2tMwEEdovPappOcv37yZAdhtfV_Lg5hrxf0mWjp6565MnGo7L0CVqgHnpWinX2Wcq1wo6t5OaNQ
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4CHLzp3FnGFtd8EykU2tMwEEdovPappOcv37yZAdhtfV_Lg5hrxf0mWjp6565MnGo7L0CVqgHnpWinX2Wcq1wo6t5OaNQ
date
Mon, 12 Sep 2022 21:37:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4986
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAehlK4DunoglvaaI56pjN8xB96FHvzXgrNyIAdulQEBpPEOMxukECXOdN-eQcRXCqnixBcwJp_4VjWJuYQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4DunoglvaaI56pjN8xB96FHvzXgrNyIAdulQEBpPEOMxukECXOdN-eQcRXCqnixBcwJp_4VjWJuYQNOqEccrPOA3WsRem4&google_hm=5c63b8fc-35f1-4969-a16...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4DunoglvaaI56pjN8xB96FHvzXgrNyIAdulQEBpPEOMxukECXOdN-eQcRXCqnixBcwJp_4VjWJuYQNOqEccrPOA3WsRem4&google_hm=5c63b8fc-35f1-4969-a16b-e4efe07de565
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:40 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-12
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4DunoglvaaI56pjN8xB96FHvzXgrNyIAdulQEBpPEOMxukECXOdN-eQcRXCqnixBcwJp_4VjWJuYQNOqEccrPOA3WsRem4&google_hm=5c63b8fc-35f1-4969-a16b-e4efe07de565
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4986
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPfjGebC06lV1eEY1djKin0&google_cver=1&google_push=AehlK4AkggyEE8sRes0jEybEiYmyjAHJ8Ym__Sxv5Eu49P-sVqC8pi3WKv-1l7Cg6jh6Wm4XJuEsNt7DhT5Axv40b_BUws_iTOU
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4AkggyEE8sRes0jEybEiYmyjAHJ8Ym__Sxv5Eu49P-sVqC8pi3WKv-1l7Cg6jh6Wm4XJuEsNt7DhT5Axv40b_BUws_iTOU&google_hm=ZzVjNDdlNDgyMjIwZjRiO...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4AkggyEE8sRes0jEybEiYmyjAHJ8Ym__Sxv5Eu49P-sVqC8pi3WKv-1l7Cg6jh6Wm4XJuEsNt7DhT5Axv40b_BUws_iTOU&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4AkggyEE8sRes0jEybEiYmyjAHJ8Ym__Sxv5Eu49P-sVqC8pi3WKv-1l7Cg6jh6Wm4XJuEsNt7DhT5Axv40b_BUws_iTOU&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4986
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIiS_Lim73JJvDJH0upw8KU&google_cver=1&google_push=AehlK4C168lilY9g0nuv8ZRfHy4j6l9iYtxrANrTWrWxrJCXX_tSSqRh5NtyX7pkotwcp97rgD...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1raDBiT0FGRTJ1RzFiNS5vM2FxcWF0NXQyeDNIN1VCcn5B&google_push=AehlK4C168lilY9g0nuv8ZRfHy4j6l9iYtxrANrTWrWxrJCXX_tSSqRh5...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1raDBiT0FGRTJ1RzFiNS5vM2FxcWF0NXQyeDNIN1VCcn5B&google_push=AehlK4C168lilY9g0nuv8ZRfHy4j6l9iYtxrANrTWrWxrJCXX_tSSqRh5NtyX7pkotwcp97rgD0aQQDyYnLTzzkiqbYLsauzVGm0
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1raDBiT0FGRTJ1RzFiNS5vM2FxcWF0NXQyeDNIN1VCcn5B&google_push=AehlK4C168lilY9g0nuv8ZRfHy4j6l9iYtxrANrTWrWxrJCXX_tSSqRh5NtyX7pkotwcp97rgD0aQQDyYnLTzzkiqbYLsauzVGm0
date
Mon, 12 Sep 2022 21:37:40 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 4986 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ll7cqvAS69FBOnKODVUbyuJzl-74l8vc78cspTMxFG8ct9kvMKFEiPnIV5SlEDPuK5gWjQXA
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
csi
csi.gstatic.com/ Frame 2C23 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l7zadek1&c=1208302966536&slotId=604151483268&qqid=CJiSwaObkPoCFRpQhwodCrACAA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:815::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2C23 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 19:32:04 GMT
x-content-type-options
nosniff
age
439536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 19:32:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2C23 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 10:24:38 GMT
x-content-type-options
nosniff
age
299582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 10:24:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C23 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CMlT0o6YfY9i0DpqgnQSK4AqeoaGuXKH56P6fA8CNtwEQASAAYP3oooHwA4IBF2NhLXB1Yi0zNjg2OTgxNDA3ODM5NjQyoAGnypCnA8gBBeACAKgDAcgDAqoEiwJP0AV5zwHbf-6H8kkJN6luIHx3TA9_qSpFQrcY5IXnlAUdmBGqKg0UpWQyRUwAr0Nfu2MSrSqJ3vphhl7q2mITYLKzzeyDFnMkKufYAVRGVV6Mk3b7vOSrdJgXmpBqu7zdNw0vuY8C1ohKkebQSqG6HzC_aU2u3mhPrLRkZoxNZrrJ3A1iJmWecptUYrRnUzquhSfi2eoQU9j7XTQK-_1_bcMjP6LOtos29iqNWnAXWEkReasxlobgB0XAf3wVE-BsGmS-LpFkhCZdmVpB2H_om3fTkK0HQB9BAXboqQdpcnI6foOSvhiI1dIBAftO4JWRp9fl0SfN6PCq89vwys9B1wDs4fmP1JnKRy3gBAGABrfM9O6Ws-6J7QGgBiqoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB&eventType=clickstring&clientTime=1663018660087&ai=CMlT0o6YfY9i0DpqgnQSK4AqeoaGuXKH56P6fA8CNtwEQASAAYP3oooHwA4IBF2NhLXB1Yi0zNjg2OTgxNDA3ODM5NjQyoAGnypCnA8gBBeACAKgDAcgDAqoEiwJP0AV5zwHbf-6H8kkJN6luIHx3TA9_qSpFQrcY5IXnlAUdmBGqKg0UpWQyRUwAr0Nfu2MSrSqJ3vphhl7q2mITYLKzzeyDFnMkKufYAVRGVV6Mk3b7vOSrdJgXmpBqu7zdNw0vuY8C1ohKkebQSqG6HzC_aU2u3mhPrLRkZoxNZrrJ3A1iJmWecptUYrRnUzquhSfi2eoQU9j7XTQK-_1_bcMjP6LOtos29iqNWnAXWEkReasxlobgB0XAf3wVE-BsGmS-LpFkhCZdmVpB2H_om3fTkK0HQB9BAXboqQdpcnI6foOSvhiI1dIBAftO4JWRp9fl0SfN6PCq89vwys9B1wDs4fmP1JnKRy3gBAGABrfM9O6Ws-6J7QGgBiqoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 2C23 		31 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ALfyxCa-7HzrElwPedBw5TWadfQju5LtGF74Wn1-kC-fYhxBcXddZshVOaA3S1E8sY6_SvOuCi94iF5SsrFkBJAvZEmQ&dbm_d=AKAmf-BefpjtQmdZxU7yAhHfNUgiFWTHt_E5MVVaVgJcc9BOw7DLrf45giJL1wRACkPebyhRwng6LNJzUh_8hlSvyHx4T-XFXwKoOELxmQHaRGTCGZQjLSj7iNIgIzKlgxhN9iS60V9ESnUIxm37qNqeKGZVHSOrXNvCLwmVV1g_6ZDl9IkJkGvfFGCknWuD78eYg1x1LP0VhyjfObttDwz7zmtHBj1iN7FR0jeQDrY2bXMXgdEGtFAgn7VsB3vjKd_DgiTU3eTL6p_sBlQY1jqJJndYJf7cDHMBz_8DovWsDTx5diMFTVANfvMd6nKi_tP2XyEUO3wtjY1sUbwnzZ5BlwyhkjQyX5RchMzzftwN6abRUjfRw_Q6JhoxQQscVtNhWZPAjVuIqJz0VDaqMFeEi-Rh7pgt9Y1WuT_vaBi1gWpjPwXUZBYRymwqlUNB6V2hx91NUDMIliEQP63XoWPoSMIKfyEt7r2BLUJp3EGfRnvw-rhrUT-UBAH3vkl6PaBi0lzt_NQ5rXcg9B79EnhG77Tx3xXUbzUe3l-WIGI735JenzDXQJKFZN1v0iyrBwXorBdwsc6LDIgiD2805LWC5LigBPIGEIiGw72zFSYMv_D9GvGLCx7YTp9sXkFOPD-kLEilUGqKK9rNKUpyfUOyPAS1aK0LRgel630uJ0B__-_dVY5OgOJVCJ9Myx4jOK_A9e2ca1eGSuXnM8pqclN9xQRFO5pk0FGVd_SYwH_RYmq3stCImJmuF_ZYYIDzyZs5992nNIkIDeoak9ozfJV6qBgOLSXC2fQL7pQK2KTNsxtb5eBsT3b5qsAmu5a-JTqWG4hPmnW0fKRZUdrfp5dPvFSoj9sVD6ULhzdPZpHOiMNLkDFY2yLQQ3Badqke8BC0d3oHmH8zHPnN8WCqD9QmnYKCnxmfYyg1nmQLJS6seHUdFFY5-sgx21Suk8tEr3OjEzH3N1_sKdy__nEWt_K1YSSGCnWkJYSsys0RxaW4Apeoi7Y-fOVR_LGkB0VXR2CAYh2obS6AlbMQ4lLyXV84_x28zBpAhRMC2SvcR6LzhWMjgLdscoSkR1OB_ALFVvTp4QkQWEVBwqX4ezmAmQ1t7Bsju3Xs9rspG7QPeO2HaG_DtlLg1LlSyD--N_q4O05STNMpxa3US_xVF03Lui01OiF6y0UIxu122IIR3IQC6MgS2y2jw3MdVuF4f63c9CIZCiRq2wY4hteNUaDLvyhHEO2EA24M4H03MkcGOAvUY1lQ-AdDHGilukP90Xw67klDb0B_cBtJyK_PLGlebF3iNOIWRYGI1QYilnO7-leam0BUQoAkPytPZLuAxZow88vSUD5s2XSRNfOmLq7wUgzLSiw9sZ2HApue9KJ7BQupZ6IRnv8XeQa3N9E_qGdVZlvvWGX22qy4MKHmBYFDgGZRf-0WD3rEi2WippyeMiHRAcIrHolj8t3QmoDEroQaKral50zxlq1x36N1FbwrDUIp4z7ITWnliEmZw2jNy07PRBM1pWdtglV05eYdVAZbyVYHTmgXXcDtJVCV7wUlox-8Atg3orQiA0zy2kn-G22KD0-Zak--hNFb1CfFMYVdS2nr-3IuWhoFWQhJmzMHLGMArGRaVs9J3u5gdrOyyZiqfyW7YC2ztJlHjWSDBUTZ8x2fP2GHwFT6ketqThgCAKyshoPIpgJBqtFajke7d3EGRV9sqUUYa5nhU0Ewpe6i_mxmSSOJzTOPm4AZNoLiUrNC6JsZLNW-DsmOaD50jhldWBYUTfUNwERRb4GlLhjHXyWDStLT_Y6ptvmdUO8r9IoHkusoCCy4yEwIdkZHs-qlRAf0PE8L7BAUEJ8ZGtpblT29QV57HfwYt7z3ihtQaFE6H7F9_-0iJPcuiM0aiRaK1QEx0kI2ExKg5TXoEwMOdgxz1EN4lulKBpK77Y5L1Zd_ZwBHTGphnI_pOtin7IsszYvLfQowqqJ0r-mRwJNWSEnG7DpYx_7YxibNrYZifNY_ceY8lafpj1WQOvMfzVsicXAJbnkcolj3l5GXmJcx8E6GUO-zuL4aD3S2R_upM40XEMrAI3dadKYGijgMqhVJGrIQ9MtLOu-fAsM4U7dKb34hhR158tnCvKVsOsnZlXbrp5i0UZNMwXy7sNCh1BIYQRYkY7c9MD7LTBkQ_nzxsvD1jMVWM87sjKX2kIFjq6d2gTyTvEDPKnLRMit671cT-wdtZvoE0dSNfN0gB03Eh0XbxsOcriiCQY1kmF02wHjlVgIN18rbBuInu_P0jbKfLP4Zwa8hy1EkpRheOcQK9uHj0r4glCubwE4Fx1AsLSwMRCAbElHfhnKOWpeMQJzZdlePQk88Ao3rkwKYyZ5Aw-Dmc-3JF59XUc1nY8wYTjiRapq8BZrEppPdocwMRxeJrfoeKCYWm7fdHm8d5b86JtrlhqTGeP0aOY80Yi66fFnBmfe8t3jBtCtfT8xGHQELqphHpjKipDA4G_pTlpk9LpkQbBL4h8eaISN90PUPtgSCLLuPiLZxaJnUJ-Go6lWb-SMlNowHgQ7LsSBcpjAYD4T7GAIX66_P46kRg1pFnd1VqTQImi4xQUmgK0fooQVovTe4HgVR6aaXd6PI6zICurMKG5we7SmLE1tWb1F5d_0ZvN1CX63t1JrA-OsFKbCefAbgH-L111-BPI-ZP5zTPiIjrPsNpJZFwwZcbCtdQ01XzzlpG0GeyBqOpn4E69jkePYBVCJict35wPhHVxB0f0ix654fkktnSHu127lLGnDlRB_AUkc1AER3cvqaCHmAa5e94bvwMQxe6GP8R2eHoDfprHsHyDIi19mHuLEqXc5bw_yJMbCJrROwB1e4WyY7qSHPFnI7r-N9Vf1Y8QsNDkEp-IU-ZS0wprM7bMyxOvmutgCk54TVhHMBKEiizfN_-xPjzeOOoAaZ6HfeqvR5zeKYsToFjfNVLfxxZNv9Ff0u9c0_tyxollwBo4yNSjZvsUYFeLh6JxGC-scUPsbJfglAjjasPmzPYtgEEoi0dbRjx0IGwEp1TWViEM1QLDB8zAJbbnpB8WaT6U31D4xjspnVKnMy2v1oT7V5xQxKrbJQF58TjKjPRVUgEIssYYMSsGxlxme21Jox2x4s3tnegnuReGBoFOQoO3sWMvJbXpsGUW37qWmNjw6_VBu2gKCk3k5fKtJLHL66jzvu4kbSxRZws3ns8v4PpZX_ZRAM-4_wVL9B4mUXJSMx7oAWDcvhTPgxHY8ggX_V2x7bSHHfE9WzZYV-ngTX&cid=CAASEuRopZeYLjiTR1SN1MdDn7AGIA&pr=13%3AYx-mowAAAADMwao60VRvonMvRFrj8-FeLNNW1g&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
268eff897f61eb7cdeecd646808d25b9a6630646943426ee681eb37ce271e58e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16443
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2C23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2PgWo6YfY9i0DpqgnQSK4AqeoaGuXKH56P6fA8CNtwEQASAAYP3oooHwA4IBF2NhLXB1Yi0zNjg2OTgxNDA3ODM5NjQyoAGnypCnA8gBBeACAKgDAaoEiAJP0AV5zwHbf-6H8kkJN6luIHx3TA9_qSpFQrcY5IXnlAUdmBGqKg0UpWQyRUwAr0Nfu2MSrSqJ3vphhl7q2mITYLKzzeyDFnMkKufYAVRGVV6Mk3b7vOSrdJgXmpBqu7zdNw0vuY8C1ohKkebQSqG6HzC_aU2u3mhPrLRkZoxNZrrJ3A1iJmWecptUYrRnUzquhSfi2eoQU9j7XTQK-_1_bcMjP6LOtos29iqNWnAXWEkReasxlobgB0XAf3wVE-BsGmS-LpFkhCZdmVpB2H_om3fTkK0HQB9BAXboqQdpcnI6PIGzLMgBR7i5k4aXAuxMbe_y26PExuhvPCGJFw_9ySz0M1UFviHgBAGABrfM9O6Ws-6J7QGgBiqoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zNjg2OTgxNDA3ODM5NjQyGMj6Gg&sigh=r5J4stgth9g&uach_m=[UACH]&cid=CAQSPACsnQUxpUwhxM-kEu9uTSM6nHsSO6wGHhfACmEdxQ4vK958DNUugjW59BHKlyJfIkRqeT5Fcaztjn43VhgB&vt=10
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 88A7 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
13937
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 17:45:23 GMT
etag
48472445140208031
expires
Tue, 13 Sep 2022 17:45:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2C23 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f44575dec03c8b3f4d5dc9efd4b5b4c12c0c3ffdf19c5ae5bd2d0e0abbe8aff4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
sync
partners.tremorhub.com/ Frame DE62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEK8_UKJNH9JXTeejqk7cy5g&google_cver=1
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEK8_UKJNH9JXTeejqk7cy5g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Y84y3wAEwAQ&v=APEucNUQcKnssh0MYKQ9OgZ2Puc05zKzNHCPcJSgvvtQoYXrjvJYo1pRd-kPpUXDW6YEHDHLwpL0_8vgavBHujFSd__y8u-Yww
Protocol
H2
Server
2600:1f18:612b:4200:fd1:5892:27bc:b9b0 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEK8_UKJNH9JXTeejqk7cy5g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame DE62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBvHYDForwSgEMbh7o9SbGo&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBvHYDForwSgEMbh7o9SbGo&google_cver=1&__user_check__=1&sync_id=208e1106-32e3-11ed-a6c1-164d817e0103
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBvHYDForwSgEMbh7o9SbGo&google_cver=1&__user_check__=1&sync_id=208e1106-32e3-11ed-a6c1-164d817e0103
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Y84y3wAEwAQ&v=APEucNUQcKnssh0MYKQ9OgZ2Puc05zKzNHCPcJSgvvtQoYXrjvJYo1pRd-kPpUXDW6YEHDHLwpL0_8vgavBHujFSd__y8u-Yww
Protocol
H2
Server
69.12.8.74 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
241
content-length
43

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
location
/partner?adv_id=7025&uid=CAESEBvHYDForwSgEMbh7o9SbGo&google_cver=1&__user_check__=1&sync_id=208e1106-32e3-11ed-a6c1-164d817e0103
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
322
content-length
0
pixel
cm.g.doubleclick.net/ Frame DE62
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjA4ZTAyY2EtMzJlMy0xMWVkLWI1NWItMWVjZjJhNDYwMTAz
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjA4ZTAyY2EtMzJlMy0xMWVkLWI1NWItMWVjZjJhNDYwMTAz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Y84y3wAEwAQ&v=APEucNUQcKnssh0MYKQ9OgZ2Puc05zKzNHCPcJSgvvtQoYXrjvJYo1pRd-kPpUXDW6YEHDHLwpL0_8vgavBHujFSd__y8u-Yww
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjA4ZTAyY2EtMzJlMy0xMWVkLWI1NWItMWVjZjJhNDYwMTAz
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
122
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1E13
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEINQxf5LYN0nS5RUU7NlIoA&google_cver=1&google_push=AehlK4CzOED_qr-zcTo_-RoVGn_BekH0q0urbftVtIJgYO9OIOiN83zZi2dXWyRkpd7mPoomdtArSnX29KIfqil5...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4CzOED_qr-zcTo_-RoVGn_BekH0q0urbftVtIJgYO9OIOiN83zZi2dXWyRkpd7mPoomdtArSnX29KIfqil5M0qLU5Ijhio
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4CzOED_qr-zcTo_-RoVGn_BekH0q0urbftVtIJgYO9OIOiN83zZi2dXWyRkpd7mPoomdtArSnX29KIfqil5M0qLU5Ijhio
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Sep 2022 21:37:40 GMT
Server
MT3 4505 5b23575 master iad-pixel-x19 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4CzOED_qr-zcTo_-RoVGn_BekH0q0urbftVtIJgYO9OIOiN83zZi2dXWyRkpd7mPoomdtArSnX29KIfqil5M0qLU5Ijhio
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Sep 2022 21:37:39 GMT
pixel
cm.g.doubleclick.net/ Frame 1E13
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMWoS1DT6QcYlXOUx_4KM8o&google_cver=1&google_push=AehlK4Au77S0JkVSiDBISAU-1UwVfosNVxqR9zx_g-NN9JqZUesN8e5nSKyaPW3lPApA4y8oQ3tTnvIcQVvQbXQ-SRRpzMPw09Y
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4Au77S0JkVSiDBISAU-1UwVfosNVxqR9zx_g-NN9JqZUesN8e5nSKyaPW3lPApA4y8oQ3tTnvIcQVvQbXQ...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4Au77S0JkVSiDBISAU-1UwVfosNVxqR9zx_g-NN9JqZUesN8e5nSKyaPW3lPApA4y8oQ3tTnvIcQVvQbXQ-SRRpzMPw09Y
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4Au77S0JkVSiDBISAU-1UwVfosNVxqR9zx_g-NN9JqZUesN8e5nSKyaPW3lPApA4y8oQ3tTnvIcQVvQbXQ-SRRpzMPw09Y
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 11 Sep 2022 21:37:40 GMT
pixel
cm.g.doubleclick.net/ Frame 1E13
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4A2bdBny7TZLolbXO2anyqdQbrAb2dCfuchk5mMV3fAoUfNohsJ3t_a1ulE9ccgTh9NDAbrel8YUZ...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4A2bdBny7TZLolbXO2anyqdQbrAb2dCfuchk5mMV3fAoUfNohsJ3t_a1ulE9ccgTh9NDAbrel8YUZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4A2bdBny7TZLolbXO2anyqdQbrAb2dCfuchk5mMV3fAoUfNohsJ3t_a1ulE9ccgTh9NDAbrel8YUZzY_ZL0a6QQY1dYcmI&google_hm=MDYwMzAwMDJfNjMxZmE2...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4A2bdBny7TZLolbXO2anyqdQbrAb2dCfuchk5mMV3fAoUfNohsJ3t_a1ulE9ccgTh9NDAbrel8YUZzY_ZL0a6QQY1dYcmI&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4A2bdBny7TZLolbXO2anyqdQbrAb2dCfuchk5mMV3fAoUfNohsJ3t_a1ulE9ccgTh9NDAbrel8YUZzY_ZL0a6QQY1dYcmI&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame 1E13
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4Doc0QI4C0nB58F4cR4b0QJ9RulJEUaLf83Q1rR2gwiLwqKlbaVG8HWz5idTpuD8OB3ZSCggy5nUJ5j_cIZ1Z0pUsBnKYI
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4Doc0QI4C0nB58F4cR4b0QJ9RulJEUaLf83Q1rR2gwiLwqKlbaVG8HWz5idTpuD8OB3ZSCggy5nUJ5j_cIZ1Z0pUsBnKYI
date
Mon, 12 Sep 2022 21:37:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 1E13
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEARf4h8jkzLbHxfH613lq6k&google_cver=1&google_push=AehlK4BDpjNXtGvtl-sCWigAmiHrcVFne_3Nz6I1Dq3DrpfB-PfAuTZLuHH_v4crDFcvXpjsxRS75sma9nBWDPlv3...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4BDpjNXtGvtl-sCWigAmiHrcVFne_3Nz6I1Dq3DrpfB-PfAuTZLuHH_v4crDFcvXpjsxRS75sma9nBWDPlv3byx82y02A&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4BDpjNXtGvtl-sCWigAmiHrcVFne_3Nz6I1Dq3DrpfB-PfAuTZLuHH_v4crDFcvXpjsxRS75sma9nBWDPlv3byx82y02A&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Sep 2022 21:37:40 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4BDpjNXtGvtl-sCWigAmiHrcVFne_3Nz6I1Dq3DrpfB-PfAuTZLuHH_v4crDFcvXpjsxRS75sma9nBWDPlv3byx82y02A&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 1E13
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPfjGebC06lV1eEY1djKin0&google_cver=1&google_push=AehlK4B4S5Dsi47moyHUVoPKtFSFMlXkQ3Jd40cQlNZjXL35UTnVBTHsJgWQ-SrSr7krbjNUgvjDhf79NUBPGgu5-EK3u60_hg
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4B4S5Dsi47moyHUVoPKtFSFMlXkQ3Jd40cQlNZjXL35UTnVBTHsJgWQ-SrSr7krbjNUgvjDhf79NUBPGgu5-EK3u60_hg&google_hm=ZzVjNDdlNDgyMjIwZjRiOT...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4B4S5Dsi47moyHUVoPKtFSFMlXkQ3Jd40cQlNZjXL35UTnVBTHsJgWQ-SrSr7krbjNUgvjDhf79NUBPGgu5-EK3u60_hg&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4B4S5Dsi47moyHUVoPKtFSFMlXkQ3Jd40cQlNZjXL35UTnVBTHsJgWQ-SrSr7krbjNUgvjDhf79NUBPGgu5-EK3u60_hg&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1E13
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEAnbfEsDGdWeytNQhxu7NP8&google_cver=1&google_push=AehlK4Cz-uNHZxp6Pyse2sEzG3Gi9ciYKqzXfH5ILhtEZF-k6prljwGRR6IfEgpwXFvnJflWuf1BwzirdVeu2zk...
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4Cz-uNHZxp6Pyse2sEzG3Gi9ciYKqzXfH5ILhtEZF-k6prljwGRR6IfEgpwXFvnJflWuf1BwzirdVeu2zk4ZDH2_clpOUE
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4Cz-uNHZxp6Pyse2sEzG3Gi9ciYKqzXfH5ILhtEZF-k6prljwGRR6IfEgpwXFvnJflWuf1BwzirdVeu2zk4ZDH2_clpOUE
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4Cz-uNHZxp6Pyse2sEzG3Gi9ciYKqzXfH5ILhtEZF-k6prljwGRR6IfEgpwXFvnJflWuf1BwzirdVeu2zk4ZDH2_clpOUE
Date
Mon, 12 Sep 2022 21:37:40 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 1E13 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KJ_iyw4ohB50KoNP-UTrzrPFrR6-GFHtPR35tw2O_v9XBnxt5FqJs7nlvFrlWtfcZCFfIc-Q
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 9121 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 01:29:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72469
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Sep 2022 01:29:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame 9121 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjYvyGyELyJSRO5Rt9jivIWRS-NMAW6k6Wa6EstnfdC1uHm4rT0Knr1v5Tma4Ie2_0UyYCr7qqPcyf2MKlmU1nE6Dtqw&cry=1&dbm_d=AKAmf-CaLyC9wr-niw7QLgc-8TXjpBHHeNA44ksZ38suY3h-ixmTk_pZB7uMMarXJn4bkLlucllcqJPoF4zkXhm6oCTqelYOj-TDoH9KgrLkOuuv3muCcFqkH9gy7Nqas1G2CZ4hKHLQoC7thvaiXRwgw1TKQipRAISPp0DHeRUMQWTO1A7FNqx6fKPnJ5CisB_B-22sxuv4Z_UMYvE-aW_59MknFvvXU5sitNrK58XWFnACi7xmZ4Qa3GlJygRo7Tm3GV1bppZD72JzegDcElRSvXzHdgSQXIkUkYbk-KPcLYXKmaUIj7X0YhgoIdsHjRalic38ODxfb_we2PM9Gc7ATGhpGOmyr4wpyUjO8l0ocU1KxWO0lik1DKa5t9p0QPL2cDI8D_5EBrMxdWg35NbAJtTI2qD4mGXrtcArj3tZrE4tkFiBpzGEWydyloCevDX3aMSaY6HK56Wv1xqVIqbEVshBfqNoj7s_CzecHn8WDaqIe3cMzozhgUFRIerGQmU9VA_xkj12G1n2I7Q2CPv7buDUG86DwJe4UZbgfVtCpIDtIcM3ZQ2cEqxi_17mcXF0Wf_YIZbilol31oQomBU8bp-btiV7Qp-fOGRBcilx38xeGn7o-2fAfZlsn9ZljBRxDnCOqv21UXVQIUMgFDBJadz0WrmZnm-LPqjVMGXoCew4paAD701TkJ9oBjQ02t6RpqiKXvcnQL-zRYLgtSfEwuj2gF5smpDl1cn_iUW2mBRk61bzVg4h4zXfGWjKyjbV80rIvjlCGNc7inUdxdRYF-X78dEAFnrR8G6exs6xa01BPFeTkBw2HigpTHK9WMrDuA2Rja1nDtjfGK5ORtXPOEo9XWYL58VXoOJz67iO13-ZMMUon8AJA5ZrSAclQeHyWAoREgid9-6MJ9u310mhmqD8AskwWkzWneRSLK7VErKuH75_IVI_bO6wESkTvOeb9ne25rOIJ1fhwYnbIOQYkxqilnRXdngkJgr3mhLe8AoDZNNSLWyESNc6FQFGfoorOwXsNHWbLvgD9OH1ybP_bj-5K88QAOLslubKNQcMs-UgzEWpQeXmx8EZw-oOKroupF6OFLhLCwFdgcO2-k-GKqOnJgym-f-xZnzP4WG2Nq2AL7gVTFx2_VxMEfh1Wmnp8lsTZaB7QZIiQZjoncL3O0NV87r6C5dODtq3Anz8rveDID-6vkYkF5t7HHv35oR-5QIWhP0PGRRh5Zb5CwpD_eWdf1hKUKT388uvIso6KH7ssAvUuxqRv6OAXujfiUH_ZK3Qv6rCN6_qkrnLTOTvVVomYc9s93NswGoTogSeKQqJAJmrar_Xnx_cicK6YG86VfUqQsahjR9toFJUxZCcxlKds93x0D092vH6kb_cQK1Zp0YUZMszhhf2IDJCYPKyNYJyoxMPSHLWAhqsgw2a0H1Aov-0_hFtBtnVOME_JRgH91yqHI_OVbtWTvt7HsZMbLS7JMJbI4hO3K6RVE2090YT-YOzAHQ4_xK004WIKDbK0fXPu-IgJ2-q7zer6hIdlYgoAzm78q0l-CHyIpCVeem8l6R5aYs3hLnTWWi1_6-0pb9M6a1bR3nA_lVTDXi-gCFGhjBECP9JmADSWhxEsc9OtCcLRuIOmHvSyl1cRzuBGPY0uG2zQyikNIoVOP-R6k6xTXAUGUxtQjVu3m5pTKap83mi0aeT2bfPWBJ0rR_NHyPYcStpR3kVyxXzwUsXCTNw5EKcmT-JJDHsj1NNhAKngsJ6gdl41UWJSzxtx1RjFxpyh9Asf5GMeRn5nfn9kHNjnH3zKTUOHf-nVDZj1WZDJkvJFhcfQb02OZ8KHXSbxNollhNMQ2a1l0MHV1xXnU4Coav22li12SxOC63oezw-zs42Z2pErhnW1eYSw9rGCWEgtYBfpDaHEW42UUpIFRJGHQ-Hkmj3pJFMvA4PAA3kWZQuBYIXX1apy5m08ND_pk-ZRaM7un47k5RBCfheAhRcFVTECUyUF6MRRrM14Jyr-aPa4jAuCBJL4--cB85l5vdyiBkOgGLGmyKZRn5reMD8fL5ynrAv44r4puf9kzNNXqapsSc0nkjetMRV_ahLjyVMQHcPigvWLabm_A5EkU6gpMGIrvwmkdRxWwqE9RWFmqJ5azSu6xSxUewooDVov8XK_leErLC8djGZBvNZqnO4VIF6f-kRNmhfLehx6nA0hCvw_7leDg5WAWrgebPLf-s3o5lhn6q_kGUGMULaXuaqRVy-Tl74RMO3ZiGVKj9DcjANGTLl7rzhymLqFIllVWWrPR2-yIzQPLVSh1Wt_j_mYTsA1RRexYBc4LfBxwRZqzFw3_XMFmPgrvHv8S2Ne2LWTpt5ht-HjnMrOZ-GgdbtJfZi0DQ6FVeXtOBr9FI2RH6zpQmPHzUjFRD8ghpzbtFI_XSOux66l-401rKlYlYf-6caxB5icV6Sct4DJEIq8mMW5hJ7OVAsL54JSgaY3mwCWCRfk7NxDKpL734UKMU8EBUludPCFcSGnP83pPGyvWJVToXY1ozjE0Bjx5cSPaox0ErBA_WYVkZBuWY41LrY6sSclqtXHK3vsmv9Od3VF1TRf1tH4Mw5kNQCB-i9ZY6akuMspjZZVbFPJIdtXqWYrlAIfhQVHz8gp5FSqO2MLz3G3DBmByiS2cuKVynY2r1EEycaNhGVWqFugADUgK7AiB9sUnUImVcPWjxPrIwEYw1SJROPTlsj3o_kdBRhH3HXig1BZJpUhD5iKXC0ADcbXiKdtR35gXAHN4hdA9ExfDKacTUjgEG_7n02BIEEYqzafAJ2HqPXNvam14nCK8Om5e0cEgGZxGt0FnAZTiTNjMgLOBaLexhYIBjWFMQo2bmTZTNaT1yz86KbF7b_Gj8ZimNwFzG-W0lnB3PNoHuYF0XIQwrOd7JYnNIyd25JI79X8nwRrrXHqfI8pkhA9wmxu9w6GoJ4wDr72JqrnCD82J7ncalYFVLbI4VoB9nhphHY01zxwjExdoVGGw6-BbeLqHYLyCNvBax_zNWT6t6qJxMOJhZEQwJW__hwya2ofTX03yiz7gkO3Gv9lF-_q9j0TpMBWvrKcaYV1OndKgdP6lnKk305lfuytjji0fsQuRtyGg3ID0Bj-Q9ubPdJ6lHCVsM_T5fVBO1jX1q1K4VnPoRL_Q&cid=CAASJeRoZdSAcqxjTo3pqnAeWm0pzkJ11U8MSVpxOHp2L2fk3khA8P0&rfl=1%2Chttps%253A%252F%252Fwww.krem.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:35:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:35:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 9121 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjYvyGyELyJSRO5Rt9jivIWRS-NMAW6k6Wa6EstnfdC1uHm4rT0Knr1v5Tma4Ie2_0UyYCr7qqPcyf2MKlmU1nE6Dtqw&cry=1&dbm_d=AKAmf-CaLyC9wr-niw7QLgc-8TXjpBHHeNA44ksZ38suY3h-ixmTk_pZB7uMMarXJn4bkLlucllcqJPoF4zkXhm6oCTqelYOj-TDoH9KgrLkOuuv3muCcFqkH9gy7Nqas1G2CZ4hKHLQoC7thvaiXRwgw1TKQipRAISPp0DHeRUMQWTO1A7FNqx6fKPnJ5CisB_B-22sxuv4Z_UMYvE-aW_59MknFvvXU5sitNrK58XWFnACi7xmZ4Qa3GlJygRo7Tm3GV1bppZD72JzegDcElRSvXzHdgSQXIkUkYbk-KPcLYXKmaUIj7X0YhgoIdsHjRalic38ODxfb_we2PM9Gc7ATGhpGOmyr4wpyUjO8l0ocU1KxWO0lik1DKa5t9p0QPL2cDI8D_5EBrMxdWg35NbAJtTI2qD4mGXrtcArj3tZrE4tkFiBpzGEWydyloCevDX3aMSaY6HK56Wv1xqVIqbEVshBfqNoj7s_CzecHn8WDaqIe3cMzozhgUFRIerGQmU9VA_xkj12G1n2I7Q2CPv7buDUG86DwJe4UZbgfVtCpIDtIcM3ZQ2cEqxi_17mcXF0Wf_YIZbilol31oQomBU8bp-btiV7Qp-fOGRBcilx38xeGn7o-2fAfZlsn9ZljBRxDnCOqv21UXVQIUMgFDBJadz0WrmZnm-LPqjVMGXoCew4paAD701TkJ9oBjQ02t6RpqiKXvcnQL-zRYLgtSfEwuj2gF5smpDl1cn_iUW2mBRk61bzVg4h4zXfGWjKyjbV80rIvjlCGNc7inUdxdRYF-X78dEAFnrR8G6exs6xa01BPFeTkBw2HigpTHK9WMrDuA2Rja1nDtjfGK5ORtXPOEo9XWYL58VXoOJz67iO13-ZMMUon8AJA5ZrSAclQeHyWAoREgid9-6MJ9u310mhmqD8AskwWkzWneRSLK7VErKuH75_IVI_bO6wESkTvOeb9ne25rOIJ1fhwYnbIOQYkxqilnRXdngkJgr3mhLe8AoDZNNSLWyESNc6FQFGfoorOwXsNHWbLvgD9OH1ybP_bj-5K88QAOLslubKNQcMs-UgzEWpQeXmx8EZw-oOKroupF6OFLhLCwFdgcO2-k-GKqOnJgym-f-xZnzP4WG2Nq2AL7gVTFx2_VxMEfh1Wmnp8lsTZaB7QZIiQZjoncL3O0NV87r6C5dODtq3Anz8rveDID-6vkYkF5t7HHv35oR-5QIWhP0PGRRh5Zb5CwpD_eWdf1hKUKT388uvIso6KH7ssAvUuxqRv6OAXujfiUH_ZK3Qv6rCN6_qkrnLTOTvVVomYc9s93NswGoTogSeKQqJAJmrar_Xnx_cicK6YG86VfUqQsahjR9toFJUxZCcxlKds93x0D092vH6kb_cQK1Zp0YUZMszhhf2IDJCYPKyNYJyoxMPSHLWAhqsgw2a0H1Aov-0_hFtBtnVOME_JRgH91yqHI_OVbtWTvt7HsZMbLS7JMJbI4hO3K6RVE2090YT-YOzAHQ4_xK004WIKDbK0fXPu-IgJ2-q7zer6hIdlYgoAzm78q0l-CHyIpCVeem8l6R5aYs3hLnTWWi1_6-0pb9M6a1bR3nA_lVTDXi-gCFGhjBECP9JmADSWhxEsc9OtCcLRuIOmHvSyl1cRzuBGPY0uG2zQyikNIoVOP-R6k6xTXAUGUxtQjVu3m5pTKap83mi0aeT2bfPWBJ0rR_NHyPYcStpR3kVyxXzwUsXCTNw5EKcmT-JJDHsj1NNhAKngsJ6gdl41UWJSzxtx1RjFxpyh9Asf5GMeRn5nfn9kHNjnH3zKTUOHf-nVDZj1WZDJkvJFhcfQb02OZ8KHXSbxNollhNMQ2a1l0MHV1xXnU4Coav22li12SxOC63oezw-zs42Z2pErhnW1eYSw9rGCWEgtYBfpDaHEW42UUpIFRJGHQ-Hkmj3pJFMvA4PAA3kWZQuBYIXX1apy5m08ND_pk-ZRaM7un47k5RBCfheAhRcFVTECUyUF6MRRrM14Jyr-aPa4jAuCBJL4--cB85l5vdyiBkOgGLGmyKZRn5reMD8fL5ynrAv44r4puf9kzNNXqapsSc0nkjetMRV_ahLjyVMQHcPigvWLabm_A5EkU6gpMGIrvwmkdRxWwqE9RWFmqJ5azSu6xSxUewooDVov8XK_leErLC8djGZBvNZqnO4VIF6f-kRNmhfLehx6nA0hCvw_7leDg5WAWrgebPLf-s3o5lhn6q_kGUGMULaXuaqRVy-Tl74RMO3ZiGVKj9DcjANGTLl7rzhymLqFIllVWWrPR2-yIzQPLVSh1Wt_j_mYTsA1RRexYBc4LfBxwRZqzFw3_XMFmPgrvHv8S2Ne2LWTpt5ht-HjnMrOZ-GgdbtJfZi0DQ6FVeXtOBr9FI2RH6zpQmPHzUjFRD8ghpzbtFI_XSOux66l-401rKlYlYf-6caxB5icV6Sct4DJEIq8mMW5hJ7OVAsL54JSgaY3mwCWCRfk7NxDKpL734UKMU8EBUludPCFcSGnP83pPGyvWJVToXY1ozjE0Bjx5cSPaox0ErBA_WYVkZBuWY41LrY6sSclqtXHK3vsmv9Od3VF1TRf1tH4Mw5kNQCB-i9ZY6akuMspjZZVbFPJIdtXqWYrlAIfhQVHz8gp5FSqO2MLz3G3DBmByiS2cuKVynY2r1EEycaNhGVWqFugADUgK7AiB9sUnUImVcPWjxPrIwEYw1SJROPTlsj3o_kdBRhH3HXig1BZJpUhD5iKXC0ADcbXiKdtR35gXAHN4hdA9ExfDKacTUjgEG_7n02BIEEYqzafAJ2HqPXNvam14nCK8Om5e0cEgGZxGt0FnAZTiTNjMgLOBaLexhYIBjWFMQo2bmTZTNaT1yz86KbF7b_Gj8ZimNwFzG-W0lnB3PNoHuYF0XIQwrOd7JYnNIyd25JI79X8nwRrrXHqfI8pkhA9wmxu9w6GoJ4wDr72JqrnCD82J7ncalYFVLbI4VoB9nhphHY01zxwjExdoVGGw6-BbeLqHYLyCNvBax_zNWT6t6qJxMOJhZEQwJW__hwya2ofTX03yiz7gkO3Gv9lF-_q9j0TpMBWvrKcaYV1OndKgdP6lnKk305lfuytjji0fsQuRtyGg3ID0Bj-Q9ubPdJ6lHCVsM_T5fVBO1jX1q1K4VnPoRL_Q&cid=CAASJeRoZdSAcqxjTo3pqnAeWm0pzkJ11U8MSVpxOHp2L2fk3khA8P0&rfl=1%2Chttps%253A%252F%252Fwww.krem.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11782
x-xss-protection
0
server
cafe
etag
11425859616848618248
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 21:36:38 GMT
csi
csi.gstatic.com/ Frame 554E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l7zadelb&c=259132724404&slotId=129566362202&qqid=CO2SwKObkPoCFVHvhwodLqkACQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:815::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 554E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 19:32:04 GMT
x-content-type-options
nosniff
age
439536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 19:32:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 554E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 10:24:38 GMT
x-content-type-options
nosniff
age
299582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 10:24:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 554E 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CK6xEo6YfY621DdHenwSu0oJInqGhrlyh-ej-nwPAjbcBEAEgAGD96KKB8AOCARdjYS1wdWItMzY4Njk4MTQwNzgzOTY0MqABp8qQpwPIAQXgAgCoAwHIAwKqBIsCT9CJWQO_4RVd0liq9tDZZ4LrhxiaCHOFO8Le6jH-t-3kK850hvQbPgrnIVOChs7l-u1DeTNuoE_SXq7zAHu9pMBzDg3kcvFjUgTVHWldzwOhV-hckpcNtWQ0GYGuwGcFTAjkMRoGpEUAT6h5xp0jBZX4gTs_mZJffdh8zaxyapShgqWPgYXnIg1lBfv_pEBqQLWWEXXpEGF_lurxf9PfG79yJ4maPE3W-8I_mE8fNvYv4TMlKSIk--AihGEQ5-K2cnuBoSo91gHevwO8mmPyYwBoxFrBUQR4H06R4gW0fjP6mvioAgDVzJeIc-ll-fBFbI_hZlbNRxaHxJRmT7-3MpsraO7ym329ciSM4AQBgAa3zPTulrPuie0BoAYqqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ&eventType=clickstring&clientTime=1663018660154&ai=CK6xEo6YfY621DdHenwSu0oJInqGhrlyh-ej-nwPAjbcBEAEgAGD96KKB8AOCARdjYS1wdWItMzY4Njk4MTQwNzgzOTY0MqABp8qQpwPIAQXgAgCoAwHIAwKqBIsCT9CJWQO_4RVd0liq9tDZZ4LrhxiaCHOFO8Le6jH-t-3kK850hvQbPgrnIVOChs7l-u1DeTNuoE_SXq7zAHu9pMBzDg3kcvFjUgTVHWldzwOhV-hckpcNtWQ0GYGuwGcFTAjkMRoGpEUAT6h5xp0jBZX4gTs_mZJffdh8zaxyapShgqWPgYXnIg1lBfv_pEBqQLWWEXXpEGF_lurxf9PfG79yJ4maPE3W-8I_mE8fNvYv4TMlKSIk--AihGEQ5-K2cnuBoSo91gHevwO8mmPyYwBoxFrBUQR4H06R4gW0fjP6mvioAgDVzJeIc-ll-fBFbI_hZlbNRxaHxJRmT7-3MpsraO7ym329ciSM4AQBgAa3zPTulrPuie0BoAYqqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 554E 		31 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-A92FbVFgLTKQuSXkzW6jzHzrX9z1EHAQ0oFkp8-3u7SU9rtcI81WFVz1BhwLlHHNQDF5u0tQrwMQF_SAYHSxR-Ghq9zw&dbm_d=AKAmf-DckVJlpfSt4XrR3xeOCqJF2Lx-yIWBKOGRoE5IeGVUij_8Px_FZ1FNcVRcZhvBGL3nWeybf_ZdWK2V52XInZeImvFIy1ApfFl1orZtILpiMHBMok3kWyf3otvW7neLmB0uf1gpCcNZwye5ImmHtSC5uyDr8SeMtrWstV4OkzF2onjQQuShXD01bDtGD8SIQJG61hQueGXv3T34nBGyWPk68lzHaLrHtDyeafLiZoCpF_3RjsCYUUZoyyr7fLfPHDP1kEPXdI6LVRtVg2i8TqB7wkRmSIrcapIpuMzMk438Ed7WQpyRhmOnMzZ92uhdhNHld9ycqiEzZSxhRO4he2LgrkeOObr3Mo9HIgv66u6Uo5DzNPGfcZ35u7Emd0zEpLdIifXTCDpixIEK-7eXds0VeV3eGL84g4804CWaMFERK1dpRnZ1ZW8BHR5RUwC8N2q0AaefAZ5c_ZaCMH23BLAvEVPMJOSaQmEXz4LU2jnrrtGx_4xqFL7ZZmZTGSYDx-CLuNfFOSj0RBzOueqMrZBp7tahoZwD3uQyPwkJ1ObqnTBDJ33ofGPJzCjk1LuzrfWENLYHoDRD-QAsoZsquSnhBVClLiP5QgSKOSsRoc1yofUcAPMKX_QvU0GT560si3VqhnqJ2zCapP-8FpIoIan-hFQrGuhcJwN4_fTjlzOkF8_yoCgZgIeVsheOyltDTsE0xjRZCXmS3yIUwijMqWFK8cr1WWabQdU2J6umSmPZNrjSOAPZMDiEiYjAb-cmUKmsza1JCosYBvrwwCBDg_YwS9c-yAnP5DKA92YkJFIbnLt51Dcr0jj4ikPyDfDCExNzY_amKMtRvcraZFPJKuHhK2BRyW7Qtv6qjUq7_H0HZtAoyqegqrStu11WkZNXBT0KXg8z1_zZfFFTAXlPTPtcYbNsxWxOFN0Z_zX04HWxp2QKvlNEjX61MIVDO3KP-BnZklJhdbGnojhwbX3ko7LI-Uod1j5NEaLeF1q7kB4tjHX5kSQQDSmDKS1g4I9AG8wsDPHbEy-suGEROfekBYrrqDQ8zHQcYo2YtDEgl50HjWq32CDL1zCo4Zt7bxXbmWSkMJTD05hJwVg2E6M1Kr7oOhQq16JfXP1vWTWKIgG0dhnqgufmbEUgHpdYPQGAb9btB7tDev0ownqxmSJ83QIi_nZSAsIjjw-lrw3sXUMVJHKxtk-n_TTIvwZVNnTc1RUP_7tXBcx9MuTWj75QPmNSuirDzIF5AD3fmsrRCmKIAoT7D-mXP72D1Ts-UvCYy1BaXQd559jXFedilwfpq6QaRBDZ4LVXZmW2SII0RRDpnkSi-sNfguL3ydKhN6tyyz5UF2SppdKcB7xvEWh26uw_xsyhGZDdZk95jJQ-jdufL1Jux-ufWxYFzMtyUkyLADLirWMi7CK6-y5yAWl2hZOT3LaxsiXlSl3SOn_-TJJk4EpuoncugXvmsNgn1pQbUFZryjrw7gEyywgahE6lPvdBVecBQiZ7M9khzolIWe8UgvJzzx_oGHfKSDSy8OtDfojjoZbNXn3Im99zhPdkBqyry5X_3tNCvtuGVwhlY_u5VzhsrcHyolEv803npBv24uygENXo4Zvpbrvd8vcTjrmAMQh_4C5g-d4mrMRFnJiC5ydieBWybe_vqGj5jNiGck61FggQPIkgcoVGWqH4cD3B_rNZQNToxbwSL2duBJGHOlpoTTsZcfefhAWwS5MNzsPfvUfOCyZrcajzU0N1UWssEULIBeIdVX931BWQFmsdVpeuTjKDQIxLDeXApFQdsKD-BTGPXbjQrDscsh2QvcghOq2jUZUkTog6zEt94G0XhMJ39A09C-bm2JKCuhvRUDqw7WPaBlrZHdF61QV8d6QRVHmfnUUl_utA6ox2GURR-UW-1sTUbTbZcrS9eID5KANyIYTI6ITR_pB8guU-IiC1wivkP8nrSMF803m_sXX72wLDtNo9t4yO_49f5AytUpy4SNsH3Yg-8z23LiUtUqlIozTlfQkAAWgKo549KJzLDIP7ow7SL6MSRyTwOIPFRtVvOyTYOwrv3eMgc4dP2TJPy53Wj7M_GhtocDAC1GI7TPWdNqVjuleTrsq_t1ph-sk__KT5rwET5AM7ByuSNvuoKuY87ibqfuN96fpBRruCQArgZ_I41y_YrUDuWdlc8K_RAy8yCrBfnGioxwx3HPHhH0QY-O-4qnoTtfokhkuI8r7vYqDwKG5H1s5xVJ_i7-_MQ__L4FRGta8z8pkhNEOvTq3aJHzmhLT6TwOaj546OOBt89064YfxCiCYGOe0lP07sA8volROiLv3Qr-esqOdvpvOOnzj-Ue3n9NjIV9lwdVmRSiJDioW3-8PMIRSnf5xWaXqsV2QHWBMWAXfqfukG8iLpbcV3Y6-41Kw1Ddgy1Os_IE1XCVMtPMDK5fCgbQmxsKCgbSoop2W7gBjtaVfKZWgfjdi60Silpz-TXpEQc0iAJcMDkfdciFajhalkbYqkH5YA8uX06erSk3vsu9-GXHIczToh5KFzdQ_SNupK5FXEH6Q9rBVnaOuKgLvmp9a4WXI6Of2tdycAHbtd5YBcw73kPAwzQIY5-0dO3Q39Zu2wx8iKFak9Ht-jyzkx-YkiPe6Fq_KWPoOIOtJtVnBUcSiu-huCOETXdlY7EgdkRZrK-6MD98qy12QsXYk-GH4SEkeDJMHaPw-rtRg-uUZ8HFgS0HmLg3JJgSqgBl8z2O-LUEnX52tiXTbJ_xtJcU8VNBri638oDQYVxNF1R5zNotkP3BWSx7LnEA6jc3uS_uxQASaw5CBeUYsa4QMkhq-_m5oG8moDufx4OeVvo2oelJCrjewkcXEWahlpwrL1vsld8VQSMeYwMUnQx0Q8hLX6omwNunQj2NKY2s2hfJ0HZp8dA5bwouIPHY7QJl_MEtUmqE3PfhmBbJz98mvM-uCQcIym7Pgx20cePMQDHyV-9CqvU9QdP2P96DF884LollxBCktrJpDUfWrAIB64GCoQUn3QYpRMPNsUhS9D7a08Q6YxdB2SQdzySRJ9ysBhy9_DPByy-d5eB4IX711vsBiHpU87YzA4cYR_3vHnQJCr0nCgBgy116qPwq1hvW5Jnvo_ejPYlwfY_c5ZV5Jx1Rlpof-OZw5jofxW61az4bOYo2r16-_e93Bou201lgo5gkqw0s&cid=CAASEuRoU-cT-T4DTexXK2mVWTom9Q&pr=13%3AYx-mowAAAACTNRYckriQGCHaXp5PZw-6kdVvog&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
884c527996eda6970ed2b4fde3f3e96ee90090531ade7df5e37233632249b817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16612
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 554E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cw8iFo6YfY621DdHenwSu0oJInqGhrlyh-ej-nwPAjbcBEAEgAGD96KKB8AOCARdjYS1wdWItMzY4Njk4MTQwNzgzOTY0MqABp8qQpwPIAQXgAgCoAwGqBIgCT9CJWQO_4RVd0liq9tDZZ4LrhxiaCHOFO8Le6jH-t-3kK850hvQbPgrnIVOChs7l-u1DeTNuoE_SXq7zAHu9pMBzDg3kcvFjUgTVHWldzwOhV-hckpcNtWQ0GYGuwGcFTAjkMRoGpEUAT6h5xp0jBZX4gTs_mZJffdh8zaxyapShgqWPgYXnIg1lBfv_pEBqQLWWEXXpEGF_lurxf9PfG79yJ4maPE3W-8I_mE8fNvYv4TMlKSIk--AihGEQ5-K2cnuBoSo91gHevwO8mmPyYwBoxFrBUQR4H06R4gW0fjP6mrqqI5IFRQXiy3sYIBI8sUXZcVxJTjifAVucNmJ3joUHcDxeERcF4AQBgAa3zPTulrPuie0BoAYqqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzY4Njk4MTQwNzgzOTY0MhjI-ho&sigh=jLMlEmYHYLc&uach_m=[UACH]&cid=CAQSPACsnQUxRSHz1DzohZpVJKGNf_1p23MpFjDcORutlcclaq4_DP3XQSLkWk3eCyvz-LULAgf12_iNFXkYJxgB&vt=10
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame ECBB 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
13937
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 17:45:23 GMT
etag
48472445140208031
expires
Tue, 13 Sep 2022 17:45:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 554E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
616751780735d4766cb83af8bc45d5a23fa02378437a4595b6a341c6172a998e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 925B 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
276329
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Sep 2022 16:52:11 GMT
expires
Sat, 09 Sep 2023 16:52:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 102A 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
276329
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Sep 2022 16:52:11 GMT
expires
Sat, 09 Sep 2023 16:52:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 39E4 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
276329
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Sep 2022 16:52:11 GMT
expires
Sat, 09 Sep 2023 16:52:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 874E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l7zadeov&c=3315367669347&slotId=1657683834673.5&qqid=CMGOxKObkPoCFRL-hwodiLQIXA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:815::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 874E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 19:32:04 GMT
x-content-type-options
nosniff
age
439536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 19:32:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 874E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 10:24:38 GMT
x-content-type-options
nosniff
age
299582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 10:24:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 874E 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CEeiwo6YfY4GxEZL8nwSI6aLgBZ6hoa5cofno_p8DwI23ARABIABg_eiigfADggEXY2EtcHViLTM2ODY5ODE0MDc4Mzk2NDKgAafKkKcDyAEF4AIAqAMByAMCqgS1Ak_QdxkM3IY_xYND7SX8pus2BPdsZgR_g0PDT89gRGG26l-K2mHAZpG-1mb4os9GgXZL3FyCeKv9kLNxww0KFf_yvk6ctn-hL_8x3asEHFdxUav7SXULC-XwPivMiA2ehNsFsvhCj6k-hj5sssKfPznIgEQ7OijTLL--Am1gh1id7enuq5hVhcuVjfB4BvY6gd8xB2rIzJt97-Nm9YrHz3vURGLHMpyZzt-yvK3-Bijo4y_1hpsX1DU7Ikm7d6KJzQfTALux2a-EdoI2sDx7HPYVm3m4OKq0VmddwmrfKTMrjVIJ06CbaMEedpSwTwYf_kg57j_8PoFIfyRklrI7zl9jaV-npJwq3DLAG7To4FDNt-ZzfQHgV7Jq4TEN4CryDstwVAcSYYlXb3BnvtAVMRBhFmM0UOAEAYAGt8z07paz7ontAaAGKqgHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE&eventType=clickstring&clientTime=1663018660260&ai=CEeiwo6YfY4GxEZL8nwSI6aLgBZ6hoa5cofno_p8DwI23ARABIABg_eiigfADggEXY2EtcHViLTM2ODY5ODE0MDc4Mzk2NDKgAafKkKcDyAEF4AIAqAMByAMCqgS1Ak_QdxkM3IY_xYND7SX8pus2BPdsZgR_g0PDT89gRGG26l-K2mHAZpG-1mb4os9GgXZL3FyCeKv9kLNxww0KFf_yvk6ctn-hL_8x3asEHFdxUav7SXULC-XwPivMiA2ehNsFsvhCj6k-hj5sssKfPznIgEQ7OijTLL--Am1gh1id7enuq5hVhcuVjfB4BvY6gd8xB2rIzJt97-Nm9YrHz3vURGLHMpyZzt-yvK3-Bijo4y_1hpsX1DU7Ikm7d6KJzQfTALux2a-EdoI2sDx7HPYVm3m4OKq0VmddwmrfKTMrjVIJ06CbaMEedpSwTwYf_kg57j_8PoFIfyRklrI7zl9jaV-npJwq3DLAG7To4FDNt-ZzfQHgV7Jq4TEN4CryDstwVAcSYYlXb3BnvtAVMRBhFmM0UOAEAYAGt8z07paz7ontAaAGKqgHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 874E 		31 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-D1rx8yTT2i-wCbACv80VYzhhT-EpksPvzkog55tsIXuHTSpsdX0Wep39pDKuQe7bThrLGjQjA8RtiOKQK5NrSMb0yYCQ&dbm_d=AKAmf-AtzShBA-CnRdwUNT6RO1IlA0jmqLMR8OCgd767Cou_1T2bxxFMKqDuV6uAkAjVh38rJVGUc_OtsWh6CMhdUENMPrzHs7zYqmVDikuwW9pJc-C3IThgS6S3iqbfRI4vfClFfa-6h9ggPwnLSSHmvdKGu6wa9mJHppSkaXoyIpOQMo6RlhJVHplI1SRlQD6xpDGlNOrjkc7zgyQbCDAoTTYGuIhwApYqmr8Okuz5L3uMUZiJg-Ai393xSzcOnh5vtJd1EhW1LIDHTMf5Zc6h2QnV5spUsa-w5ljTeDJwKB5TPx6ZVkxbytpqrXV0wczNZSx_TAGLeICkJuOY3WHnzRjKA5QqeDFd5gvLWe1CP3YXVPjnrD2AI3HMMnDHGR9lRC7WfBcwRUWJ70m3fVxQWp7mECeKIIrc1JGCPaXgqThNMxKwB1CU1VGKDsJv834MbOq73ONCJaGaUMtpvDNnl_ET6mYz_hzcek40XKCkJINEYWSjVjTRT-rQ9UbWDkM0qvzDD6OEeidPrXcYh4e8-Md5xUMybFBhQq_NlgYtfLYtuUnTGaIoTt5GFmBNZKBHQ2jMNomP5XcjVtLThka4vbl4hyJM479n2tpt_o4dJuq2a9dAFZMxerqSksM0DhldWYoGzQple1_DtR3Jn6JM7LgjvYH-1TJxLm-HgbCZABIfo1YGW8k2mgfSfYy9LPkg13k_E_Rvt2yBO0OUeKRhW3dctiMPqrHAyGhX9Ek4tGiH-46HkoIQkTre_UtrIo_q3mLcuQCaQVMtymYzWLJIt21nu3k407pDHdinebCNevkCnIR46V79PpEdOr8VgNSw260HPQiN-u20t6DAOsqX8IF27JLqM-aOZ58uQnCgTGA5bHRMYAGwJPM1MFlXN1vBceJsR_AfF3BO555Bw-EdyBzEgjC_zoSvScvKwe0whCwkOiVxQVFGN1nhq3owai1VdaGao6YC-OlwUrIq8U94HeF6GIO5-zKo4m8sZmKAOOte24fa2AwCDbPEY9DTir56lWPh5wXAx17a0ftfz0JGRwQFVfgQE67IYRZpKccHwcaayWq4oXkqZUXn_6AKjaZdHk8prsAu0zFHEAh784Mb9CDcdb4icp7fv1iMx85EvFTOB9wSh43cQ3oT45IDvwQsPZlwXuxXz924ZqrD0lp_KfVq9vENlx1AAfHAfAgVdbbOjEVodnTsHn4rJlcg_XgOtN45jtTqaN_XbHknH1pnQBAXwXLmIwB-sZTZGbeDaNpha38-OuDc0g1lz5DUYHmCxkAylVp4tgEPecrtIVwN-ON_D1vE2QpnEW2dI6FTr4hwYt3BTyh8OQ85tUSrWeVAiUT1EvSJV5kQZpBhK5C50hhu97gT0L2AhFZ00jmbVLANUDbBZZiUw5QX7GFpmFSV3VaDybsUzQTdI1cQTqr5bPwv1hgywE0DHAWrDZ9ttfKCIyA5FCzY7pqcvdKjLpoipf04LaguD0fZlCkTXnRQY-yl5WZDPz8uCqlKn7wySeQeSoZRRTi6y83BJjFKING6Iqy-3zQuCiBy_Yr1Rm9WDALA493c1_LyJdiFpCjiIKoc8JDcXEWBm7Olw_EwFukMJKqbfp28Ko8PTE6h9RodyS5Z94JymDPWbHd1qYu6aPdeEpCp_yNgxE-oIkxr574bRPWCoTRM268LLhscw4ZqPYKqcar2JllhaWYKDfbEltt9N3GaRWFT36tJYarOP0cMfw4UPmaLKDWcrcRBtuo9qyLgp2GL8bPRQ5vBrqsCcYJ1mwCXrzbnJKz8kxiw0YYp23An62E7W4U9AKJgBlSNytgZoHccPap6rTolCTYBNyHLt44OMd4cQ7xYLgJMsYDDk-w8WxiDMFZ5Dh4HbiwIT4vL-cqZtb6kXQsHufqzY_Z04TbqeUV8RzGhW2p_tlHc6i8axJFnRmMoS9cnZjKTLQKboOzTkXdBqhSBBrwX_BIE9Ht3rwWvT8t3sKYhnDA68kqhGVZLso9BBKZcKSJbf6EXMX6nU5IK1DgUIx1h0DYSp4m1I-OE5BBqSedq7D-08ltN7KsPJFxQjsU3xZP9DfVKbyy0d0CfhBHuXK1wBDYprZ3FPlBKwOPsfYt5RbjU7buqDJLNQfrAa5Kyddne8LNVsJ4_DX9S3sOTmYDecrNnHAlMq4BNdeVBs22z2CNVrh7RcvRv2M9MTzelmhCRkiJjw7nkpbhQUWZ6AegbZJrVt6xnPh28fdj-dGGJgvllBgRy0xJ6fNjhHcw5WiIxYlv0dsbKdeCxIj8DfMLgr8fegwfAjNcXZU1ba1AXhZsBIDUvlFcWW9uF4ezRCbQ0jut41hqR16fCkTHRHuqRB4VV3btcD7TmU_y_vRdx4ltylHs4mZ4lZJVP7mkiRdXWfWDqCVDcuQBIep09ajYlRAgPXhZaLaxZ2I_e2Og_eL9HKrW_V2uCi_GVlRwjCVrWR5ceAKhVp5LHGA1IjEydfMUb7jjR8VhmIAmlSLzuxn9L3dHwZHzR_9ZAK_xH46l2jv5DrA8mnJuV5a2bFc--3DrGq9KVnS52l-OWurew4Smnfz42HCB8c6r7QKoDDwdc8K341otu0Cm7lzOnUoPcav8tBYYmrCfssqY1Z1Y5lLOCC4rp3kpMOde9Xk6RcmvKLuWmVOuijumdg3Nox9LADPY8PC-wGPQGidl10DkWyUpY1JXSBsO6HcWyiTIWgxgpIftSqYEA3za-8hknaR9GjXo6EkSbAgcdsDyLwdAEm-D_Fg6bOm0ZoafovkYg5W0toeqHdvCGNEg34ZyL4J8LSXEgiIa-9EPf_a2qnnl5aA99Exb703RlM9wnI9cBzazJXC3dSIXtzmDynlgjPPGInRRkzL1ExC1rlVGoWXXxyed_PygCvPN-XuWHskoo9LXIlAsAAdBJWRptY8g5xqydZqa4WG5dGNBD_gGVmQeWWCZmFU1dUA7KJPoKsrz0d6a0UTxW3QGLlrIyj9OOcQkIjtVHaGm4i5vYY2L3RAjql_JZZLmYZ8rxSJQqvPBJtpn03GgdrU89a5Ddx8opLLtMpdNCz4tEzN-9n1B8jrHOYeYrjv3qe9dmCkNAtjU8eY7Gs1vyNMH4RG40l1fKFdiwvoTIOt6rlJT3MdTa5kjvIzkI9VTTfSzil16mUEgFDyN9iMZyM6-Poc2ILZyqkyfn_ZqWHDw-57SFPPdCRgGyBfwHPPsvboJwaK7HU1YzyVrWmLuHRuNla-OFaYxMgm6C_iABC7Wmevc&cid=CAASEuRoGKRHURNf3U6e0P_ikYjaJw&pr=13%3AYx-mowAAAACuFADq_3QjWWBanMjHySJMBgavKQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
c372dc88a373bcf1f00dedc239696c270978dedc74adcb49bc659a233070f6eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16492
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 874E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqSFOo6YfY4GxEZL8nwSI6aLgBZ6hoa5cofno_p8DwI23ARABIABg_eiigfADggEXY2EtcHViLTM2ODY5ODE0MDc4Mzk2NDKgAafKkKcDyAEF4AIAqAMBqgSyAk_QdxkM3IY_xYND7SX8pus2BPdsZgR_g0PDT89gRGG26l-K2mHAZpG-1mb4os9GgXZL3FyCeKv9kLNxww0KFf_yvk6ctn-hL_8x3asEHFdxUav7SXULC-XwPivMiA2ehNsFsvhCj6k-hj5sssKfPznIgEQ7OijTLL--Am1gh1id7enuq5hVhcuVjfB4BvY6gd8xB2rIzJt97-Nm9YrHz3vURGLHMpyZzt-yvK3-Bijo4y_1hpsX1DU7Ikm7d6KJzQfTALux2a-EdoI2sDx7HPYVm3m4OKq0VmddwmrfKTMrjVIJ06CbaMEedpSwTwYf_kg57j_8PoFIfyRklrI7zl9jaV-npJwq3DLAG7Sq4nFfZ2_hF7lyKmuImOzH2D34isJeTMLdm_CKr8x5ksjHnZoLruAEAYAGt8z07paz7ontAaAGKqgHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM2ODY5ODE0MDc4Mzk2NDIYyPoa&sigh=BRZ5stK7zEI&uach_m=[UACH]&cid=CAQSPACsnQUxWjuNOOc5MdQ294gZYR8lqK20iG64rtVmtcUwEWwV3YEAqWuzR3FvgoLCog4RdgKTNFj1O-w0-hgB&vt=10
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4BBE 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
13937
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 17:45:23 GMT
etag
48472445140208031
expires
Tue, 13 Sep 2022 17:45:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 874E 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3062d58a1af9262d5640b9c41f166986f546d50e0e47e66a4c23819c712b422

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 2C23 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 16:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
276330
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 16:52:10 GMT
file.mp4
r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 2C23
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/398E424304BEC627AA74A090A5DE9AA3489EAEC7.3B9C68996A10875090651A936BF0203C27884AB2/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2607:f8b0:4020:1::8 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2128698
client-protocol
quic
last-modified
Mon, 06 Jun 2022 22:29:19 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
null
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
null
expires
Mon, 12 Sep 2022 21:37:40 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
651
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/398E424304BEC627AA74A090A5DE9AA3489EAEC7.3B9C68996A10875090651A936BF0203C27884AB2/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 302E 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/06602F2DFCF399436B270A36D6CDB0E006D15259.4C5EABF691B51A3D181DE4607DB96DEB8FF6B235/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:1::8 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
ab4ce99d1089f759727fcc73482863736eca397c3236b905fe14cf394faa548c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2128697/2128698
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2128698
expires
Mon, 12 Sep 2022 21:37:40 GMT
last-modified
Mon, 06 Jun 2022 22:29:19 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
client-protocol
quic
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 554E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 16:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
276330
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 16:52:10 GMT
file.mp4
r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 554E
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2EB13BEC52EDDA67CE11FDEC771BA4F6E81099FC.590F643730EC2A8029876F13CA21F8CE25C9D8EE/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2607:f8b0:4020:1::8 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2128698
client-protocol
quic
last-modified
Mon, 06 Jun 2022 22:29:19 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
null
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
null
expires
Mon, 12 Sep 2022 21:37:40 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
651
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2EB13BEC52EDDA67CE11FDEC771BA4F6E81099FC.590F643730EC2A8029876F13CA21F8CE25C9D8EE/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame AA86 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2BBF78F5D7266041D7575C84E977110E50674CA8.6A2842D9BEFD6A42C3E284E82A62E8487FD430E4/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:1::8 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
ab4ce99d1089f759727fcc73482863736eca397c3236b905fe14cf394faa548c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2128697/2128698
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2128698
expires
Mon, 12 Sep 2022 21:37:40 GMT
last-modified
Mon, 06 Jun 2022 22:29:19 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
client-protocol
quic
pixel
cm.g.doubleclick.net/ Frame 88A7
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMWoS1DT6QcYlXOUx_4KM8o&google_cver=1&google_push=AehlK4BtOqMYwUkA-ozC5geqbnkin9UVbAHLUGWKwLIemg3olE8R_i8hnPpr_WVRVwPzWNKFB3XhST2KcUxB0ullwuY-2Wry_gvO
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4BtOqMYwUkA-ozC5geqbnkin9UVbAHLUGWKwLIemg3olE8R_i8hnPpr_WVRVwPzWNKFB3XhST2KcUxB0ul...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4BtOqMYwUkA-ozC5geqbnkin9UVbAHLUGWKwLIemg3olE8R_i8hnPpr_WVRVwPzWNKFB3XhST2KcUxB0ullwuY-2Wry_gvO
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4BtOqMYwUkA-ozC5geqbnkin9UVbAHLUGWKwLIemg3olE8R_i8hnPpr_WVRVwPzWNKFB3XhST2KcUxB0ullwuY-2Wry_gvO
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 11 Sep 2022 21:37:40 GMT
pixel
cm.g.doubleclick.net/ Frame 88A7
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4ChCj6cFfC9Z2GmNkAlWFQQboxZe06TzumSrlfp5SnEpKqrW611-grkBqr6R_vOXiIJXAQvo1mj3w...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4ChCj6cFfC9Z2GmNkAlWFQQboxZe06TzumSrlfp5SnEpKqrW611-grkBqr6R_vOXiIJXAQvo1mj3w...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4ChCj6cFfC9Z2GmNkAlWFQQboxZe06TzumSrlfp5SnEpKqrW611-grkBqr6R_vOXiIJXAQvo1mj3wohnmRC10g0NEfC1wg&google_hm=MDYwMzAwMDJfNjMxZmE2...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4ChCj6cFfC9Z2GmNkAlWFQQboxZe06TzumSrlfp5SnEpKqrW611-grkBqr6R_vOXiIJXAQvo1mj3wohnmRC10g0NEfC1wg&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4ChCj6cFfC9Z2GmNkAlWFQQboxZe06TzumSrlfp5SnEpKqrW611-grkBqr6R_vOXiIJXAQvo1mj3wohnmRC10g0NEfC1wg&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame 88A7
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4Cbh3p1_cEEmsDaYHRCeEheGEpdIDnys9r_t16s1_hzscxq0JPTY_sBuavs1GzCfJnityfMAAs1e7Kth0zr-o0f3nBJDd30
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4Cbh3p1_cEEmsDaYHRCeEheGEpdIDnys9r_t16s1_hzscxq0JPTY_sBuavs1GzCfJnityfMAAs1e7Kth0zr-o0f3nBJDd30
date
Mon, 12 Sep 2022 21:37:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 88A7
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAehlK4BD9HrpvEOTzEV7Y2GR1jWQs-BEIlHW_kQqnd_xzR4PmFa1OcxrdaC5IlwC9bxlpsfmg7sJYwuRb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4BD9HrpvEOTzEV7Y2GR1jWQs-BEIlHW_kQqnd_xzR4PmFa1OcxrdaC5IlwC9bxlpsfmg7sJYwuRb4lnEiuWjn61fjFNFR-1&google_hm=5c63b8fc-35f1-4969-a1...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4BD9HrpvEOTzEV7Y2GR1jWQs-BEIlHW_kQqnd_xzR4PmFa1OcxrdaC5IlwC9bxlpsfmg7sJYwuRb4lnEiuWjn61fjFNFR-1&google_hm=5c63b8fc-35f1-4969-a16b-e4efe07de565
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:40 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-12
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4BD9HrpvEOTzEV7Y2GR1jWQs-BEIlHW_kQqnd_xzR4PmFa1OcxrdaC5IlwC9bxlpsfmg7sJYwuRb4lnEiuWjn61fjFNFR-1&google_hm=5c63b8fc-35f1-4969-a16b-e4efe07de565
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 88A7
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEARf4h8jkzLbHxfH613lq6k&google_cver=1&google_push=AehlK4Bg8lB8_AdmJTfXyPENOS4pMhhZIBp68mBCeVbnWPRU_dm7VOqen30MGXCZgP_A0LYt8EP7Oz7P1hpKAdtRN...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4Bg8lB8_AdmJTfXyPENOS4pMhhZIBp68mBCeVbnWPRU_dm7VOqen30MGXCZgP_A0LYt8EP7Oz7P1hpKAdtRNkB2dSbV9HYW&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4Bg8lB8_AdmJTfXyPENOS4pMhhZIBp68mBCeVbnWPRU_dm7VOqen30MGXCZgP_A0LYt8EP7Oz7P1hpKAdtRNkB2dSbV9HYW&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Sep 2022 21:37:40 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4Bg8lB8_AdmJTfXyPENOS4pMhhZIBp68mBCeVbnWPRU_dm7VOqen30MGXCZgP_A0LYt8EP7Oz7P1hpKAdtRNkB2dSbV9HYW&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 88A7
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPfjGebC06lV1eEY1djKin0&google_cver=1&google_push=AehlK4DH2FTJAz3uJJG7qHuB4No2woTOBd8iQrxeaDVTcCcH5BaWdoOClflMy4ddtZcAhaw_OMSFZ8rzMi89kSrJ16hMSdoOLF42
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4DH2FTJAz3uJJG7qHuB4No2woTOBd8iQrxeaDVTcCcH5BaWdoOClflMy4ddtZcAhaw_OMSFZ8rzMi89kSrJ16hMSdoOLF42&google_hm=ZzVjNDdlNDgyMjIwZjRi...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4DH2FTJAz3uJJG7qHuB4No2woTOBd8iQrxeaDVTcCcH5BaWdoOClflMy4ddtZcAhaw_OMSFZ8rzMi89kSrJ16hMSdoOLF42&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4DH2FTJAz3uJJG7qHuB4No2woTOBd8iQrxeaDVTcCcH5BaWdoOClflMy4ddtZcAhaw_OMSFZ8rzMi89kSrJ16hMSdoOLF42&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 88A7
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEAnbfEsDGdWeytNQhxu7NP8&google_cver=1&google_push=AehlK4BBcys5WlTSLKKp-tHa8eUYgkB2knoS33R23UB4yFgaGl1JNr2I4rAi2lpvTtwQHMM_CJaTn8YfDDexZOP...
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4BBcys5WlTSLKKp-tHa8eUYgkB2knoS33R23UB4yFgaGl1JNr2I4rAi2lpvTtwQHMM_CJaTn8YfDDexZOPxAN-dUdV0h...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4BBcys5WlTSLKKp-tHa8eUYgkB2knoS33R23UB4yFgaGl1JNr2I4rAi2lpvTtwQHMM_CJaTn8YfDDexZOPxAN-dUdV0hS_ZKw
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4BBcys5WlTSLKKp-tHa8eUYgkB2knoS33R23UB4yFgaGl1JNr2I4rAi2lpvTtwQHMM_CJaTn8YfDDexZOPxAN-dUdV0hS_ZKw
Date
Mon, 12 Sep 2022 21:37:40 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 88A7 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LkhWmlOw8m9pGiQS-8KTen0C0HClnpYflULFNBtcRICm1iKPvsmF5DZ4p1SxIy8pZW3J2Hpg
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
file.mp4
r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 6555 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/51539FA3EE14AC31E742E1D5083A91C464C78278.25EA88271658D261AFBCD79D9E6A94EABA8444ED/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:1::8 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
ab4ce99d1089f759727fcc73482863736eca397c3236b905fe14cf394faa548c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2128697/2128698
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2128698
expires
Mon, 12 Sep 2022 21:37:40 GMT
last-modified
Mon, 06 Jun 2022 22:29:19 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
client-protocol
quic
event
scotiabank.demdex.net/ Frame 9121 		42 B
956 B 		Script
General
Check archive.org
Download Go to
Full URL
https://scotiabank.demdex.net/event?d_event=imp&d_src=203093&d_creative=176723443&d_campaign=27093947&d_placement=327003514&d_site=3375178&d_aid=6105106&d_bust=1960405216
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v036-031aebc61.edge-usw2.demdex.com 9 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
186ZeYO+TpU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
index.html
s0.2mdn.net/sadbundle/6737885940087259136/ Frame 745B 		85 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da0808618d655d2511fe6e643000875e3e97983b03d15b7d4117110438a1f152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
408836
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
10552
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 04:03:44 GMT
expires
Fri, 08 Sep 2023 04:03:44 GMT
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9121 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZmwdOgpOqjJFDnoPxRLTRj2Z_kMBRxoRPaL7Y_QS5YThiSkNvAzifGgFOwnlklYfIZ7GDvgFMWmgxBaTr0WJomBC6xuOWV29OCCMCSuMU2ZimLN0tkwAjVQhuEz_7yGqkgvM2ZiLWfrx0Q3Rc81KGhxDBOt1f1lx7ZY1ylpN1C11BEBDxYQGT5gGBdhEWO4cFfRnmJcI-RC0y2WMG61ZQtb_JtlQxOYQtSRuS9reZANsyzVujGOcaGYrNevVkEw0tzd1pHgU2uy5h7Mp68Z2WC9pnXxOp3MWJuJINHGnzDlTrc-1DvpKRQTaQPotQUyKHrl8Cm6oUuD4_Zkifoji1bU1y3Fvd4TFb9yDF9pJEAjK9lG989s-QhjCskXtmLQipyRYno-2ImfcACUIqNJNGKWGxxqxgyUnrIW0VAgMnBxbwbpUbSuh7BJW-bLoTx0tHC4uZ8bkAe0KvCH3aZzutnnwaJC6iezzdGVjhfku55IhOuqYn5DVt8va2Cga_qZkFCvNS4zL20H-BEZD6ZPD3by6Uq9HspbDBrYtRtK3mW7EJkg0oBHVZi7sGgkkxpOgyfqe3ndomcHZZ1dyVshcV3LY-zLCSumLsikY2V-wc8KLcb2N5ngAXFpFPbevnzNXkpbCIsU76qqY5ler7qEIlBSA2tNX_nnI3aCL5FRqDCBvrmxpwFK_pDCkD_YAmh4vXubqSK9X7x4ZWj2kyUVq89fNtDhCAcvNttQFiINtv1Hv0yNfx7ZpKTkIysxeSaiEvaGBMdGGnyRIaftP4hj6jyLG0Ww2nhjMixubngGu_wyBvqX3PQnlPwOAuq625UTrjYvdJUlDiZgHB9vKK47C9tqpLD6JJeUu5hxkIU-c5gRANAbB5Cn7laLpygDBy4RgIDP-h0917Q-pas6Ncd_574uYDq3RSSexY1EOoDAPQigAtEUjjAB82nPSHVRjwteXUxmFzwNenr2tHSSIFY9o6OQ9be3pX4-Dqwz6li_0l8Bu-HFs4D_V5GDoE4Y_n2q6Ipht9elUxJlYAkcblsZ8uaoIug1Tp0ysf9qBOClpVvr10XZ25FieM_1VUooev58WJwY0XZJukyDZlrC5THESMyfEoVgs9GWTMiZPFWnLDhftHFns8qJWrcJ9aRlbNbYoKxi1tHng1zckQMFobWCXmVGbZ_q1e_Za_U2H0Cu_9LrsvFZH7yX0duBKIbYgQ_SCcnIbnxx9BVKriJZ2VHQAkEgKWH3ellkKCED70UZqONpM6dNkeFWGim92n2g&sai=AMfl-YSY-7a2rqngsPVG3lWhB13Xm9iyMwWZ4BappiLsbOnTz0oi0Gxc3p-18BisbhM4VxSJ1_4y5NLT8t6KXDceHsT_VseZ6TGleiibXZuRXzWGNJi6mt7bldWKJF8uxclSpGwZ6N-ff8I9Krc-Dy86yUFggJIMENDV39ptyq1CEZuykggC2VsVulQWMZRquzzMzsS-58Z6Hey8uV9pKAj0b9kDuC7fvwTiBhh-SWdIDcKlqY8&sig=Cg0ArKJSzIVI5fiKjxx3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=195&cbvp=1&cstd=192&cisv=r20220907.14404&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 12 Sep 2022 21:37:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
cm.g.doubleclick.net/ Frame ECBB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEINQxf5LYN0nS5RUU7NlIoA&google_cver=1&google_push=AehlK4DBbbz8_assgs6QxeunFVVLm8atcyzXv8YHrqqbHeigbCjRTNhD1Gl0Byf2aL0e1uXhE2HZCw7OLuohUnuD...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4DBbbz8_assgs6QxeunFVVLm8atcyzXv8YHrqqbHeigbCjRTNhD1Gl0Byf2aL0e1uXhE2HZCw7OLuohUnuD2BsSYDph...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4DBbbz8_assgs6QxeunFVVLm8atcyzXv8YHrqqbHeigbCjRTNhD1Gl0Byf2aL0e1uXhE2HZCw7OLuohUnuD2BsSYDph4ncR
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Sep 2022 21:37:40 GMT
Server
MT3 4505 5b23575 master iad-pixel-x21 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4DBbbz8_assgs6QxeunFVVLm8atcyzXv8YHrqqbHeigbCjRTNhD1Gl0Byf2aL0e1uXhE2HZCw7OLuohUnuD2BsSYDph4ncR
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Sep 2022 21:37:39 GMT
pixel
cm.g.doubleclick.net/ Frame ECBB
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4CK0Xq3tQC-akf3gXfi9CgmV4yrA49HwOsDbzOQh01kimt1pb1Gw94EnZP14GCPIxSLdXdFq1lPes...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4CK0Xq3tQC-akf3gXfi9CgmV4yrA49HwOsDbzOQh01kimt1pb1Gw94EnZP14GCPIxSLdXdFq1lPes...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4CK0Xq3tQC-akf3gXfi9CgmV4yrA49HwOsDbzOQh01kimt1pb1Gw94EnZP14GCPIxSLdXdFq1lPestcAKQHLdzzs5SYeoM&google_hm=MDYwMzAwMDJfNjMxZmE2...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4CK0Xq3tQC-akf3gXfi9CgmV4yrA49HwOsDbzOQh01kimt1pb1Gw94EnZP14GCPIxSLdXdFq1lPestcAKQHLdzzs5SYeoM&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4CK0Xq3tQC-akf3gXfi9CgmV4yrA49HwOsDbzOQh01kimt1pb1Gw94EnZP14GCPIxSLdXdFq1lPestcAKQHLdzzs5SYeoM&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame ECBB
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4B3PyKyatW9evVBmhtksbPZCNrP3CvwauwV71wAmwBAvkrjRl3QK2BRR0Egcd8-jcfTQ4_Z_iVW1QIeNPwkjmoZ1kOEbGU-
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4B3PyKyatW9evVBmhtksbPZCNrP3CvwauwV71wAmwBAvkrjRl3QK2BRR0Egcd8-jcfTQ4_Z_iVW1QIeNPwkjmoZ1kOEbGU-
date
Mon, 12 Sep 2022 21:37:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame ECBB
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAehlK4CaV0-SaoyS34kiC0iJ3wLWVXrIZFNL0OGPpgYRbaSI-qc6KJzqzj8AYI1WkJkJA8SZbcBKBpACul...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4CaV0-SaoyS34kiC0iJ3wLWVXrIZFNL0OGPpgYRbaSI-qc6KJzqzj8AYI1WkJkJA8SZbcBKBpACulN_-AP7BPoeQ_NdHQml&google_hm=5c63b8fc-35f1-4969-a1...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4CaV0-SaoyS34kiC0iJ3wLWVXrIZFNL0OGPpgYRbaSI-qc6KJzqzj8AYI1WkJkJA8SZbcBKBpACulN_-AP7BPoeQ_NdHQml&google_hm=5c63b8fc-35f1-4969-a16b-e4efe07de565
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:40 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-12
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4CaV0-SaoyS34kiC0iJ3wLWVXrIZFNL0OGPpgYRbaSI-qc6KJzqzj8AYI1WkJkJA8SZbcBKBpACulN_-AP7BPoeQ_NdHQml&google_hm=5c63b8fc-35f1-4969-a16b-e4efe07de565
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ECBB
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEARf4h8jkzLbHxfH613lq6k&google_cver=1&google_push=AehlK4B-KTYX_TYAUoL0gs70xeewyNeMsqSDvlKZsGp2tjRfNS1Jad3MQRzvVGIH6PE6ZRssBolp9fa81UxQKj8qp...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4B-KTYX_TYAUoL0gs70xeewyNeMsqSDvlKZsGp2tjRfNS1Jad3MQRzvVGIH6PE6ZRssBolp9fa81UxQKj8qp6vnriGNerMw&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4B-KTYX_TYAUoL0gs70xeewyNeMsqSDvlKZsGp2tjRfNS1Jad3MQRzvVGIH6PE6ZRssBolp9fa81UxQKj8qp6vnriGNerMw&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Sep 2022 21:37:40 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4B-KTYX_TYAUoL0gs70xeewyNeMsqSDvlKZsGp2tjRfNS1Jad3MQRzvVGIH6PE6ZRssBolp9fa81UxQKj8qp6vnriGNerMw&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame ECBB
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPfjGebC06lV1eEY1djKin0&google_cver=1&google_push=AehlK4C28_YE5AJiCDzvEV_mowO-wmeGDP_yALh3vdgK0EdBtlCfjx6hyULaohyxRMUxnCD75zERJ0chbYdVF20i85jfLZpMMKNI
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4C28_YE5AJiCDzvEV_mowO-wmeGDP_yALh3vdgK0EdBtlCfjx6hyULaohyxRMUxnCD75zERJ0chbYdVF20i85jfLZpMMKNI&google_hm=ZzVjNDdlNDgyMjIwZjRi...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4C28_YE5AJiCDzvEV_mowO-wmeGDP_yALh3vdgK0EdBtlCfjx6hyULaohyxRMUxnCD75zERJ0chbYdVF20i85jfLZpMMKNI&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4C28_YE5AJiCDzvEV_mowO-wmeGDP_yALh3vdgK0EdBtlCfjx6hyULaohyxRMUxnCD75zERJ0chbYdVF20i85jfLZpMMKNI&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame ECBB
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEAnbfEsDGdWeytNQhxu7NP8&google_cver=1&google_push=AehlK4AKxS7k-0An0zT-Nx8wcUEdn4V-cVTO9U-1GvdM9Z0bSkIkTmpERgi6HQu1c8Xe57CZS3ZxiR7WxXGT9of...
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4AKxS7k-0An0zT-Nx8wcUEdn4V-cVTO9U-1GvdM9Z0bSkIkTmpERgi6HQu1c8Xe57CZS3ZxiR7WxXGT9offYsP0dwFP9...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4AKxS7k-0An0zT-Nx8wcUEdn4V-cVTO9U-1GvdM9Z0bSkIkTmpERgi6HQu1c8Xe57CZS3ZxiR7WxXGT9offYsP0dwFP9fZfJg
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4AKxS7k-0An0zT-Nx8wcUEdn4V-cVTO9U-1GvdM9Z0bSkIkTmpERgi6HQu1c8Xe57CZS3ZxiR7WxXGT9offYsP0dwFP9fZfJg
Date
Mon, 12 Sep 2022 21:37:40 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame ECBB 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JSJF1A0-sbYTlsS7hy0HyFlSFSc3nWl3ow7zhS3vlE6bvfGnoWGBJqYzmCszs4PPSbvWvWRw
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9121 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 16:41:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 16:41:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B0B7 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
13937
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 17:45:23 GMT
etag
48472445140208031
expires
Tue, 13 Sep 2022 17:45:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 874E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 16:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
276330
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 16:52:10 GMT
file.mp4
r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 874E
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/69761A3DA7135ED46F4AD1B60D2F28ECE748816C.35F918E7116526665AEF1A4F4E398097677CDF93/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2607:f8b0:4020:1::8 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2128698
client-protocol
quic
last-modified
Mon, 06 Jun 2022 22:29:19 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
null
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
null
expires
Mon, 12 Sep 2022 21:37:40 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
651
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/69761A3DA7135ED46F4AD1B60D2F28ECE748816C.35F918E7116526665AEF1A4F4E398097677CDF93/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 9121 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1960dfa70c257a068b526c07ffcbc502e0464e5567e2d0720db48e3ba86f4a39

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 925B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 14:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Sep 2023 14:40:19 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 50A6 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
276329
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Sep 2022 16:52:11 GMT
expires
Sat, 09 Sep 2023 16:52:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 102A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 14:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Sep 2023 14:40:19 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 0980 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
276329
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Sep 2022 16:52:11 GMT
expires
Sat, 09 Sep 2023 16:52:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 4BBE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEINQxf5LYN0nS5RUU7NlIoA&google_cver=1&google_push=AehlK4B6o-ob-YHk6uLb-SLFNxp_YU1vwq2-os6LoCJmVQ-KzH3Q-JujalmA-1_6oaSV7h1shLC9kH3h-jVY7Rom...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4B6o-ob-YHk6uLb-SLFNxp_YU1vwq2-os6LoCJmVQ-KzH3Q-JujalmA-1_6oaSV7h1shLC9kH3h-jVY7RomPrCRT980...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4B6o-ob-YHk6uLb-SLFNxp_YU1vwq2-os6LoCJmVQ-KzH3Q-JujalmA-1_6oaSV7h1shLC9kH3h-jVY7RomPrCRT980Nd0OFQ
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Sep 2022 21:37:40 GMT
Server
MT3 4505 5b23575 master iad-pixel-x32 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4B6o-ob-YHk6uLb-SLFNxp_YU1vwq2-os6LoCJmVQ-KzH3Q-JujalmA-1_6oaSV7h1shLC9kH3h-jVY7RomPrCRT980Nd0OFQ
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Sep 2022 21:37:39 GMT
pixel
cm.g.doubleclick.net/ Frame 4BBE
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMWoS1DT6QcYlXOUx_4KM8o&google_cver=1&google_push=AehlK4AUDvWP1Vm2E-kQEC88Iw-T5Y5IeHpXPHisTJYVIw3TRtpWqhxQ1fKsZfSZG9yjGMct97zY16gyiJ-tx4fSz1jZryg60pa9QA
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4AUDvWP1Vm2E-kQEC88Iw-T5Y5IeHpXPHisTJYVIw3TRtpWqhxQ1fKsZfSZG9yjGMct97zY16gyiJ-tx4f...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4AUDvWP1Vm2E-kQEC88Iw-T5Y5IeHpXPHisTJYVIw3TRtpWqhxQ1fKsZfSZG9yjGMct97zY16gyiJ-tx4fSz1jZryg60pa9QA
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4AUDvWP1Vm2E-kQEC88Iw-T5Y5IeHpXPHisTJYVIw3TRtpWqhxQ1fKsZfSZG9yjGMct97zY16gyiJ-tx4fSz1jZryg60pa9QA
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 11 Sep 2022 21:37:40 GMT
pixel
cm.g.doubleclick.net/ Frame 4BBE
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4CdV34nAXD_jL2Kjm9B6pBGB6PvNIu248rAn0I4YanX18pLbCZIr3zbGfUcYapD57MYjiNYPOZocK...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4CdV34nAXD_jL2Kjm9B6pBGB6PvNIu248rAn0I4YanX18pLbCZIr3zbGfUcYapD57MYjiNYPOZocK...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4CdV34nAXD_jL2Kjm9B6pBGB6PvNIu248rAn0I4YanX18pLbCZIr3zbGfUcYapD57MYjiNYPOZocKEM90X6oxuzmOmWuvky8g&google_hm=MDYwMzAwMDJfNjMxZ...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4CdV34nAXD_jL2Kjm9B6pBGB6PvNIu248rAn0I4YanX18pLbCZIr3zbGfUcYapD57MYjiNYPOZocKEM90X6oxuzmOmWuvky8g&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4CdV34nAXD_jL2Kjm9B6pBGB6PvNIu248rAn0I4YanX18pLbCZIr3zbGfUcYapD57MYjiNYPOZocKEM90X6oxuzmOmWuvky8g&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame 4BBE
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEARf4h8jkzLbHxfH613lq6k&google_cver=1&google_push=AehlK4D6cqldnwM2UXdKT-aWmPre20c2fmgaAaFkSKeMC5C0RsIsN9_AjoZi14uqpqBY2JUWqMy8Fbvxb4oaiKCR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4D6cqldnwM2UXdKT-aWmPre20c2fmgaAaFkSKeMC5C0RsIsN9_AjoZi14uqpqBY2JUWqMy8Fbvxb4oaiKCR5yWNjN0ymNdE5w&google_hm=FTkxeLZHR3PtEe5nScqb...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4D6cqldnwM2UXdKT-aWmPre20c2fmgaAaFkSKeMC5C0RsIsN9_AjoZi14uqpqBY2JUWqMy8Fbvxb4oaiKCR5yWNjN0ymNdE5w&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Sep 2022 21:37:40 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4D6cqldnwM2UXdKT-aWmPre20c2fmgaAaFkSKeMC5C0RsIsN9_AjoZi14uqpqBY2JUWqMy8Fbvxb4oaiKCR5yWNjN0ymNdE5w&google_hm=FTkxeLZHR3PtEe5nScqbdRwo
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 4BBE
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPfjGebC06lV1eEY1djKin0&google_cver=1&google_push=AehlK4ADtvVjn8AozKfXeFtsm_BoJVO-OyL9-1tp1YJXbE1YgMUXzO3QqI_v96y4a4BVN6LOnFuqNmbpQPuV1yvVP92HjkVAqzjkNw
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4ADtvVjn8AozKfXeFtsm_BoJVO-OyL9-1tp1YJXbE1YgMUXzO3QqI_v96y4a4BVN6LOnFuqNmbpQPuV1yvVP92HjkVAqzjkNw&google_hm=ZzVjNDdlNDgyMjIwZj...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4ADtvVjn8AozKfXeFtsm_BoJVO-OyL9-1tp1YJXbE1YgMUXzO3QqI_v96y4a4BVN6LOnFuqNmbpQPuV1yvVP92HjkVAqzjkNw&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4ADtvVjn8AozKfXeFtsm_BoJVO-OyL9-1tp1YJXbE1YgMUXzO3QqI_v96y4a4BVN6LOnFuqNmbpQPuV1yvVP92HjkVAqzjkNw&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4BBE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIiS_Lim73JJvDJH0upw8KU&google_cver=1&google_push=AehlK4B2nB4QETNL1FHyndXly1lDVXlvVLJZiXfmFKz3k--HtxbZgb9NhZsT2mGxq4yj7eEraM...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1raDBiT0FGRTJ1RzFiNS5vM2FxcWF0NXQyeDNIN1VCcn5B&google_push=AehlK4B2nB4QETNL1FHyndXly1lDVXlvVLJZiXfmFKz3k--HtxbZgb9Nh...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1raDBiT0FGRTJ1RzFiNS5vM2FxcWF0NXQyeDNIN1VCcn5B&google_push=AehlK4B2nB4QETNL1FHyndXly1lDVXlvVLJZiXfmFKz3k--HtxbZgb9NhZsT2mGxq4yj7eEraMt6uwjvCDfdNR_1NlmbjsFFgR5GXA
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1raDBiT0FGRTJ1RzFiNS5vM2FxcWF0NXQyeDNIN1VCcn5B&google_push=AehlK4B2nB4QETNL1FHyndXly1lDVXlvVLJZiXfmFKz3k--HtxbZgb9NhZsT2mGxq4yj7eEraMt6uwjvCDfdNR_1NlmbjsFFgR5GXA
date
Mon, 12 Sep 2022 21:37:40 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 4BBE
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEAnbfEsDGdWeytNQhxu7NP8&google_cver=1&google_push=AehlK4AChQmPX36cMYrVGLIDYs5t5RllKPzimI6pIyM1nhGwzRL7qd0gksFB04H4u0S_yNJ9hvcpAIkPbBZW3g5...
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4AChQmPX36cMYrVGLIDYs5t5RllKPzimI6pIyM1nhGwzRL7qd0gksFB04H4u0S_yNJ9hvcpAIkPbBZW3g5RirodWsIMB...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4AChQmPX36cMYrVGLIDYs5t5RllKPzimI6pIyM1nhGwzRL7qd0gksFB04H4u0S_yNJ9hvcpAIkPbBZW3g5RirodWsIMBrm0ABs
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4AChQmPX36cMYrVGLIDYs5t5RllKPzimI6pIyM1nhGwzRL7qd0gksFB04H4u0S_yNJ9hvcpAIkPbBZW3g5RirodWsIMBrm0ABs
Date
Mon, 12 Sep 2022 21:37:40 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4BBE 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iy2IlxGS87Fr1SbOzhiEHx_vax9ZtbBA4KKzURQUcPsDqVMgwS3VplxHoGyeeKHkEstz_YQXM
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 39E4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 14:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Sep 2023 14:40:19 GMT
file.mp4
r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 2C23 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/398E424304BEC627AA74A090A5DE9AA3489EAEC7.3B9C68996A10875090651A936BF0203C27884AB2/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:1::8 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
ab4ce99d1089f759727fcc73482863736eca397c3236b905fe14cf394faa548c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2128697/2128698
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2128698
expires
Mon, 12 Sep 2022 21:37:40 GMT
last-modified
Mon, 06 Jun 2022 22:29:19 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
client-protocol
quic
file.mp4
r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 554E 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2EB13BEC52EDDA67CE11FDEC771BA4F6E81099FC.590F643730EC2A8029876F13CA21F8CE25C9D8EE/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:1::8 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
ab4ce99d1089f759727fcc73482863736eca397c3236b905fe14cf394faa548c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2128697/2128698
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2128698
expires
Mon, 12 Sep 2022 21:37:40 GMT
last-modified
Mon, 06 Jun 2022 22:29:19 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
client-protocol
quic
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 43F9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
104181
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 11 Sep 2022 16:41:19 GMT
expires
Mon, 11 Sep 2023 16:41:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 52BA 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
276329
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Sep 2022 16:52:11 GMT
expires
Sat, 09 Sep 2023 16:52:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
7187f0fa.svg
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		492 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/7187f0fa.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b74e688e7c657a53478003583dd789e4a5ce35161c3f62b80745fe730b77bbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
fa5fb8b3.svg
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/fa5fb8b3.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b40c12b01d7dd928361aad83fb76e10878527f3b048cd0a4a4aff3ec8b85d9fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
635
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
a94c3b60.svg
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		1 KB
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/a94c3b60.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f16f0898b02a9df6ac2f9888ed88b4f63976e512e9fac22c8d468cf6877b605
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
561
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
04b90d3f.svg
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/04b90d3f.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861cae0f0baa045f169177b9b6dc775cf1ddf7d64bd6fa7b71714d2e5090cc26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1174
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
5b47befb.svg
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/5b47befb.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
017f77dad35bc8628746a941c5b85ee4fb206c73f7abd23e1503fadcfdc734af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1106
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
f1c37baa.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/f1c37baa.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9996503dc034049902e13428f941abc818f75a6257878a261acc3b2206dc61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49977
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
1d3369ba.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/1d3369ba.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74a0bb4b168036229890aaaa5925e9fb3a9da1ad289bd8fa8b147d1eed228f74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28915
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
b5fefff1.svg
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/b5fefff1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503ecba2019c7935aecb5a6322e359ec4e781280c3e700c6d2b81820fdbc1bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1664
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
b8a8197f.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/b8a8197f.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17af77bc8a8c4df507e1e323baa8086b2cbac1543b4c0a0ba0c54e4f7477712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2687
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
5703ff22.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/5703ff22.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea2700c50c47911cc85379e323d077ced4853bf5f776b2dfcb308748c68df57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2880
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
2b0c576d.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/2b0c576d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14d8bf0dbbbd2b1041768672acecd22f2d1c921179c364f979226f9e8e4bbaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4357
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
587dc9a3.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/587dc9a3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ef95f9ab874918e09b109be88846dd3b57b296faf7d644891a624cf6d0ef72d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1334
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
1463d017.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/1463d017.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a8127e877302f5c80b8336461578a57fd620583b577732f1ab3adecc64bda89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 04:03:45 GMT
x-content-type-options
nosniff
age
408835
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2480
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 04:03:45 GMT
6203b608.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		191 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/6203b608.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5569fb0ef5aa9ab3e4907eee446df7f6e438d9db0a2aaa390de52c07521cb2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
6d9e2591.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		289 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/6d9e2591.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3e26116a04210351c613630d62d53eae8ddff5732b0400908365e14c486a119
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
af9dcf59.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/af9dcf59.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f937aafe633a61af40ac179b3d30138d38bae6db00fad23d3d097051a6264bab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2841
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
3c1d2fd1.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/3c1d2fd1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d516b466e5be3aa441eb4c15a3053c21c5ef8785c2cf897a1aa8f026914497c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 04:03:45 GMT
x-content-type-options
nosniff
age
408835
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5278
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 04:03:45 GMT
e27b25b4.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/e27b25b4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
227888aff947abc754cd2cbdca5d2dffe93024b7419d83aeaad82628043fe34f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1375
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
51935e5b.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/51935e5b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7040a95241334b35cc780029a4054550bad90516547c24c048d2b4d931a2855f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2319
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
d2122f37.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/d2122f37.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b24de91d4697e55dd002f6f0ac1049206eb08b382cccf155d962ef9363888cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3045
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
634ef764.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/634ef764.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ff08ac0fc82bb0dcb472234e6bb22fcd57bf42d87cd5585c24f559efd5b87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5034
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
df72cb16.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		218 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/df72cb16.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4259fe0dc98975565d11468ea0df376ac6de525f688f94bdf544ba11cdc51929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
218
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
4f5ecab1.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		366 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/4f5ecab1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3db6bc8ca6a59cbb02cc8915700cc1c30af7594d83cbc2bcc97050dc1480a548
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
366
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
a0273d8e.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/a0273d8e.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71d7689112b1d50c87388ffb8c35be3de6a3e85110123063659367c635dac92e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2037
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
829a6ef5.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/829a6ef5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2cee63b50ef1b6a38cc8984bc9cd87c778b139c98d92da531ab42a93d858aaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4418
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
77e304ba.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/77e304ba.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63c0b99071a06fa47b9daa07a98730e604f630bccb2f4ad0b4eae0ddd525b1ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 04:03:45 GMT
x-content-type-options
nosniff
age
408835
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2066
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 04:03:45 GMT
679d68d9.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/679d68d9.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b4361ce44891ca7652187952f7fcb88173e9fb17d370a190967211f98d770f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:25:08 GMT
x-content-type-options
nosniff
age
752
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3477
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 21:25:08 GMT
00868780.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/00868780.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed872ca1c35cd9bced9a8f847d829e1a18cc87944ce1dcfbd7c566bb837dd1d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2579
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
42680dd7.png
s0.2mdn.net/sadbundle/6737885940087259136/images/ Frame 745B 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6737885940087259136/images/42680dd7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
487934ae454186fa5ebc9672fa64ed470a4c6e40215c271837d6730956ad8dbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6737885940087259136/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:08:32 GMT
x-content-type-options
nosniff
age
368948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4577
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 14:17:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 15:08:32 GMT
pixel
cm.g.doubleclick.net/ Frame B0B7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEINQxf5LYN0nS5RUU7NlIoA&google_cver=1&google_push=AehlK4AULn9VEh640-h8sl5vUyojqDdDMAccwAgzrC6mLEDdUFA-nbfedEnHdJFExKrvDv5n8SZyr3lpnEm2JCVH...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4AULn9VEh640-h8sl5vUyojqDdDMAccwAgzrC6mLEDdUFA-nbfedEnHdJFExKrvDv5n8SZyr3lpnEm2JCVHDrCSGsBi...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4AULn9VEh640-h8sl5vUyojqDdDMAccwAgzrC6mLEDdUFA-nbfedEnHdJFExKrvDv5n8SZyr3lpnEm2JCVHDrCSGsBiIq6Vcg
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Sep 2022 21:37:40 GMT
Server
MT3 4505 5b23575 master iad-pixel-x20 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=M3RjH6acTwCFSAM6Eob--A&google_push=AehlK4AULn9VEh640-h8sl5vUyojqDdDMAccwAgzrC6mLEDdUFA-nbfedEnHdJFExKrvDv5n8SZyr3lpnEm2JCVHDrCSGsBiIq6Vcg
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Sep 2022 21:37:39 GMT
pixel
cm.g.doubleclick.net/ Frame B0B7
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMWoS1DT6QcYlXOUx_4KM8o&google_cver=1&google_push=AehlK4CBcAC2kvi17-i2e-UnFRNcMWuqOfP527y_95O-5e4o6653Iru_lvXaz4M_KWqdaQu1P65vm-qZT8RhO2y-kSSHrEOlSubRNA
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4CBcAC2kvi17-i2e-UnFRNcMWuqOfP527y_95O-5e4o6653Iru_lvXaz4M_KWqdaQu1P65vm-qZT8RhO2y...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4CBcAC2kvi17-i2e-UnFRNcMWuqOfP527y_95O-5e4o6653Iru_lvXaz4M_KWqdaQu1P65vm-qZT8RhO2y-kSSHrEOlSubRNA
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F544501480B4ED1A98BD63E61B44B8D&google_push=AehlK4CBcAC2kvi17-i2e-UnFRNcMWuqOfP527y_95O-5e4o6653Iru_lvXaz4M_KWqdaQu1P65vm-qZT8RhO2y-kSSHrEOlSubRNA
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 11 Sep 2022 21:37:40 GMT
pixel
cm.g.doubleclick.net/ Frame B0B7
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4DU2tkPXFlMAqbWFYm8UOfp1heHvf36pTwm3qNLWj8hxqK2TfgHsbbX7DNUvvJjUiMMR249VHeBFm...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECZLctm08ItRqrWAylNUhd0&google_cver=1&google_push=AehlK4DU2tkPXFlMAqbWFYm8UOfp1heHvf36pTwm3qNLWj8hxqK2TfgHsbbX7DNUvvJjUiMMR249VHeBFm...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4DU2tkPXFlMAqbWFYm8UOfp1heHvf36pTwm3qNLWj8hxqK2TfgHsbbX7DNUvvJjUiMMR249VHeBFmpZPATz286LlXGUr8lwWg&google_hm=MDYwMzAwMDJfNjMxZ...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4DU2tkPXFlMAqbWFYm8UOfp1heHvf36pTwm3qNLWj8hxqK2TfgHsbbX7DNUvvJjUiMMR249VHeBFmpZPATz286LlXGUr8lwWg&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Sep 2022 21:37:40 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4DU2tkPXFlMAqbWFYm8UOfp1heHvf36pTwm3qNLWj8hxqK2TfgHsbbX7DNUvvJjUiMMR249VHeBFmpZPATz286LlXGUr8lwWg&google_hm=MDYwMzAwMDJfNjMxZmE2OWIzNmUyNQ%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame B0B7
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4CvPtMDNzcxoIo_fyeHkw17nYHhzZG3iD_vz4Jl3ovp_fu02zUsMYk3aoCjn5nArczUJHyqJMqM__ET-GgqVRDGs0fyIWZWTA
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DGV5nK2qQQiokDCyV_xDHQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4CvPtMDNzcxoIo_fyeHkw17nYHhzZG3iD_vz4Jl3ovp_fu02zUsMYk3aoCjn5nArczUJHyqJMqM__ET-GgqVRDGs0fyIWZWTA
date
Mon, 12 Sep 2022 21:37:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B0B7
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAehlK4Afzbu0sUDGlX_RyXdyZvx0WhOZKO9DjPyWEfSRkVk2jOLPeBoEisYlJPZG2F4jePl1ffJz-_ob56...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4Afzbu0sUDGlX_RyXdyZvx0WhOZKO9DjPyWEfSRkVk2jOLPeBoEisYlJPZG2F4jePl1ffJz-_ob56k7i2jQE4equu2TinWO&google_hm=5c63b8fc-35f1-4969-a1...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4Afzbu0sUDGlX_RyXdyZvx0WhOZKO9DjPyWEfSRkVk2jOLPeBoEisYlJPZG2F4jePl1ffJz-_ob56k7i2jQE4equu2TinWO&google_hm=5c63b8fc-35f1-4969-a16b-e4efe07de565
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Sep 2022 21:37:40 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-12
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AehlK4Afzbu0sUDGlX_RyXdyZvx0WhOZKO9DjPyWEfSRkVk2jOLPeBoEisYlJPZG2F4jePl1ffJz-_ob56k7i2jQE4equu2TinWO&google_hm=5c63b8fc-35f1-4969-a16b-e4efe07de565
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B0B7
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPfjGebC06lV1eEY1djKin0&google_cver=1&google_push=AehlK4CdS-y4kJciG6-KMGBM36McujVrQrd3SFMMfCcMc9CpoDVsQ0skgd55_HFN5fxRV-tgK_X7U-7JER7cPmyld1dumNLsAj7WBQ
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4CdS-y4kJciG6-KMGBM36McujVrQrd3SFMMfCcMc9CpoDVsQ0skgd55_HFN5fxRV-tgK_X7U-7JER7cPmyld1dumNLsAj7WBQ&google_hm=ZzVjNDdlNDgyMjIwZj...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4CdS-y4kJciG6-KMGBM36McujVrQrd3SFMMfCcMc9CpoDVsQ0skgd55_HFN5fxRV-tgK_X7U-7JER7cPmyld1dumNLsAj7WBQ&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4CdS-y4kJciG6-KMGBM36McujVrQrd3SFMMfCcMc9CpoDVsQ0skgd55_HFN5fxRV-tgK_X7U-7JER7cPmyld1dumNLsAj7WBQ&google_hm=ZzVjNDdlNDgyMjIwZjRiOTk3MTc=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame B0B7
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEAnbfEsDGdWeytNQhxu7NP8&google_cver=1&google_push=AehlK4Da6TXOER4cgXvOV7bGVqEYYfBkibwp6zPp4jH3JXqqZoeE57KTGbYEtJPJjnb6t1_Rn78SJ9jhGtB13CZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4Da6TXOER4cgXvOV7bGVqEYYfBkibwp6zPp4jH3JXqqZoeE57KTGbYEtJPJjnb6t1_Rn78SJ9jhGtB13CZT8iptHUYO9...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4Da6TXOER4cgXvOV7bGVqEYYfBkibwp6zPp4jH3JXqqZoeE57KTGbYEtJPJjnb6t1_Rn78SJ9jhGtB13CZT8iptHUYO9Xnzsw
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=Bq3hwTFLfUW9wl_pky_iBQ&google_push=AehlK4Da6TXOER4cgXvOV7bGVqEYYfBkibwp6zPp4jH3JXqqZoeE57KTGbYEtJPJjnb6t1_Rn78SJ9jhGtB13CZT8iptHUYO9Xnzsw
Date
Mon, 12 Sep 2022 21:37:40 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame B0B7 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JN_TNSXKQaGk1n6zFQScE2nbTqCI8UH0RK3cWK-daS1dC4J2xhmkdkpPgRBn9UFxZEOc6Klw
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
file.mp4
r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 874E 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/b02d3ccd375c0a78/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3799002579/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/69761A3DA7135ED46F4AD1B60D2F28ECE748816C.35F918E7116526665AEF1A4F4E398097677CDF93/key/cms1/cms_redirect/yes/mh/8J/mip/2607:5300:60:7867::15/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1663017785/mv/u/mvi/3/pl/32/file/file.mp4
Requested by
Host: e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:1::8 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
ab4ce99d1089f759727fcc73482863736eca397c3236b905fe14cf394faa548c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2128697/2128698
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2128698
expires
Mon, 12 Sep 2022 21:37:40 GMT
last-modified
Mon, 06 Jun 2022 22:29:19 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
client-protocol
quic
view
googleads4.g.doubleclick.net/pcs/ Frame 9121 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZmwdOgpOqjJFDnoPxRLTRj2Z_kMBRxoRPaL7Y_QS5YThiSkNvAzifGgFOwnlklYfIZ7GDvgFMWmgxBaTr0WJomBC6xuOWV29OCCMCSuMU2ZimLN0tkwAjVQhuEz_7yGqkgvM2ZiLWfrx0Q3Rc81KGhxDBOt1f1lx7ZY1ylpN1C11BEBDxYQGT5gGBdhEWO4cFfRnmJcI-RC0y2WMG61ZQtb_JtlQxOYQtSRuS9reZANsyzVujGOcaGYrNevVkEw0tzd1pHgU2uy5h7Mp68Z2WC9pnXxOp3MWJuJINHGnzDlTrc-1DvpKRQTaQPotQUyKHrl8Cm6oUuD4_Zkifoji1bU1y3Fvd4TFb9yDF9pJEAjK9lG989s-QhjCskXtmLQipyRYno-2ImfcACUIqNJNGKWGxxqxgyUnrIW0VAgMnBxbwbpUbSuh7BJW-bLoTx0tHC4uZ8bkAe0KvCH3aZzutnnwaJC6iezzdGVjhfku55IhOuqYn5DVt8va2Cga_qZkFCvNS4zL20H-BEZD6ZPD3by6Uq9HspbDBrYtRtK3mW7EJkg0oBHVZi7sGgkkxpOgyfqe3ndomcHZZ1dyVshcV3LY-zLCSumLsikY2V-wc8KLcb2N5ngAXFpFPbevnzNXkpbCIsU76qqY5ler7qEIlBSA2tNX_nnI3aCL5FRqDCBvrmxpwFK_pDCkD_YAmh4vXubqSK9X7x4ZWj2kyUVq89fNtDhCAcvNttQFiINtv1Hv0yNfx7ZpKTkIysxeSaiEvaGBMdGGnyRIaftP4hj6jyLG0Ww2nhjMixubngGu_wyBvqX3PQnlPwOAuq625UTrjYvdJUlDiZgHB9vKK47C9tqpLD6JJeUu5hxkIU-c5gRANAbB5Cn7laLpygDBy4RgIDP-h0917Q-pas6Ncd_574uYDq3RSSexY1EOoDAPQigAtEUjjAB82nPSHVRjwteXUxmFzwNenr2tHSSIFY9o6OQ9be3pX4-Dqwz6li_0l8Bu-HFs4D_V5GDoE4Y_n2q6Ipht9elUxJlYAkcblsZ8uaoIug1Tp0ysf9qBOClpVvr10XZ25FieM_1VUooev58WJwY0XZJukyDZlrC5THESMyfEoVgs9GWTMiZPFWnLDhftHFns8qJWrcJ9aRlbNbYoKxi1tHng1zckQMFobWCXmVGbZ_q1e_Za_U2H0Cu_9LrsvFZH7yX0duBKIbYgQ_SCcnIbnxx9BVKriJZ2VHQAkEgKWH3ellkKCED70UZqONpM6dNkeFWGim92n2g&sai=AMfl-YSY-7a2rqngsPVG3lWhB13Xm9iyMwWZ4BappiLsbOnTz0oi0Gxc3p-18BisbhM4VxSJ1_4y5NLT8t6KXDceHsT_VseZ6TGleiibXZuRXzWGNJi6mt7bldWKJF8uxclSpGwZ6N-ff8I9Krc-Dy86yUFggJIMENDV39ptyq1CEZuykggC2VsVulQWMZRquzzMzsS-58Z6Hey8uV9pKAj0b9kDuC7fvwTiBhh-SWdIDcKlqY8&sig=Cg0ArKJSzIVI5fiKjxx3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=533&vt=11&dtpt=338&dett=3&cstd=192&cisv=r20220907.14404&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Sep 2022 21:37:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 50A6 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 14:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Sep 2023 14:40:19 GMT
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 0980 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 14:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Sep 2023 14:40:19 GMT
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 43F9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 14:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Sep 2023 14:40:19 GMT
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 52BA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 14:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Sep 2023 14:40:19 GMT
wl
t.pubmatic.com/ 		17 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=160138
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.121 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=160138
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.121 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=160138
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.121 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=160138
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.121 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=160138
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.121 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=160138
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.121 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=160138
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3953/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.121 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.krem.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.krem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 925B 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BjATQo6YfY7q_Nsb__gS-zoDACwAAAAA4AeAEAg&bg=!AAOlA0fNAAZTikH4c4o7ACkAdvg8WiLRn0alU11IxdhkhUyDrzR5Ixp8MxasCodiorNCkkfV3kvuUQIAAALIUgAAAAJoAQeZAzO5ZSuvoYcjcHmsBiCYV2cgVOVW_M2C3KWzFDoqFj8S85NhGMZe9Hv4cBJFtZbe112GQrBPwjCWmphewE1CBPRO6tFfh1czfC16RPu23F82VUxdtExjJAqgr-H7HqErt9CxudiZ7q2ztIzxzEoSbeT4t_ptjaUjLFOBcgDA4lOZEltHHURV6w8ax_-MQuYS4SsvDWORmUamey5A7oZAaxxPDNYRmo0RLJCsxLe3rCK1MKmU4qqStG-j2bSSZCdE2-uj_Zv-7s90oHcLdLW0JGhv11hfduCwy0rOIarXq1hxK3CnAVSDl56MI4lJky8qfwsYuYiCYaYzvO-Bo2PMMqitMYPS36VWN4a_XWsZLq9wJTPbT8-ieKmXtew-UHGbug2yvBdI3yAAwtJYWE_rKEmoFVRIacHKXQNi_NDsnjRzhmHZnTcyBT_KuEbu-0Q5HoIK0WMeTsROXxhq7y-sF4RhNtTX-6qjRvgdXL1iMpxfNxVfaCmcqUWNTziAaLN7iPDAtKg2s1zuxlXK-eICatupvMBPdcKCGNpB94xgL-N2nrqNJRWRso-deXOcYl0_ID0fagx47X3Ijd74-YINep6VOCj2lfvXixyypuvrDbEQVLZ_wp6FEIKY756erY8mstgTh8qLfbgzxtRD3eLk3Xl2AhpKgS_ekLJb9d40jtxBbE2Ke1zIvMJJHUgD8GpCuuwihH3jlFyzbs4JfBo6N6DPw2bp3J8hXB10bTjF-0Coi0ce1x8z9Gyr7i0k_Zur-QxSpo-SQkfJntSG5oLtpfmE4U1c3a7OQ4-Yiy-Mf3Y45SDyqA2Ui9xXiDX0ipr6yPhGVDNpAGuSMprjFwFmAr0UwzOSAQ7K-AB52csmW3pfYAKoWtCvq69-Q7Fyhr7s21m5TzwqO2S9rb3kksKGqc7eud_tG7dYSTuiUUTmSklenUStvze4A1UCTk7-0zNf1tjfpLCgTZYA-Nlez1fOi-RGq7xN1_awieZVTH5DtZllJsMnMA1vhrPyM-FHTHHRtCzoCGefEwPnvesetISV9E_kPE7N_c0A-BIookzY-X8hVrpKGZWO0q6OO_O5BjsrX76b_Xg
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 102A 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bkrw8o6YfY5HNNsaexAOQ9bDQCwAAAAA4AeAEAg&bg=!HB-lH1vNAAZTikH4c4o7ACkAdvg8Wh7G00uOntu8iCmXyb_g19ozNEVjHO3SN_h1JbAaRJu1mB9k1QIAAAKnUgAAAAJoAQeZAw0MsLdHDJGlkmqWccpaMIh4Fd1bi2TAWoe898ZxOSASGO4JaYbOFCZeH-nCDGq--zFoxxlFNpOuKGYkS0MdZCzVPtRHoosBHDg6gmZyUL6oOajzGnzlOVwCuhyuUZG_5bRlVR3yF02vqkhgo__6L_sNuNf6q3L-0PnNzE9sMSVLKDixorrmGsgj0hwhjUxODrMMn5V6K_BDd7NaVhIFuV4WVJ9le7qrhnQQqKNNczywkXImcBK60Yb0YpLqEZmxSdsKD1oSCxI5VQXxu5a9QW3iJQPlcEZPI9NmO6O6axGjjQntIBOmCcFw1Z6eoYnVBsXbpyy9q6vEIwChM49dqJXqP7PQbx2PpHaMPON6vT7BlBjBof06jBmafH4dv8tH4jZ4E7wtgCzAct6QMxB7VdQ7AVhh7hi7hyPPjS8cGbVv7XtPzbflFh9jY1jHtWuDc8DUHbop_IjBBUDtpDD2CQ6quKQWhZku9j1-XBpLVlcLhQY2TUow2UhkyXvOhMyamTzeBN_ZHjt6vhXoP3ti_BuG88kVfkyEo996HB7dmAB5y5EgvD5TugKO6F9iVAwyixhBhi9YmPH11tcY9KOQQJJXvl_NQrEQgmMLPcWr5z_opcamlSLF4Skz_xTtVQIKEC55CsaTAFCZJ2YEHgl57nexgb7wEzEZh0g2tpNJuQIxNvHX2dJT8LtQMnpuuj2gsooJQd1cM6Tb_Lfk46ds4aKHYjCnQK1n3vZaZcwBlfxv6kj4Szb-wrwnX8tqdjet98zfktrgrvb1WQCU__REI5s_tdOwXZOGROPgaXKa7Yf5vszak1dGQysMxlJhG08_DnNE7UpaL8M4A9zQT06T0SggQt0xH8qU-GJ41TiIflywrw8qDYBQdXM9OgGfpphOg0QfC48CLk3gVwgnpn8teK2PX8pJmUEkHeAx7MhQ96jIEFaZEt6_7H5ghoKAiNO90Y3-4gRGD35saflHu2wklJ96k-CG9n5UdGoaTyE6IUk8bHLOJUBIJ3lEksQduIH8CnCWSzy6AEEJ_uuO6VRm
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 39E4 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BBICio6YfY8WcOs-BzwWw76uQDAAAAAA4AeAEAg&bg=!CQqlCk7NAAZTikH4c4o7ACkAdvg8WrsVUSc7zaSYMCSDsV0WAgOORC3fBaV0UUW4-HHVlW23UF15DgIAAAJzUgAAAANoAQeZAwJgdax5UfqcHyo6IdjcLjR13hqvZnIYP9TmBb60UFTokKRODUSb27W5-_9_sxZgrOhcvDFKu2AKKIF5rHYncCHMaL0yP-_cdrZUs29FK6jG914wD3gPyDsPfZpZnARC1Idt9fnnu-6rWS7Xnyr1Ox91aasvgpKT_ZMKCY0MuoEUb8YmV9f6ZOWOugXxIp6Xf499tcB4p-1mFtKl-m6dw-ftwmcQvaSrAn0gslIfkTWPz1c0T1XhZtv7f6_S1IdS4g3HIiXdnOuMmfPPuLSp5uNm0VzZ0aGvUIZBEcsAOM3n0GQ1BE24UKZ9qDPNlD_9_cLcf_g2_MLVbFirWTppYmJOM_APQVW5_vR6rO6Ivd5POnQAB0DlCP9dcOaUrMF3-gdtA0G6i0dkxz22ybR_Z8VGz0mwu5mbwlPVObmqgQy8cP6hwYVtIgteqvCnu8GD4BmeRFV2QkiStraEMfPICz_ETHX9FAwlbJQShoVnrfKyCUC6NZS6Ww5t5pxQLJqeQMBeJhyPnWdI5SOyz9mMotnsn2ELf5hOK1Q3kVSWIhp-eRhuIbjSNJfD-JEmCKl9zNWEiq06xdeg37XChV1gF1MFO_cnWJEGqEY0nXJ37J-jRk0N_0CCM0J3zto4YAgsk72OMn9xOqhdOO0wbZuu49_zgcc48SD9NiIss6ZBoNWjHrd21Utviu2jwgqaUthfHtzJdKtLfbfQ8AmpVklo1vtdNI-kb5ZSMcMjC2PLqCw3jrudI7eBzI3IClC8McPb33gffo5ZioGae7c4GKDtm5-b6M90SK7RAvAu-LWDnqMojScY0GORLd21SS5NUo0Aq5yQBt9vxF7OhJ6bP-ZhNUxlWWTHs1-nvZTQ40vKW37UUmoV_blXJzJGameeg2u3IQ08xt4Uk6VVpI1UfcUIfTIIWQmT83dR-zg2kucULRF1q3wXaCHq1EtjC8f8aD__0nfRCF6HIPOjlnnso4xilENlL-HrEztRAw_yYmmp7VXXBDOJPRZUYP5VznreSkmsE-LX2w
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 50A6 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BeKoIpKYfY8-qC5eYoPMPjbG9qA0AAAAAOAHgBAI&bg=!8_Cl8LTNAAZTikH4c4o7ACkAdvg8WlgGrG8WseIqkedX7r2ApAyJUmM4skVbraIFOIYiYvZV0B_V4gIAAAJyUgAAAANoAQeZAyLH7Jwlu3MRyMCLGkbpFE4FkoNjENlZP1dVJsUSqNBZGF3NOLSxbBXvXNTGrZUUiliAiR5VquunxG6v0nF8knPxjMUhDLCqmtP5PIcP6-BmP00jbCtL0gyPB6ZAqrauuhMJgFFxJ5vcEfD2Kiakhxm9Twg15dUjNCI8rLWVbS4wOs8hreLjpcjCAtcpp4PFKkG69vPR0S_USGtxhAV-mOZjC6yyPqjE9hHiIb6mWsoggGL9rnP4MiWhXLV1vs3_x1s9-g5h5R0AQ5LLGG8PJBEpRi9QSyzTuZr__03q_6wSKNLDs58Eo0UzUooL19vDFC4Wvoc3uA_bnOVPVAXqF8bJ2ivzGL5Pt_RVmurzU76ue6MCggXWvoUOPtPkfEdHVsJcBWzz9fF5gA7fRum12_kaZ3HB9DMiK2eiQjdEaMYxQyH6goUcRK1L94954e4vsaomwHdHdaneN7mhkXGOjLuJqZfL3JG-0zt1A0zGOVEjO42b3HLOqvyxMFRVPC_MEg78uVsmE3s-JEiCLrwUUQ_rGTW6pf0Hielc9iHm3e_DyHmb-wdQpbNY8DpfEktRJkJdJ2z1Sos-duRVQpqiXTC-VomOIoB-Cof7Ifhlw6ieNmv8z4XIhz81lKXqGERHyC-h8QxMHeSO50LGcGfCNJF-Axfk5ePUANe0Vuvd5w0H4lH0YV4fYznnx4uQGv_DpGkWZLjx7XEwWb3HZ_twkPFB5gKCpKO9HpVw7CcPX8F68L-nEsrlfdMpXdwsom7wAaMmyjR4zS9rMUTWEKqNhTQscHFFCO-jcnKozz29NfHQwWfCEtaLXNEA0PVqf0j-pnT0j0Fu4dcsuJOop-OKDGxspl_6Go_BuR8wWq134RJbTtsMDQ1rzdjOaYkbZmro_NgGgpIP7dZ2FP0p-OfGqn8ig3cYVBkR2bguQWPV23ThT9z9vt3mM6ZVvJyp-SEUCOYUHFg-hOeaYrIn6BrNXFisw0PIi_dsm3eHeIy6BUr6eTD7YcduvUA238G9NfJA2cqOxFHCi6IszARHIQMC-KMlsCBXSMVG21xtCivgN_dfg_zi
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0980 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BH_qOpKYfY53eC5eYoPMPjbG9qA0AAAAAOAHgBAI&bg=!LyylLGjNAAZTikH4c4o7ACkAdvg8WrtpNf3I5MRXEXiBdbadIQBNfurEbVRi7ZYUVx3aIujnypORegIAAAJFUgAAAANoAQeZAzFJst3-uxqbHuVyZmql4mTil4uCjJYl8ySUhmOxSLiTtjakF4kvFby9LPbN6XGEUr2HbaAYgvKD_HVKfpXqSnLQ34HvsoZRE74zZ1LF_eH-AUKuY6OBDRylRkh2O4mVWknFzXRpVBHS9y2tJ2Q7WPvuraMw1jSF-ZJf0j3m_VyyuiMVqIby6mL-5vqssWW_urqvUYljInN8J3Ar8sIG7mukDT2oa_XOEXVmFaU1fIZYop_QoQc1qC1G1zguYgYXXRlSBaNjqoQc1NJUURYXbgMhtt1g-OPeE52x7rN6x4G3zfscU96igRXJQ-BDQBab6k_Jv0WMxJ35s7vRUQJ1Y6SIDly6huJ_TPpLFgCLicEiBPtGsHo2u7RmvRfQ9gs4xAebZXHp0q-3p5bbnd8xabC86-T6TbSu-EhylrjrpcjQIYkZQKsSPPpFeYoVVUDYfnNlA00Zk2zM1KPoAviMRKshP8-bIQZoarYTz7e13pvJ2LpdA6oiml_D-QolBovuyNStm5N0p8I6zj3PqdEu_eMoqefXmJ8TyKGvRNOgTtI31_iF19R5oqZOm2u4PxQu3uFSa_Gy6BTpwGIru_Mx6_ti8SFXMhguWFa-wX9UUOwsGY7C8atvfkUK_kkOndr2Txh-Mgwn_ot4SazFuQ7qmfFeY2R2REjzABqKlkwcO72AumLVGOisE2DYZVg-1QRZXRN9TM8oCcPijBOcVWJzhnX3cuo7K5jkBcREmWRC2OTCIsVnF5O-SKlqe6VLX-Id6kTNJ4Dd6CE-yYkAHrLkNU20UynUwMS2HSeAtvFRjJCygR-e09N2p3tphopmDSYpFTvRWCyss27WVxiPfJ8H-l0pHTy8FHp32F1IZigpVhhc0PpLTnS2Ro6J9-fXl6Of4IXFf_jtnmPTUVNbGiJDU8oOFyIirvyTcvHEOcvyXGKoXxzh1K02zdJDHjTdqpdXTvlL76Qj0LY0IQKra2p1DsFeCitCL8_fk2iGbGuyCef2ga8q0tRY5KfdZLaefzYbbcsW58H0EcKdyZBMNtEXUxNubHk2w6rx9xjed9UBvUv7griHyrN3pccRjTnKRnzmGJe3
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 43F9 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzntOpKYfY5ED7vfOBe2huZAKAAAAADgB4AQC&bg=!JySlJGDNAAZTikH4c4o7ACkAdvg8Wp_7maThoj80i_BsRTlEbJ35oaK1UTOTrbrGpLVYmc18gzak5QIAAAJwUgAAAANoAQeZAyJPFx9SS7Uq-U3L6W9dkP7jZ77JzDphOAUsdOXdS7hVGMua1qJayN9uVyIu5ZGA7YxpudMuyNW_KZk2jAj8cNX_OmihCqXzca7CwOmGXel0MDw40TSkpg5PtCsIXE9eBkDf4UkfydZacfPNz5aMexQXKuAZxBP_ir_LlRnIkR6bUdZAnZsKd0FQdShoyJ7owOZ17QZ47ji4_bNX4GzMzC19CBpnq3P66MNsxnQz4eRyBETvLCnp0YiedLxZE5IxnGzSwCtxFgkBQPsRt3Js8ehwL9p-V8RWUbfyaRELokyDhpXXUg8uqrJQdKpvMlFIua2SZm2Rrgtjh0KZ-Qv8T1ch_dDGf2niB1Zn-M6PYBof56uzAe8URfEdHfbeUW0VP6GMuye-AdxAIHWhYzC-B1VJa4rRwI9wOKE5Xgez8C2OpHhrDXPe454zW6Sx5qw3E4pi_lZreB3nYXCLcCah6AqCcmwGYf1GNtmpywbLghvEJ2A3cggoM9qHFd5lKSkAfaw0p59jREdYcLF7dkUv_UUmxNYa_9-aDVTf68RRDbK350EQt5U1vZEalX2RBQDi4LrsyzZPoOJkqux7c7BVc78fNjy7R6lSfpsK1wwTraVJPWEN0CJpQQHHSn62Repwmw_VQvY5S44iLke8CArdAxTjkima9VrV9TLCQh0xOPs_KGhj2xAEqp1pNJ7Kz3WkluCvoKNrDi2dkqDo0Y_EzrNnQ-A5QHriHgezBhvtq2l8bn93YM7Vg6nEib18PFCo8qih6UBEO-_sK-FRAATt-0L0u3UtX_lEVTPBAzzGAL9nKPjNyu4qW9yfuA0FbpZc5zQILcWOF2o4GXcGk2DAVtlWDJESBfp1QDqfPRaOFNHupxNQUk9qzGaRDmCBZ-_uCxggAHd5YnfE1lyX75Bd59_OcRzh_0q-TZ0p97jcqi1IW7yIsf6Fxxpm-NguKT_PRtIBWHhEpKaAUGn_e1ZspQBg5sVi96TCAGYhG6Z4ImpJSEJ-orOaPr7vRSRya-ca-kc1UuqURnTo7dqe0i430Jldmq7RrAStXFDHGh0bQQbh7Z8h
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 52BA 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BfovTpKYfY6qAEuaQoPwPjJWriA4AAAAAOAHgBAI&bg=!TU6lTgrNAAZTikH4c4o7ACkAdvg8WslMIcGRmn5nGk9psVUrmEfK6HRufoRWC4jF_qMOi2Pnhd11AgIAAAH8UgAAAANoAQeZA0Czm7NYKBq8fy43pLIdyMxIJxspKSLmsugJD8PzAJyZeYD6L7ypyx3eei6vCAnbSJjv_1zwh79ukrUSkAocb8vy2TrFb86pYvdwo5NLyih5ZVPio--934gc-0FvQb8EaSC1JY2AeEv1jZNuD40MlzdCXykSbdjB-7TTCoirjgn2hq6LcV-AxABfvZzbLoIFUZ3BuBjZ02PfWelNySWdP3Fx3ZaP76tW8INSMK3aVDsoFVCVr_bVJMh17hyjHtZLJ4pg2ZISomsW78DzPT4JjgiOrGky9KRbUWLMboE94Xm_PS4AKlMmTW_vmrgJVOT-vHzqyPPDIgFH9FLHaf9sHQoSKzNZW1QowN64NSfk7hWaUbbtXbdIz1spOD3wW59Wat1-csRA0RAv52jOj_JG1c_gKrHkvnICWDha3IY7Ye38Cqym_crnqMwlf87QSL6h-udu-M54M2nt3WALKy6bdrnZjPdAJ6oqjtcjznoB9bQi6nk2oKPwWZoiL2ETYPCthoffDNJBgJdWx5y73s5nvlGmDXUhECU1intl9wNyfUzW2DpeEdi9ZVnWP1OVIEFc-CT_7sZrF-Up87Q1-nTQhTv5XHrWLaCBNzo1jNeS7qA9E4Gz0ypEjqYPLg6NmdUICBpDzoUMhzarHHJh1A9JAwxCPidmLGInAxgCkFEcg0H3sJm6mWgZrJOLNJhipMxp3nHYSIkTagXUC3zvp9QwpIqMFob-GtzAxeH0S8ABrJ8SkuNR-JPk73Ill4AeUkcBglyEXaZLubzOvTkiEzg9qPsQVXuKyxMFijrh7Oo1vkinNOoyPDZBFb7afDsCMjXZSwofISD1Jla_aZetxg8wyDMKiFvjnXrNkQi4zJGDfGwqoJS-jhlEzbeQcEZpKkQJqyfX2qPGDK-o1tuucEOPK3Rt_7b9adzK_lziqtEUJHZsSsFJK65ifJuMt64tTp2N0wSTVSCxAuX4_Q20fgjHRuh4XmY7nuvfHMg1uJnMNjmiCfpdwVgvG02jYwF0-mkilnifClAdK2CPNZmaNvtvFoGdHiotQGl1CD03yYT1QyQ97zO0DHQ9O-3gQfFnfFASTy2k7Nx2K_3x1uZ4LSQjwbpA
Requested by
Host: www.krem.com
URL: https://www.krem.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 302E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l7zadebv&c=8513863176125&slotId=4256931588062.5&qqid=CNbtu6ObkPoCFZNGhwodADoBug&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=933&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=3.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:815::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame AA86 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l7zadecn&c=7290698633559&slotId=3645349316779.5&qqid=CLWtuqObkPoCFUR5hwod3nYAjA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=933&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=3.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:815::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6555 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l7zadefi&c=516439249001&slotId=258219624500.5&qqid=CKHtwqObkPoCFeeHgwgdLHMM-A&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=933&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=3.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:815::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 554E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l7zadem2&c=259132724404&slotId=129566362202&qqid=CO2SwKObkPoCFVHvhwodLqkACQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=933&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=3.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:815::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2C23 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l7zadek8&c=1208302966536&slotId=604151483268&qqid=CJiSwaObkPoCFRpQhwodCrACAA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=933&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=3.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:815::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 874E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l7zadep1&c=3315367669347&slotId=1657683834673.5&qqid=CMGOxKObkPoCFRL-hwodiLQIXA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=933&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=3.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4005:815::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:37:42 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2.m3u8
livevideo.tegnadigital.com/krem/v1/manifest/f9c1bf9ffd6ac86b6173a7c169ff6e3f4efbd693/KREM/60864e9e-a147-4319-ba2d-8880ed2cbf20/ 		2 KB
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo.tegnadigital.com/krem/v1/manifest/f9c1bf9ffd6ac86b6173a7c169ff6e3f4efbd693/KREM/60864e9e-a147-4319-ba2d-8880ed2cbf20/2.m3u8
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.178 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3666d5209429989a9db547d3ba2aee96e0f30324adc64c147b860db83506446d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:42 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amzn-RequestId
59058693-3189-4676-b91b-43aead875af3
Connection
keep-alive
Content-Length
303
Pragma
no-cache
Akamai-Mon-Iucid-Del
926974
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Expires
Mon, 12 Sep 2022 21:37:42 GMT
live-31_01376.ts
livevideo01.krem.com/hls/live/2017156/elvs/20220808T103539/live-3/00256/ 		516 KB
517 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livevideo01.krem.com/hls/live/2017156/elvs/20220808T103539/live-3/00256/live-31_01376.ts
Requested by
Host: amp.akamaized.net
URL: https://amp.akamaized.net/players/9.1.8+premier/akamai/amp/core/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.166.107 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-166-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e24bf4ae9c71dda4a69258e20674ecafe075dc978d1e142cf14256c3bd7bed12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.krem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 21:37:42 GMT
Akamai-Path-Timestamp
i=1663018657.760;xi=1663018657.777;xo=1663018660.355;s=1663018660.427;
Akamai-Mon-Iucid-Ing
2017156
Connection
keep-alive
X-Akamai-Live-Origin-QoS
d=7000;t=1663018657.763
Content-Length
528844
Pragma
no-cache
Akamai-Mon-Iucid-Del
283193
Last-Modified
Mon, 12 Sep 2022 21:37:37 GMT
X-Akamai-Server
Akamai-SMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31535961
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires
Tue, 12 Sep 2023 21:37:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tag.simpli.fi
URL
https://tag.simpli.fi/sifitag/92f5ae10-79bd-0137-5653-06659b33d47c
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
Domain
hb.emxdgt.com
URL
https://hb.emxdgt.com/?t=950&ts=1663018658710&src=pbjs

Verdicts & Comments Add Verdict or Comment

285 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| tegna function| loadCSS function| applyFocusVisiblePolyfill object| OneTrustStub function| OptanonWrapper function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| utag_data function| recaptchaCallback object| _taboola string| bazadebezolkohpepadr string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| __otccpaooLocation object| Optanon object| OneTrust function| _typeof function| _createRawReactElement function| _asyncIterator function| AsyncGenerator function| _asyncGeneratorDelegate function| asyncGeneratorStep function| _asyncToGenerator function| _classCallCheck function| _defineProperties function| _createClass function| _defineEnumerableProperties function| _defaults function| _defineProperty function| _extends function| _inherits function| _getPrototypeOf function| _setPrototypeOf function| _isNativeReflectConstruct function| _construct function| _isNativeFunction function| _wrapNativeSuper function| _instanceof function| _interopRequireDefault function| _getRequireWildcardCache function| _interopRequireWildcard function| _newArrowCheck function| _objectDestructuringEmpty function| _objectWithoutPropertiesLoose function| _objectWithoutProperties function| _assertThisInitialized function| _possibleConstructorReturn function| _superPropBase function| _get function| set function| _set function| _taggedTemplateLiteral function| _taggedTemplateLiteralLoose function| _temporalUndefined function| _temporalRef function| _slicedToArray function| _slicedToArrayLoose function| _toArray function| _toConsumableArray function| _arrayWithoutHoles function| _arrayWithHoles function| _iterableToArray function| _arrayLikeToArray undefined| REACT_ELEMENT_TYPE object| babelHelpers object| ce object| akamai function| ES6Promise object| puremvc object| bowser function| requirejs function| require function| define string| urhehlevkedkilrobacf object| recaptcha object| firebase function| $ function| jQuery function| Hls object| modal object| closure_lm_133316 object| React object| ReactDOM object| PropTypes function| ReactHint boolean| utag_condload object| utag function| udm_ function| ns_order function| ns_onclick object| googletag object| script object| firstScriptTag boolean| __tealium_twc_switch object| ns_ string| GoogleAnalyticsObject function| ga object| apstag function| ope object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore boolean| apstagLOADED object| webpackChunkgroundcontrol function| bootAd object| Audit object| STR object| g object| ns_p function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| PWT object| OWT string| partnerName string| key object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand boolean| _tb_vautop object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter boolean| _tb_noOP object| COMSCORE function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id string| trc_item_url object| TRCImpl number| taboola_view_id object| ID5 function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| pi object| _pm_mcg object| image object| gaplugins object| gaGlobal object| gaData object| ats undefined| google_measure_js_timing object| Criteo number| pubInfoListtLength function| focusMethod object| placementData string| nam object| cmTag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| _cm_wfCounters object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_129 object| Criteo_identitytag_129 object| msgData function| webpackHotUpdate function| startCMTagMain string| category string| vpaidId function| OvaMediaPlayer

275 Cookies

Domain/Path Name / Value
.taboola.com/tegna-krem/ Name: taboola_session_id
Value: v2_6bd6d3f74de46a6e6c43b9ff4d2c9c68_38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a_1663018650_1663018650_CIi3jgYQqaw_GIKWi52zMCABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjg0Mbs38-HxldwAQ
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AOj27MdEnoQxmz-V5LXzhMUz2c4vDiIx-r2gK2NHmIaWuFw--YF9V4Qgm5VOPtiULJ20_5cE8sTw_Oo7V2cEvlk
.3lift.com/sync Name: sync
Value: CgoIoQEQu5yLnbMwCgoIgQIQu5yLnbMwCgoI4gEQu5yLnbMwCgoI5gEQu5yLnbMwCgoIhwIQu5yLnbMwCgkICRC7nIudszAKCQg6ELuci52zMAoJCAsQu5yLnbMwCgoIjAIQu5yLnbMwCgkIXxC7nIudszA=
.mrtnsvr.com/sync Name: userId
Value: Iuo35QDap
www.krem.com/ Name: usprivacy
Value: 1YNY
.www.krem.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Mon+Sep+12+2022+21%3A37%3A29+GMT%2B0000+(GMT)&version=6.27.0&hosts=&consentId=f337255a-daec-4e86-8a62-add91176059b&interactionCount=0&landingPath=https%3A%2F%2Fwww.krem.com%2F&groups=C0001%3A1%2CC0003%3A1%2CBG1%3A1%2CC0004%3A1%2CC0002%3A1
.krem.com/ Name: bm_sv
Value: EEECC6FBC748336D37B9B7157331A0EF~YAAQDmdNaLCk+gSDAQAApciiMxH94C8Ox/r3a6mwGPUDXI3Wq+XvD+1edhCWs2Xxht02uaqrqHLr3au3wM1V7xJdc3W1+QD/CpWOIcVD2hKgMXkBrF8qyg3qXyvYpfG3ljY4zsQIAHekxiLfFSFOBe0k04wVnJ3rtjEQLinEVNAlHGe/1Jozx8oJ//cwRnGtJGhtTmhP/YjjaWwRvbS19LJ0MUoLYrBuoQ4Vp+fj02g/rZzrUbcg23Ip7Rrfng==~1
.krem.com/ Name: utag_main
Value: v_id:018333a2c9a600001e1166f0634d03074001506c00b08$_sn:1$_ss:1$_st:1663020450025$ses_id:1663018650025%3Bexp-session$_pn:1%3Bexp-session
.krem.com/ Name: ak_bmsc
Value: F79C86E5F9C15FB15029EBA93A91597C~000000000000000000000000000000~YAAQDmdNaMOk+gSDAQAACcqiMxG9ymplwBembw9A51wBnag/6kAnemFLcPQEjS5MgzwQKfx9K/BsRP0tOJo56VQs6Nca8SGeXgv73AcDPzP3KIjpUfElycrOxQqqc9cLMad09YHtEaTZiDYZugkHclw7ITeW8HtjF/E+c3C4fUZJN4ySF3CejzygZL0ebrqj6yFM4vnipkRl0ZjfI/HmMbyWUFua0LXq4OHhSEeOqxzH97j8l1FP3iSshZrpgKLRsYIILMzDiHmUAWxN66WAgNPv4glpqFQyGlkaNfctv8rxLEYRGhB6OXWHUXssY08ne6axHypI1ctOynHwHcxudP6JKtisza7cRPd5akvC+p/VfDryrZ330y3G9RMheHhQ0G7nloSk6oihUwHjhdLyD3mofvYTutRYKZUtrvub+o8odXYA9QYgxzT8k+5CNNX6Wx8yrch0E9MLyOy2rbsOizQMH5hegCGk4Tj80Dno9JCDQC1lY/Sywho=
.scorecardresearch.com/ Name: UID
Value: 1C26d5cb4aec80c39a39a6e1663018650
www.krem.com/ Name: _tb_sess_r
Value:
.krem.com/ Name: _ga
Value: GA1.2.1086046727.1663018650
.krem.com/ Name: _gid
Value: GA1.2.2101824895.1663018650
.krem.com/ Name: _gat_tealium_0
Value: 1
www.krem.com/ Name: _lr_geo_location
Value: CA
www.krem.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.tagger.opecloud.com/ Name: ope_uid
Value: 2-M9ZDPhWxK/PHfN8/gGUIuEAcCDN95YgzmrfQIBy+g6l5xBq7hzEVmEmxUNn5/ekjYusVGQ==
.undertone.com/ Name: UTID
Value: abf8624aa8e747ea847fab19c4fff796
.undertone.com/ Name: UTID_ENC
Value: a6inav80s9tudcj0jnuelpimu
.taboola.com/ Name: t_gid
Value: 38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a
www.krem.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a
.serverbid.com/ Name: CONSUMABLEID
Value: 5a8d7235beac44068d7235beac3406f2
.sharethrough.com/ Name: stx_user_id
Value: fe56eba7-8652-4c50-9f65-7637d633134a
.3lift.com/ Name: tluid
Value: 3925327059705463040423
.bidswitch.net/ Name: tuuid
Value: 840b9800-7fd1-40bd-a695-2bd7ac05ae93
.bidswitch.net/ Name: c
Value: 1663018651
.bidswitch.net/ Name: tuuid_lu
Value: 1663018651
.smaato.net/ Name: SCM
Value: 807ffc0a
.smaato.net/ Name: SCMs
Value: 807ffc0a
.dyntrk.com/ Name: dyn_u
Value: 06030002_631fa69b36e25
.yahoo.com/ Name: A3
Value: d=AQABBJumH2MCEMdUtcTZydkcOuOenq2qPHcFEgEBAQH4IGMpYwAAAAAA_eMAAA&S=AQAAAtO5MgqPC-r4tUgPEaNNWWw
.amazon-adsystem.com/ Name: ad-id
Value: A1ZT1m2lpErcqHc8ta4aoJE
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.33across.com/ Name: 33x_ps
Value: u%3D211975278567969%3As1%3D1663018651272%3Ats%3D1663018651272
.smartadserver.com/ Name: pid
Value: 2362538231446745451
.creativecdn.com/ Name: u
Value: Qqm1WMvcgGOkNCUxBBU6
.creativecdn.com/ Name: ts
Value: 1663018651
.bidr.io/ Name: bito
Value: AAD2TU7GP00AAA3VYLki2w
.bidr.io/ Name: bitoIsSecure
Value: ok
.doubleclick.net/ Name: IDE
Value: AHWqTUkc1EaYxzH2krYVpljeQvl9a6Aw7WoaEeRL-jwWY6mlMCOFTYgXV4I5Xcx4UNk
.server.cpmstar.com/ Name: USER_ID
Value: %d7%ba%2c%c7%5eW%e4%b5%e2Ts%d5%caU%09
.sitescout.com/ Name: ssi
Value: 06ea0601-d0c8-4906-a00e-3cfab6c87890#1663018651639
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.a-mo.net/ Name: amuid2
Value: c334e879-c81b-40a9-83e7-1a00900a3b88
.prebid.a-mo.net/ Name: sd_amuid2
Value: c334e879-c81b-40a9-83e7-1a00900a3b88
.lijit.com/ Name: ljt_reader
Value: FTkxeLZHR3PtEe5nScqbdRwo
.adsrvr.org/ Name: TDID
Value: a2c2f461-deb4-4461-8898-1773ade8bb97
.adnxs.com/ Name: uuid2
Value: 6740448256026770921
.openx.net/ Name: i
Value: b9f015e7-1a8f-4618-be6c-74396b96761f|1663018651
.casalemedia.com/ Name: CMPS
Value: 2923
.zemanta.com/ Name: zuid
Value: ZTQbFeJQMV3vJfNj1D20
.c.bing.com/ Name: MR
Value: 0
.bing.com/ Name: MUID
Value: 08480A5BEA39638D3DF31846EB13629E
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0C65799C-ADAA-4108-A890-30B257FC431D
.undertone.com/ Name: UID_EXT_56
Value: y-KkoRqS5E2uGnx3nv8tQ1h2dIBuj7REjgzwr0uAM-~A
.addthis.com/ Name: ouid
Value: 631fa69b00014ac674b7f4f3edf989afb2fd460c67e169ea53e6
.addthis.com/ Name: uid
Value: 631fa69bd46e54a8
.addthis.com/ Name: na_id
Value: 2022091221373178700934909344
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2786:u=1:x=1:i=1663018651:t=1663105051:v=2:sig=AQGMTNR__LhgH3fKGFGmBxT5idUEgIGU"
.rubiconproject.com/ Name: khaos
Value: L7ZAD86L-U-LLYM
.linkedin.com/ Name: li_sugr
Value: 696198a4-dc0f-457a-af19-d83de666f4d4
.linkedin.com/ Name: bcookie
Value: "v=2&2bfa4e1e-3507-4e5c-82e5-a1eeb9ab3abc"
.simpli.fi/ Name: suid
Value: 0F544501480B4ED1A98BD63E61B44B8D
.casalemedia.com/ Name: CMID
Value: Yx.mm01KsayL.r.TyKhWBAAA
.casalemedia.com/ Name: CMPRO
Value: 2923
.demdex.net/ Name: demdex
Value: 52091606829899646490071552684220749431
.krxd.net/ Name: _kuid_
Value: PE0bH1-V
.emxdgt.com/ Name: uid
Value: 53451663018651931712bd
.creative-serving.com/ Name: tuuid
Value: 252556e4-8972-4825-a50b-9b9115fa0160
.creative-serving.com/ Name: c
Value: 1663018651
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAD2TU7GP00AAA3VYLki2w
.adform.net/ Name: C
Value: 1
ads.avct.cloud/ Name: uuid
Value: 1821034a-12a8-42b3-8b1d-acccf684ecee
.rlcdn.com/ Name: pxrc
Value: CJvN/pgGEgUI6AcQABIFCOhHEAASBgi66gEQABIGCLjrARAA
.undertone.com/ Name: UID_EXT_46
Value: a2c2f461-deb4-4461-8898-1773ade8bb97
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzGwNDS1MDc0NTcyFuIz1DV2DQpKzPVwDHBLrAQAdm5zySQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzGwNDS1MDc0NTcyFuIz1DV2DQpKzPVwDHBLrAQAdm5zySQAAAA
.pippio.com/ Name: did
Value: _vCdZWUjkaVFiccw
.pippio.com/ Name: didts
Value: 1663018651
.pippio.com/ Name: nnls
Value:
.undertone.com/ Name: UID_EXT_47
Value: L7ZAD86L-U-LLYM
.criteo.com/ Name: uid
Value: ad4edbbb-b0e1-4769-ae71-4d6147a953a5
.ipredictive.com/ Name: cu
Value: 2617dbac-cce6-4337-b447-62fc0b76992c|1663018652045
.undertone.com/ Name: UID_EXT_39
Value: 21314d99-b3a7-458c-8e3f-a316f81d65b0
.krem.com/ Name: __gads
Value: ID=843597edcd88eea1:T=1663018651:S=ALNI_MZYWZSTJysn7YFTeP3wr4tRISYe6Q
.krem.com/ Name: __gpi
Value: UID=00000969e70febff:T=1663018651:RT=1663018651:S=ALNI_MZBVDtQn4ayLjs9MasmKMlbyxHwpQ
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16100%3b%24o%3d11100
.dpm.demdex.net/ Name: dpm
Value: 52091606829899646490071552684220749431
.creative-serving.com/ Name: tuuid_lu
Value: 1663018652
.adform.net/ Name: uid
Value: 8514218752795873796
.smaato.net/ Name: SCMaps
Value: 807ffc0a
.openx.net/ Name: pd
Value: v2|1663018652|vMgakWgyiK
.rlcdn.com/ Name: rlas3
Value: I5d2rpMmL/7PODzqkN5OWhPMfQ8xbjKn6VjXsY6Wk4c=
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwULIyNDMzMTKyMDI10lEyQuVamKDyTYxR%2BYYGRigitQCm9hBw
.contextweb.com/ Name: V
Value: lC1EXI0aD2CU
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: e8549da5dae2431d
.emxdgt.com/ Name: apn_id
Value: 6740448256026770921
.casalemedia.com/ Name: CMRUM3
Value: 41631fa69b05a0&ce631fa69c05a0&58631fa69c05a0&03631fa69b05a0&2e631fa69c05a0&6f631fa69b05a0&0a631fa69b2760&51631fa69b05a0&b0631fa69b05a0&39631fa69b05a0&0b631fa69b05a0&e6631fa69b2760&5a631fa69c05a0&2d631fa69b05a0&04631fa69b05a0&49631fa69c05a0&27631fa69b0b40&82631fa69ca8c0&f1631fa69c05a0&12631fa69c05a0&11631fa69b05a0
.casalemedia.com/ Name: CMST
Value: Yx+mm2MfppwA
.gumgum.com/ Name: vst
Value: u_18e435fc-de53-4181-ae1e-b0281e1f6b21
.postrelease.com/ Name: visitor
Value: 1b01c2e2-c056-47f0-bd84-7b927b71d75d
.postrelease.com/ Name: status
Value: 1
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 2cd94cdce8622194487dee318fca9541
.yieldmo.com/ Name: yieldmo_id
Value: g5c47e482220f4b99717%7C1663018652256%7C0%7C
.undertone.com/ Name: UID_EXT_57
Value: Yx-mm5QnmBUL-GN2KQ84mgAACp8AAAIB
.adsymptotic.com/ Name: U
Value: df549f10a127003547161493242c2907
.go.sonobi.com/ Name: __uis
Value: 5c63b8fc-35f1-4969-a16b-e4efe07de565
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-1a2f2bc6-a0f2-4bed-b2e7-72ecf0af5216&KRTB&23011-1a2f2bc6-a0f2-4bed-b2e7-72ecf0af5216&KRTB&23355-1a2f2bc6-a0f2-4bed-b2e7-72ecf0af5216
.eqads.com/ Name: EQUser
Value: UID=f1e6158a-1670-4d87-b171-a5aace421b3e
.company-target.com/ Name: tuuid_lu
Value: 1663018652
.company-target.com/ Name: tuuid
Value: db5134fa-0dc4-48c9-a4a9-d7b7f741ac8c
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2048a4f5-3927-4145-6ee3-6f65d92e9181.UtKbRxhXdOyuCti7Dc98nmBwMofCGCYIPHVYEraeW%2F8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AIEik9TknQUVu429l2S6RgZU4mbU.ZqJGIezGBU2hnQfyOXuIB9hEGYvUdujJcQrtHcYhErA
.mathtag.com/ Name: uuid
Value: 3374631f-a69c-4f00-8548-033a1286fef8
.technoratimedia.com/ Name: tads_uid
Value: 5B9D3ABC77CC43EB96F43F52A5B43722
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220912173732-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AAD2TU7GP00AAA3VYLki2w
.pippio.com/ Name: pxrc
Value: CJzN/pgGEgQIAhAAEgYI7OsBEAA=
.deepintent.com/ Name: CDIUSER
Value: di_ded8d05cbe0549d4aaea1
.quantserve.com/ Name: mc
Value: 631fa69c-5a5b3-c7283-ce015
.acuityplatform.com/ Name: auid
Value: 692474668868
.tapad.com/ Name: TapAd_TS
Value: 1663018652436
.tapad.com/ Name: TapAd_DID
Value: 1ae18a8f-69ba-4fa5-9048-7e4f69043c66
.linksynergy.com/ Name: rmuid
Value: c594603f-d022-48aa-bb8c-dcd229c131a5
.linksynergy.com/ Name: icts
Value: 2022-09-12T21:37:32Z
.turn.com/ Name: uid
Value: 2435504376283644868
.media.net/ Name: visitor-id
Value: 3060202521454932000V10
.media.net/ Name: data-sov
Value: FTkxeLZHR3PtEe5nScqbdRwo~~3
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yw~274l:1969~274l:17ot~274l:18y3~274l:175w~274l"
.undertone.com/ Name: UID_EXT_55
Value: $UID/06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341
.outbrain.com/ Name: obuid
Value: 60e0eebf-9195-4fe8-b87f-b25f321b7c2e
.dotomi.com/ Name: DotomiTest
Value: 7e463e05fee20fce
.360yield.com/ Name: tuuid
Value: d74363b1-8cf9-47f7-9dba-f66faa471ed2
.360yield.com/ Name: tuuid_lu
Value: 1663018652
www.krem.com/ Name: _lr_retry_request
Value: true
www.krem.com/ Name: _lr_env_src_ats
Value: false
.openx.net/ Name: univ_id
Value: 537072971|a2c2f461-deb4-4461-8898-1773ade8bb97|1663018652750455
.mfadsrvr.com/ Name: tuuid
Value: 82fc2787-d2df-4446-b5a8-955c797c6821
.mfadsrvr.com/ Name: c
Value: 1663018652
.mfadsrvr.com/ Name: tuuid_lu
Value: 1663018652
.lijit.com/ Name: _ljtrtb_43
Value: QpOyjRWWuohZleLeFpOuiEOSu9hZw-bbRZUMqZQ1
.lijit.com/ Name: _ljtrtb_2
Value: 0F544501480B4ED1A98BD63E61B44B8D
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GTuk(+LP!]tbPl1M>e)ZlrFUfJ+tGXxomQ08GkL^'86c4ZJcU)$0>:9xux_K@!>x*<O/3If)y3KL9D3I?+``QSBq
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAF3WaMSvO5RwMGhflSAAAAAAA&KRTB&22713-AAAF3WaMSvO5RwMGhflSAAAAAAA&KRTB&22715-AAAF3WaMSvO5RwMGhflSAAAAAAA
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.teads.tv/ Name: tt_viewer
Value: bce2f294-82e5-4710-87c0-23a58d28b176
.lijit.com/ Name: _ljtrtb_84
Value: c:cde53036af8cde50fd4a619efbd06ce7
.lijit.com/ Name: _ljtrtb_80
Value: L7ZAD86L-U-LLYM
.ads.yieldmo.com/ Name: ptrrc
Value: L7ZAD86L-U-LLYM
www.krem.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22a2c2f461-deb4-4461-8898-1773ade8bb97%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-08-12T21%3A37%3A32%22%7D
.ads.yieldmo.com/ Name: ptreps
Value: AAAFnXOksiUFIwNgKSJ4AAAAAAA
.ads.yieldmo.com/ Name: ptrpub
Value: 0C65799C-ADAA-4108-A890-30B257FC431D
pool.admedo.com/ Name: tuuid
Value: 421d6941-3751-417a-beca-0d44d2588bea
pool.admedo.com/ Name: c
Value: 1663018653
pool.admedo.com/ Name: tuuid_lu
Value: 1663018653
.ads.yieldmo.com/ Name: ptrmf
Value: 82fc2787-d2df-4446-b5a8-955c797c6821
.lijit.com/ Name: ljtrtb
Value: eJwVyrEKgzAUQNF%2FyVzhpXk%2Bo5shOkVEi0izqUmwpVA7SCml%2F964XS7ny86sYFCniClwlKCw0rzMpdIkKuIKUUnNTkxCdCazpZZkkiEx5tocG%2BNeisX5VICgKcgjITiciOc%2BzA5o8VmUKKLstvZz78dxf6724Y2vt3a%2FVe1lz1f7Tua5t0Pzsh1nvz9S6inM
.lijit.com/ Name: _ljtrtb_42
Value: 38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a
.mfadsrvr.com/ Name: ssh
Value: !taboola,1663018653!yieldmo,1663018652
.emxdgt.com/ Name: dt
Value: 255
www.krem.com/ Name: cto_bundle
Value: slaj619IWFp4M3V1YVc2SmxQa0ZaOHRaM2tuJTJGd2Z1VzZYVFQ0TVpiaGRJbWg0dXlCeTRKSkh3N01QdkZhenNzZ2ZQVDllYm5sdU03RUpudDVwU2NZcEJvJTJGZEdMQUNjJTJGbG1uNXpvSCUyQmFDSk5VcmdOck11WWlwT2R6QmslMkJUN2xnbk5LazY0dVhJaGtkaDVYbmZoMjFBRjRMMHJRJTNEJTNE
www.krem.com/ Name: cto_bidid
Value: uLdVTF9vaHlMUnU3M3pxaFFoOXdMeGN4ME1jU0ljY1RyNzlFamhacGpFYXhBRUxjOFU5TSUyRjV5VjZHdiUyQnQ4USUyRk5SbWJUalNPcXVyM0xDSGlSS2JoZUdqZnU0UUtvZFAxJTJGdVVvNyUyQks0THZBWVRWOG8lM0Q
.undertone.com/ Name: UID_EXT_53
Value: 0C65799C-ADAA-4108-A890-30B257FC431D
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1g2g|4is.0.CAESEPd-Cw2z8kyP5TWwqyb-Jvk|7TY.0|2N.0.AAAHJavbwZXOfwNcIrFdAAAAAAA|3oy.0|7bq.0.1|5Ql.0.38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a
.omnitagjs.com/ Name: ayl_visitor
Value: 96eaaa2b875b12e5fc2e0079512c261f
fksnk.com/ Name: AWSALBCORS
Value: GzgCnfAooJrK8xHoUajEOAqkd4mh9dib2t+EGDD4b+Y2/QYjVRi/Pm7/R8aBqHFWdIf67OCm1N5oTj+gYIq4L/DeaMaa0tM/qSTqyIwJqt4O9pNL3GcMSJhpmjy+
.fksnk.com/ Name: f_001
Value: 3F2DCCED20AAEEE0
.fksnk.com/ Name: g_001
Value: 1
.blismedia.com/ Name: b
Value: 631FA69D346A22D501B0272FBLIS
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-840b9800-7fd1-40bd-a695-2bd7ac05ae93
.smartadserver.com/ Name: csync
Value: 107:38146b3a-e84b-4e20-994e-1419cefdbf71-tucta192c1a
.tidaltv.com/ Name: tidal_ttid
Value: 4aa5613a-cd04-4577-8dbc-9eb172d247c1
.rubiconproject.com/ Name: audit
Value: 1|SmaMeOWyAvWWWeQ1pP0wwLqwqPrhPM3pBQNQr3iTnQfWaDs14xzbSEuAd0vidiiGfgCauxy3hRtCqQ3+tQhlLHMDvubSxZCG2MOweBw0EYqx+lJQzvbc5TLPgIxnOLeOlGhCrCEMOXc=
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjK2sDI0sgAAE90PhwkAAAA="
.scotiabank.demdex.net/ Name: scotiabank
Value: 52091606829899646490071552684220749431
.krem.com/ Name: _pubcid
Value: 2a1b6c53-0dd9-41a1-8683-69b7f0eaf9e0
.id5-sync.com/ Name: callback
Value:
.socdm.com/ Name: SOC
Value: Yx.mncCo8YMAACrR0IgAAAAA
.adx.opera.com/ Name: UID
Value: c51dcc3399464d3fb89f11f9df73f58d
.id5-sync.com/ Name: id5
Value: fc2f1bed-3988-4c36-b5da-d705ebeeba1d#1663018651027#5
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yx_mngAAJ4ujOAAE
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22141%22%3A%2220220912%22%2C%22142%22%3A%2220220912%22%7D
.quantserve.com/ Name: d
Value: EK0BGQGKJ4EO-TC_vLEJ9AA
.mediarithmics.com/ Name: mics_vid
Value: 29200825567
.mediarithmics.com/ Name: mics_uaid
Value: web:1:28e64045-23d6-44fa-84a5-f1d3880da3e5
.mediarithmics.com/ Name: mics_lts
Value: 1663018654741
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6740448256026770921&KRTB&23339-6740448256026770921
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_ded8d05cbe0549d4aaea1
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-BIle6FOMVu0fjw67UIlC7QWIV70f2Qq-A493HM49&KRTB&19420-BIle6FOMVu0fjw67UIlC7QWIV70f2Qq-A493HM49&KRTB&22979-BIle6FOMVu0fjw67UIlC7QWIV70f2Qq-A493HM49&KRTB&23403-BIle6FOMVu0fjw67UIlC7QWIV70f2Qq-A493HM49
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-06ea0601-d0c8-4906-a00e-3cfab6c87890-631fa69b-4341
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-IEik9TknQUVu429l2S6RgZU4mbU
.fiftyt.com/ Name: fifid
Value: ef49244b-0d59-4074-6e98-ab4c9caab7db
.fiftyt.com/ Name: cs
Value: MTY2MzAxODY1NHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fHj1kZFZSqrmbjGmSWtszGQ50J2F5lLjTduC9OLlWA3R
.agkn.com/ Name: ab
Value: 0001%3AS6oFOUa%2FVqyMW%2FbBaR37Ns6Qc9t1%2F2Kr
.semasio.net/ Name: SEUNCY
Value: 35156E052D404DB8
.adgrx.com/ Name: ADGRX_UID
Value: 1d49be3a-32e3-11ed-94f2-677f45bc236b
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_db10aaf7-f2cb-45a7-8792-228a2ed7fc3e
.fiftyt.com/ Name: fppm
Value: 20220912213734
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.id5-sync.com/ Name: 3pi
Value: 464#1663018653128#1540550803|2#1663018652010#357326468#6740448256026770921|434#1663018653511#1201127412|18#1663018654849#-1195528640|3#1663018652469#717373119#20d5631f-a69c-4400-9e92-25efa6b072ff|501#1663018654849#-1343667499|264#1663018652800#1629369640#a2c2f461-deb4-4461-8898-1773ade8bb97|136#1663018654097#1602424251|108#1663018653917#-397809965|429#1663018653685#268869360
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-1d49be3a-32e3-11ed-94f2-677f45bc236b&KRTB&23275-1d49be3a-32e3-11ed-94f2-677f45bc236b
.mxptint.net/ Name: mxpim
Value: R1B331_F61CC78F_5FCF8828.1.0000000000000000631FA69F
.go.sonobi.com/ Name: __uir_i5mm
Value: 1
.go.sonobi.com/ Name: __uin_i5mm
Value: 20d5631f-a69c-4400-9e92-25efa6b072ff
.go.sonobi.com/ Name: HAPLB8S
Value: s8712|Yx+mk
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B331_F61CC78F_5FCF8828&KRTB&23092-R1B331_F61CC78F_5FCF8828
.onaudience.com/ Name: cookie
Value: 18079856de350778
.onaudience.com/ Name: done_redirects161
Value: 1
.onaudience.com/ Name: done_redirects147
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1663027200%3A174%7C1664150400%3A219_197_221_226_228_201_236_245%7C1663545600%3A164_248
.pubmatic.com/ Name: SyncRTB3
Value: 1665532800%3A224%7C1664150400%3A22_231_166_234_96_222_71_240_176_8_48_204_249_239_57_55_3_104_54_21_13_5_189_81_220_99_56_243_233_7_178_165_238%7C1664236800%3A35%7C1663545600%3A223_15_38_2%7C1668124800%3A69%7C1663804800%3A63
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBQUx0LRaumGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUFMdC0Wro90aGlyZFBhcnR5VXNlcklkIfuANvpCzEMlAUFMdC1ynEQlAUFMdC1ynEUh+/uGdmVyc2lvbsL7
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8514218752795873796&KRTB&23263-8514218752795873796
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-692474668868
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1663040255365
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY2MzAxODY1NDc3MywiMjQiOjE2NjMwMTg2NTIyNDQsIjMiOjE2NjMwMTg2NTIyNDQsIjM5IjoxNjYzMDE4NjUxODA5LCI3IjoxNjYzMDE4NjUxODA5LCI4MCI6MTY2MzAxODY1MTgwOSwiNjQiOjE2NjMwMTg2NTUzNDZ9
.onaudience.com/ Name: done_redirects109
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCOaS94OhxIo7EAUSFQoGY2FzYWxlEgsI-NCCiaHEijsQBRIbCgxzaGFyZXRocm91Z2gSCwiO1cyJocSKOxAFEhYKB3J1Ymljb24SCwiw2YKNocSKOxAFEhUKBmdvb2dsZRILCLrCgo6hxIo7EAUSFAoFdGFwYWQSCwiY_YCjocSKOxAFGAEgASgCMgsImPWD0LfEijsQBTgBWgV0YXBhZGAC
ads.playground.xyz/ Name: connect.sid
Value: s%3AWsLfd3Eb84Yldvee0KAFRc0KVRq_1fgm.hgf0hDY1dhvMDSszM0vv1N2ewEAm9IC6HnxKuI6n8sA
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005%22%2C%22nxtrdr%22%3Afalse%7D
.w55c.net/ Name: wfivefivec
Value: a6VH6ePW1OxR7x5
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7163050551832802892P
.owneriq.net/ Name: pmc
Value: 1
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D611ce75d-8544-458e-85a7-222fb4eb17a7
.bnmla.com/ Name: rx_uuid
Value: 611ce75d-8544-458e-85a7-222fb4eb17a7
.bnmla.com/ Name: rx_maxage_10738
Value: 1664314655
.bnmla.com/ Name: rx_sspid_10738
Value: 6_170
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-f85aa32f-15ad-48ee-967f-eeda0b87f821&KRTB&23340-f85aa32f-15ad-48ee-967f-eeda0b87f821
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-Iuo35QDap
.w55c.net/ Name: matchpubmatic
Value: 5
io.narrative.io/ Name: io.narrative.guid.v2
Value: 1d9ce560-32e3-11ed-90ee-126ccf625bfb
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6141
.tribalfusion.com/ Name: ANON_ID
Value: aQnv7yo0P8eCmTN83MFZdWCg0QLHJpR6WnnQEnf4CUfcf2nMG90WNHhOlPDKHC42xLyf61DLuZckooX6f7VGRGshQhNSx6kN3GvOkQYtcB72yEEHZbR3rMb
.inmobi.com/ Name: idsp_c
Value: b757b3fd-5c48-4f82-8ee8-ea2d7cbe9229
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEpOsTRJTklOtTAzMjK0NDGxME9JTTU2tEhLTrQ0NTFkAIJk%2BWXzQTQUAABaZAq3"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIll82H0hBAQAVrAHI"
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005&KRTB&17107-RX-aa4e4e25-838b-4a7b-b968-928038c26e99-005
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:a6VH6ePW1OxR7x5
beacon.lynx.cognitivlabs.com/ Name: UID
Value: c1e1ad06-4b31-457d-bdc2-5fe9932fe205
beacon.lynx.cognitivlabs.com/ Name: ss
Value: x9yzFS5JGudStVIvEMqYVkQZmyDdEjpIlExvfiQcsbrRAkWpUyrU%2BBu3lppOWqekLTGXNGx7CynR8DrKMcjIKg%3D%3D
.krem.com/ Name: _cc_id
Value: 2cd94cdce8622194487dee318fca9541
.krem.com/ Name: panoramaId
Value: afad73d82eb9e17e5570a6e38f5a16d5393898b17612b8b68700dd793c54f5c1
.csync.loopme.me/ Name: viewer_token
Value: cdb443e3-7289-4a3c-92e4-b629edc00256
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7163050551832802892&KRTB&22521-Q7163050551832802892
.pubmatic.com/ Name: PugT
Value: 1663018655
.adsby.bidtheatre.com/ Name: __kuid
Value: 071774bb-d327-4273-a3dd-56debf77e4fe.432232655
.c.appier.net/ Name: _auid
Value: VCRczv1jBNucJV6jn6YfYw
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-VCRczv1jBNucJV6jn6YfYw&KRTB&23130-VCRczv1jBNucJV6jn6YfYw
.krem.com/ Name: panoramaId_expiry
Value: 1663623455908
.krem.com/ Name: cto_bundle
Value: Om0tjl9WMVRLcVBmTDAlMkJxQUNyRzVzNCUyQlM4M3hnS201d1o4bmZteCUyQnNRJTJCMCUyQjRwMW4wMEl1b2dLNFhXZFdJNyUyQmlxalY4VXBoelhwbmslMkJLdlRKbGclMkZZTUNWWmVmdVQ0azgwbXlSMW1tbklCWXM2OXBlYTVJMnVSRmxINFdpdEVERGhEaVBZMElqamZ6SFU3WjNvOUpqOTVraEpnJTNEJTNE
.www.krem.com/ Name: cto_bundle
Value: Om0tjl9WMVRLcVBmTDAlMkJxQUNyRzVzNCUyQlM4M3hnS201d1o4bmZteCUyQnNRJTJCMCUyQjRwMW4wMEl1b2dLNFhXZFdJNyUyQmlxalY4VXBoelhwbmslMkJLdlRKbGclMkZZTUNWWmVmdVQ0azgwbXlSMW1tbklCWXM2OXBlYTVJMnVSRmxINFdpdEVERGhEaVBZMElqamZ6SFU3WjNvOUpqOTVraEpnJTNEJTNE
.krem.com/ Name: cto_bidid
Value: jVYsRl80MnhTdG12SnlzJTJCQzVGMjRVZ3hsZUhCMyUyRnJPUUlka2IxWCUyQjglMkJGYTF3YjB5c0JyVHhnSFZYWDAxYzh1TlF3dGdpT3ZXOGt5azJ1N0ZaUU52Y21ZNVVmOGVvTzFtVGQlMkZRU0xhZFVzTzJFbEElM0Q
.www.krem.com/ Name: cto_bidid
Value: jVYsRl80MnhTdG12SnlzJTJCQzVGMjRVZ3hsZUhCMyUyRnJPUUlka2IxWCUyQjglMkJGYTF3YjB5c0JyVHhnSFZYWDAxYzh1TlF3dGdpT3ZXOGt5azJ1N0ZaUU52Y21ZNVVmOGVvTzFtVGQlMkZRU0xhZFVzTzJFbEElM0Q
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmZsYGhhZmpkbGjUJY7gmxsZmAEAAxBvkiAAAAA
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.pubmatic.com/ Name: ipc
Value: 158355^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F181%253Fgdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253Dc334e879-c81b-40a9-83e7-1a00900a3b88%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly94LnNlcnZlcmJpZC5jb20vdXNlcnN5bmM_dHR0PTEmc3JjPTImY3NwaT0wJmNuPTYyOTQmc3B1aT0mZHB1aT0%25253D%2526uid%253D%2523PMUID^0^0
.pubmatic.com/ Name: pi
Value: 158355:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 9
.pubmatic.com/ Name: SPugT
Value: 1663018657
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.colossusssp.com/ Name: gtm_usr
Value: 6ace4f04-dc3d-4653-8c3d-6ef7c5dceeaf
.colossusssp.com/ Name: lmg_r
Value: 11
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.casalemedia.com/ Name: CMTS
Value: 393

47 Console Messages

Source Level URL
Text
javascript warning URL: https://amp.akamaized.net/hosted/1.1/player.esi?apikey=tegna&version=9.1.8(Line 18)
Message:
It is recommended that a robustness level be specified. Not specifying the robustness level could result in unexpected behavior.
network error URL: https://tag.simpli.fi/sifitag/92f5ae10-79bd-0137-5653-06659b33d47c
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://sync.serverbid.com/ss/2000210.html
Message:
Access to fetch at 'https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json' from origin 'https://sync.serverbid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52462304&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52462304&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52462304&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52462304&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52462304&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52462304&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52462304&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52462304&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52462304&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52462304&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52462304&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52462304&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52462304&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52462304&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://match.adsrvr.org/track/cmf/casale
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13222
Message:
Failed to load resource: the server responded with a status of 451 ()
security error URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Message:
Refused to execute script from 'https://scotiabank.demdex.net/event?d_event=imp&d_src=203093&d_creative=176723428&d_campaign=27093947&d_placement=327003526&d_site=3375178&d_aid=6105106&d_bust=1364750635' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75674759&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75674759&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75674759&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75674759&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75674759&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75674759&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75674759&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75674759&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75674759&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75674759&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75674759&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75674759&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75674759&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75674759&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript error URL: https://www.krem.com/
Message:
Access to XMLHttpRequest at 'https://hb.emxdgt.com/?t=950&ts=1663018658710&src=pbjs' from origin 'https://www.krem.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://hb.emxdgt.com/?t=950&ts=1663018658710&src=pbjs
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Message:
Refused to execute script from 'https://scotiabank.demdex.net/event?d_event=imp&d_src=203093&d_creative=176723443&d_campaign=27093947&d_placement=327003514&d_site=3375178&d_aid=6105106&d_bust=1960405216' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=7776000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15e28e779369deefe965f5bb38f7be19.safeframe.googlesyndication.com
247a278a3953c10040512acd4e2b1350.safeframe.googlesyndication.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.avct.cloud
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
amp.akamaized.net
aorta.clickagy.com
ap.lijit.com
api.rlcdn.com
ats.rlcdn.com
aud.pubmatic.com
b1sync.zemanta.com
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
biddr.brealtime.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c.eu1.dyntrk.com
c.us1.dyntrk.com
c1.adform.net
casale-match.dotomi.com
cdn.cookielaw.org
cdn.id5-sync.com
cdn.indexww.com
cdn.opecloud.com
cdn.taboola.com
cdn.undertone.com
cds.taboola.com
ce.lijit.com
clarium.global.ssl.fastly.net
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
cookie-matching.mediarithmics.com
core.iprom.net
creativecdn.com
cs.admanmedia.com
cs.chocolateplatform.com
cs.emxdgt.com
csi.gstatic.com
csync.loopme.me
cw.addthis.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
e1.emxdgt.com
e6bc8f15abc13b07298a6aace170cd1d.safeframe.googlesyndication.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
geo.privacymanager.io
geolocation.onetrust.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hb.emxdgt.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprnjmp.taboola.com
io.narrative.io
jadserve.postrelease.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
livevideo.tegnadigital.com
livevideo01.krem.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
matching.truffle.bid
media.krem.com
mug.criteo.com
mweb.ck.inmobi.com
native.sharethrough.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partners.tremorhub.com
pippio.com
pips.taboola.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r.casalemedia.com
r.turn.com
r3---sn-t0a7ln7d.c.2mdn.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtd-tm.everesttech.net
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
sb.scorecardresearch.com
scotiabank.demdex.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
server.cpmstar.com
services.brid.tv
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-pm.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.colossusssp.com
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.serverbid.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync.tidaltv.com
t.adx.opera.com
t.pubmatic.com
tag.simpli.fi
tagger.opecloud.com
tags.bluekai.com
tags.rd.linksynergy.com
tags.tiqcdn.com
tegna.profiles.tagger.opecloud.com
tg.socdm.com
tgna-ux-east2.service.signalr.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-match.taboola.com
us-trc-events.taboola.com
us-u.openx.net
us-vid-events.taboola.com
usersync.gumgum.com
usr.undertone.com
usync.vrtcal.com
vid.vidoomy.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.fiftyt.com
visitor.omnitagjs.com
widget.perfectmarket.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagservices.com
www.gstatic.com
www.krem.com
x.bidswitch.net
x.serverbid.com
yieldmo-match.dotomi.com
yummy.consumable.com
hb.emxdgt.com
match.adsrvr.org
sync.inmobi.com
tag.simpli.fi
104.117.182.178
104.17.119.107
104.18.18.126
104.18.19.126
104.18.99.194
104.36.115.109
104.36.115.111
104.36.115.114
104.36.115.121
104.45.178.220
107.178.246.49
107.178.254.65
108.139.29.89
108.139.47.108
124.146.215.43
13.225.214.104
13.226.39.98
132.226.41.106
135.148.35.200
139.162.78.222
141.226.224.32
141.226.224.48
141.94.171.213
141.95.33.111
141.95.98.70
142.251.35.162
142.251.40.162
143.204.146.27
145.40.88.5
15.197.193.217
151.101.1.194
151.101.129.44
151.101.193.44
151.101.66.49
159.203.145.121
159.65.197.210
159.89.246.130
162.19.80.92
162.248.18.10
162.248.18.11
169.197.150.8
169.60.66.35
172.253.115.155
18.158.221.162
18.164.96.81
18.210.205.140
18.211.160.120
18.233.161.105
18.233.196.70
18.235.231.13
184.50.205.90
185.167.164.49
185.184.8.90
195.244.31.11
195.5.165.20
198.148.27.139
199.127.204.142
199.187.193.166
199.187.193.179
199.187.193.204
199.38.167.129
20.127.253.7
20.62.59.39
2001:4998:14:800::1001
207.198.113.89
209.54.182.161
23.1.200.83
23.195.108.24
23.200.168.205
23.200.168.248
23.205.56.163
23.208.216.126
23.208.216.220
23.217.18.198
23.235.251.213
23.55.166.107
23.66.203.93
23.66.228.147
2404:6800:4005:815::2003
2600:141b:13::17d7:8280
2600:1f18:1c96:4102:b9ab:f4:b89e:5480
2600:1f18:4e9:5a01:9d9d:28ed:7091:e8f1
2600:1f18:612b:4200:fd1:5892:27bc:b9b0
2600:9000:2162:e00:1f:2473:9080:93a1
2600:9000:2209:3e00:1b:5138:8a40:93a1
2606:4700:10::6816:3456
2606:4700:4400::6812:230b
2606:4700:4400::ac40:929e
2606:4700::6810:9440
2606:4700::6812:c4c
2606:4700::6813:ad6c
2606:ae80:1451:12::1720
2607:f8b0:4004:c06::9d
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2002
2607:f8b0:4006:816::200a
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::2004
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81e::2006
2607:f8b0:4006:81e::200e
2607:f8b0:4006:821::2001
2607:f8b0:4006:822::200e
2607:f8b0:4020:1::8
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:21::14
2620:1ec:c11::200
2a02:6ea0:c400::11
2a04:4e42:200::300
3.219.110.236
3.221.20.69
3.225.60.89
3.230.10.142
31.220.27.155
34.102.163.6
34.102.253.54
34.120.155.137
34.193.80.51
34.194.119.3
34.195.174.165
34.196.184.213
34.201.85.55
34.206.27.177
34.214.92.193
34.95.81.168
34.96.105.8
34.96.71.22
34.98.64.218
34.98.67.3
35.156.34.146
35.169.131.238
35.169.70.139
35.171.38.224
35.171.5.179
35.190.60.146
35.201.96.126
35.207.24.140
35.210.53.219
35.211.178.172
35.227.252.103
37.157.6.252
4.78.226.233
44.196.67.133
44.209.207.157
5.161.47.120
50.19.42.95
50.57.31.206
52.0.156.250
52.223.22.214
52.36.124.159
52.45.33.138
52.5.51.141
52.52.146.103
52.85.61.121
52.85.61.128
52.85.61.52
52.85.61.99
52.94.222.140
54.163.73.10
54.166.55.230
54.225.153.167
54.230.160.93
54.36.150.183
54.84.62.20
54.87.127.173
63.251.114.137
63.251.114.182
64.202.112.31
67.202.105.23
68.67.160.137
68.67.160.186
69.12.8.74
69.166.1.10
69.173.151.100
69.90.254.78
70.42.32.255
72.251.229.176
74.119.119.129
74.119.119.139
74.119.119.150
74.121.140.14
74.222.140.101
8.2.111.121
8.28.7.81
8.28.7.83
8.28.7.84
82.145.213.8
88.214.206.142
99.84.119.113
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
0103b84ff47702d572a411f057b22b0668099e9af340d061955cb31e63d52068
010e128b57dec050c1a5a238e8d18f42ba3b66f4fc52cc83cdd392c230263544
0132527390be1574aa87ca893255bc9e782492897b2b9c861c5ef8c1b195ffc3
015f5facb5e29c35243f30c95568cd386d0783b71faae2bf75e9227126fc9786
017ef5c4f597cb30f35e3e0e5c7c74f0831924f69fc0918398f63306c80a5380
017f77dad35bc8628746a941c5b85ee4fb206c73f7abd23e1503fadcfdc734af
02661fb474ed627f5e5f86213da07ebc15c57c9441846f9218bf9b865fd7f050
03d9af71b568900dac546f6a992f657bec4c67b002dd634e984c1631ffaf8398
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0463909b035639aadc65ccb6d9a6c6c206c188b62eff98b06e8fd9b049daa7b6
04a43417bd39e1b9f7f7dbfb5feaa9b80da71fcfcab584709bce2369a36b7fd9
052eb0ac1c0a953672478588a30a10b4c9e34e68c9397a211e57e458deedf439
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
057309ee1908b8030338c0e0d2dc370a40779620c7fd2c7235b2bb13d4d9a644
0582ba3aed7d649d346d34c0ce8eba8b1f6f326c7d4a80ab9bc3fa22b4a1f4e7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0891a9c5e3d016072c695fdde85edb2d2287f37d28ea2be103b0b2736df4d84a
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0ae425e275ac1aff1eea26ba5a42598c56a87aa2738d48486ee4319dcb636a2e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b1c78ea77abb193e20a2aaa70cb3bd563b60e94b3e033405b99a6a05b95dfad
0b24de91d4697e55dd002f6f0ac1049206eb08b382cccf155d962ef9363888cd
0b25d2365d56e3ef3366a047d66648ffd645ddd91b3cd78d7d15ec2187b6edf8
0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c90efb5cfff5e985fccad4309b7ccf7207c217773975ccf9d6f9983dcb6a992
0cc554a1074b21476a1c5183f8d58a59cc61e18fc32c99b3df2c3048a56e1cd5
0ce94b0ceedc1ebdd63aad9ead608cb9c165e6b96450e6554ed6c063d91c4268
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0db1445b4d8edbcfee6abb667462954bd263c93ace94daa57ea5af2c751b0e60
0ddc7e5655ecdbc13976ff2cea2e8d9b03c3c19799aea8192023c955c390890f
0e5ecdc767dab401677a88743ed088fcae15b6670aa22ec28cad585cd5da876d
0f5c16bd3d388a235c72c2305e4730db931061938926ac7e43aa460b6d399a18
0f9d990667b5952791aa09f73d59ba739faebb4a8e7ae88d7346612056efe507
0fd4fd72dced22d2465a4108522f4aed9d06b387c43db0673ab40ca6ff57583b
0ff1cf96f2ba3eadbc1478a2b03735a2c4fc8a38ebd269a541faf5d8e62f67b2
101917a8e7bbf5a3b3efa6b55482953cd2b66244d18826544fd265cc9ea9760f
106beeb3fac4077adf9c3813ab56befd99a44fa7e93f8fa4f58d105588af6ebc
11d3349b2591191c58109aeaeecd79f850f2e458761a430ab6bc0fff45ff9b1d
11e9a4537ecd77e88b370181e85f35beb65df2ad974b3327a760e3bbcf3e7622
1201cda3c05b0b9cba26561b85fdab43d24dba74960330269610d0553906618a
12697aa1952cfecf1b14ec7218624f5105f343a1a2197c1cb61731cf7ef94eae
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12eaf12ad06a7495a5b4a115419a07496ffa59392719ca44fe14e5dbb55fc494
130df041e3d67a527400e41e269b62264c8fed52386af02522381857a6d3045a
13d55cb1948ab33d0b0af34727c3ebfd303653587da015db61566b5524259868
15857098a96a58a932231103f7e70f23f14ada491a869792a8c237b99a5055b9
15bd480f990312c30a7f518d43e3077f88e5bf911217582761f56e26f668c491
16235d26a4505b22b5b62c524f5de5daf63ab483046da51209f5eae79dbe6317
16287c07f35268fb897e577030d1eb97359b16253d67fcc74fe8f9fa393a683e
16f4c9b7e8034ebc491786b863309b794c6ac9b0da67daaa9e9d142c8d68b89b
17af77bc8a8c4df507e1e323baa8086b2cbac1543b4c0a0ba0c54e4f7477712f
17b6c419a7f65afd0e75266dcace486b79ceae9242177feaa960dda92816c4cb
181de6c0732b19c40bb433dfa1cfa2a0167a8e83f2ae8a642e7111469361e39b
1840ab1d48297c8d9eb95c59ec03d554ad6ae128ff431cdfb2122b347bae29a8
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1885898359398d90bb99d5aed959fba805f143cd1474253531a5298f58eb53c2
1960dfa70c257a068b526c07ffcbc502e0464e5567e2d0720db48e3ba86f4a39
1a9a2cd7d5b940f50e36e3f90ccabc76bd4d8d816514fec93ae2f80775d721e4
1ae14c2460103283ee523fd0fc9de22885eb3fedc78d4bcddcb0e50e5fea49dd
1b7c00d19a3d05ae9cc1442d4ad09319c131495ceb20ecca91712e915b75f60b
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ca898c0294069400fc7567f695c5a398502971d27bae4f44e4020ea21119436
1ce37d389247ef0d835c3ad5f3c4dc5e6a590bdb9097daea20f914118657d6fc
1d516b466e5be3aa441eb4c15a3053c21c5ef8785c2cf897a1aa8f026914497c
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e0b6cd8f19796f49ad00b8fcf4f5cfa427778fd111a0ddd365cc19123c0f1b2
1e4618167c3126036486a0b859b6a9682218284d7db3bbe062f0044b62375963
1eb4932342710af98fd136bc59f1a5ddbabf83019ffabf74775c83a531a8a53c
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20cbf3399bf25d45cfa18b3b3eeb4c4999772145926cbf9f462713327f619d76
20d23ba20cc59ab7945552b0e03ed0f7e5f2e548e546fee028a4db0cd6ff41f2
227888aff947abc754cd2cbdca5d2dffe93024b7419d83aeaad82628043fe34f
24640a5b760e5fecac2d53f71a149d1d1ec52e23f6460f6111c400ed0c5bcf9c
253d9f8f590d4a7587f9ea63e6a1ec9a58800359dfb311dbf9d793bcfd46b128
25c5394beb45020f49ad44bc5155d759849739bf10197ef0375082e59cf1abd7
268eff897f61eb7cdeecd646808d25b9a6630646943426ee681eb37ce271e58e
2736ed3ceff4234abe41c094fd96ff44fcc4b27e42479fb1485ba931bad90f2f
2774640b1d27c3aa4e178db75e4a77fd9ae7d9b01fa15e29de0a05bc21d3d829
293561fc09e4ff39e90c2020da189e45ed82adf4494832bf6de0e3a227c27b85
2a536619d5ea5e13d08259acd4e46d5e829f8e2e3935b0d9003b9b36d1589725
2a8127e877302f5c80b8336461578a57fd620583b577732f1ab3adecc64bda89
2b843bc230f7588da4a22cdc8cb3af85c71b9c5406e57fe71aa07084b30f5141
2bb43f2b5ebee89480723c12e775778897acf6a62060d2a264179866b390d46b
2bce58b585870033e6cb6d0b76e05c70a999fe619b491c0b6bed8c145e316973
2c125ba7b20c741ae39f933cc99aa056fddfb3a6ffa0870148e38dc9c4930f6a
2c5b05029261606eee551b3c39e0700f3ecc65c7c2425b2b92beef8f2c73cbd0
2e80708b06d26554dcb145cf91ee7030a9a8bc3a5d0052ac33af41eae333fc09
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
300cd737387a6d27fb9a843983d280eefdac085e5f3d571cf1a9b6df1c58cdcd
30230b320ac7cc4555cb9be8a48e0fe229beb9302923e1ea41701b83d675e199
30310e3eb203e5a03b6a7e02501555707bb3cc566181ac8627e9e81ade02a350
326b995f951075c89927d0e9d2f9f4f90fed4926917493cf594456ed76ed786a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32cf13edc1a69ec61c012aa967cb0c134e07871e3c0a9afe86450b6dac76a868
353a4268a37810e1a3b66ebdbeefc3cb7f658794a00fbfa1c9928dc8c8405837
3666d5209429989a9db547d3ba2aee96e0f30324adc64c147b860db83506446d
36a56fb6fed7c6450e9d1197e028a37c969fccd9dcff8e92acb10aa6a810a5ac
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
378e1c7c4538c733361b1696b59c0d0d8e75d63bb623ec4ea194b71c1a3e2854
380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8
383cc7b48a111e1cc1da508a0f4c8f0a3dfce255a83328a76d68932d0bbb7b41
386e08926e85388128306dc6f745a0fbe176538d2f7706701ba482d36330372a
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b74e688e7c657a53478003583dd789e4a5ce35161c3f62b80745fe730b77bbb
3bc0dd306dac14893dd794c144d782457ef72d75c38d1173779e5e8f1e0f0aad
3bfa6188735c1e0ef795f5ec5020e6d6fca4a04ea1bcf0c553206997149130ff
3c0ac1710b6e620353a4a4243b9d0752f30b1218fe847d4c3a34c2bf35d80a36
3c91c9064748c1a4d94ce2d7dbbbc930aceb7f147bbb9faf94fbaef4a39dba20
3db6bc8ca6a59cbb02cc8915700cc1c30af7594d83cbc2bcc97050dc1480a548
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ea6cf67c3849fb713c3db5105450af0e75c3aae9bc4d61003dc9ce640df14a7
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe8deb171562b11143d389c936de259b6231ed7c3f85b858da26922d56ef112
3ff08ac0fc82bb0dcb472234e6bb22fcd57bf42d87cd5585c24f559efd5b87f3
4063ae133c3836b3ba43779dc6b030a3e44c0e7396b7435bd102947218745ef7
41a7af34c3ce11b82aae8779426043729cca067fd28f9df87406c8b65857f278
422dbed7023e12248a74425e3d7c0f71c38537554a5d84dff9561dfaf588b116
423576d0784c7f72dc8ee510894066a067b3c05f7c61040e39f4a6d81a83b966
42563be911565fd363167dff5b610f5ee8a1906d1a8f6a25ec9e4f7183ecf240
4259fe0dc98975565d11468ea0df376ac6de525f688f94bdf544ba11cdc51929
4281efa565e747bed4667e597cd0b06f6fef52812d7e461abf17cf4e56cea969
42f24d190e5092cebfdc91a9c341155e2cb2bbfd4c2db493cff8d619c937ecca
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
450864390e43d79760eb4436197835e87c2beddecc6ed4446af02d39283a3178
4737a3f0a700f88914d3934681339c4a66bda5892eca4d5179be5a600634fec7
47c419a977696a7de547c455e8255a7fd55dbe76cd8aca12a212b1951ab18eca
487934ae454186fa5ebc9672fa64ed470a4c6e40215c271837d6730956ad8dbe
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
48cc9f8565ce9d0bd052c69334f988a131be4ad0bf65d5ecb5341ae2f9124b9c
49646ba4037f0789a2229fa3bfda2c5dcc8f2d1a9844bcab2acfbac30fa3c766
4988f3a131ed7f2d201b4e74ef5bf14ab237a421096487c9ac45b34a19404a60
4a6fea980de946f4c2504676c6a402e6dde845b1915a23845d70b5de03af0222
4ae607602dde3f97af0951b6c1ee7ea9eb06ec6b4e9d89fe9065db8c9ccd4087
4afae613dc7eee833a9bfef326bb8ebeaaaeda3ca7f8351728703451effc6ebf
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c20bc28949a1dc2afc610d5b1b6168ca7dc9286c7467b20a73379452f6010e1
4d42580565c8f70c089e8b4b54295446c370ebbae10d6da44b74a19ce5c3f11d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef95f9ab874918e09b109be88846dd3b57b296faf7d644891a624cf6d0ef72d
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f7403a4d0c2a281f85c7aa0fb9012f596bdede4e5ce5bf8376534d61c474520
503ecba2019c7935aecb5a6322e359ec4e781280c3e700c6d2b81820fdbc1bc4
5045d7ac1910d57be36ed1da8b6c3b70afefe86b5bc3aef0c22512d94cbd5344
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50af25ed5fe0e1d378d58cc5c52f6bc5acc2a6a6a5dfda65be919d66dbe2b2c6
524cc652a805b8988047b0fba23da52e0d059e8fbd6fb24933c6bd30a871af9a
5289d36a03c73e7ae843f3fef2a2d1a13252e794def4ccf2d29a605620a7bfde
52949af69cc5933df493c061375e9b277ef2e9b74b277d8872243fbd6a0607a4
52995c7482cb8361e6abfee05a9ec892a3d85679cdcf995e7f2fe711c6ba0150
539f38cf693c655f193195e6ef2e9ce741b4fe6db080d36ccd35e9863fdb3d21
53b4361ce44891ca7652187952f7fcb88173e9fb17d370a190967211f98d770f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5611dfdb809d63de2291eb34a76f4f60372046f3b839e2e3445e22454b6e4a43
57673c38b966e684ccf1e5c51e42fbd2d6a319730a6a0bdaee3ed822770c8c36
576c69b2d66a4475f7c1e6ac2f48fe628e3045787d76e084dfcfe97562eda5b6
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
590bbe15594205acc9f80509cdf4a58ca508b086f79dfa71529b526bbd87feac
59dee9fb5c137ac06664d0610323bf40a94b268cc026cb438a0dab2608d0bec6
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a9bc1d8593b78f4b3c087c8ce9b7e5db1a56a0e0d4971696455d47cb00467ec
5bc637d23f58146dbbcbfc139302e613a40025a72da4d05ebe127e3e6f93be7e
5dbecd08aaddade91c15bdebefddf7f9300ee4110978f4907a8a1b8b1a8ff5fa
5e067459bd03478aaa96ef1ab08cfa1232562e8448770df7a149317415039ffd
5e0826ce44b9630c7fb715cf7f333d615b0d1407e088c6db2c9ec8c5ec7b69ab
5e7d0a668919264c3cf9eb290b51efa557043f86927e3acab6f606a5a572212b
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6116a3eccd508afc2aa0006a9dec8d5fd326a318d6e4064807d1253cfd65a7a3
61177542a4e6fb6521d201aa8a0fb695e642ad3d42422f69555d9af2567e0bfb
616751780735d4766cb83af8bc45d5a23fa02378437a4595b6a341c6172a998e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62dc829417192543497ddac9a07cb6bbb0404fd1f1325942a77577e3f40774a2
636a23c49febfc119a8a054f7fef768acc5f644217585af6be9eb1c1c63a1438
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
63c0b99071a06fa47b9daa07a98730e604f630bccb2f4ad0b4eae0ddd525b1ea
64751a151c60076c950a230ac692ac7ae5ccef6a53dc14ae8d57a594f4156ed0
64a623a19dccdebb046e8f2dc6828d1b617d7b7630c1bfd370bda5e0e2211e26
64aa3d7cf6937c0b7c0ea85a12036be72c3c4cfea0389bf97111548f98e841b2
67196a99b374ae5918c6196a7fcda458a81570989c2c47161b76644e86b0f28c
68130f5af465db2a91fee676da2cf20e4882de672632d70633131990990eff57
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
692888892426f3a2260fc2d189f5348fe3df95e28a0b861459996733a4049c98
6a8def63c7933cb7bf6d6102d67a2c45beff27d44153b996af4fcea64083d0bc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b17bda2d04c03d4032b97ab83a8b7d382abe88f679c7ed01e0da6e204bec275
6b1a95aed3687521fcbf654063d65a3facbe97c96c888c9016bbe8d1c719637f
6cdf359ba2260248f8a9d4f527e53d5dcd7d02d2d653c0a28907c0158b293840
6d60990bac72725f8ab3930f0ea573fc789f6006cea08e9c5ade5b6eeb134cf0
6df3647d2d3f91436d59e8e77a14d9787a5b4a6bd4f642ee238d0f6782cc86cb
6f0d170aa7a11e8408d864020ae0b0f0a15d7520ec28e0cabefb8b459b267054
6f61bde985d3c7077b89abd56a64a198a67d59427a25757d0cea9c5041541292
7040a95241334b35cc780029a4054550bad90516547c24c048d2b4d931a2855f
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
7157f95ac60255fd0b3a4313619f99df621b30aa2367b4e40c58d1829403c3f1
719014a849ea69bcab280d4f6e923f8475b9668e0a4bd8d78453e2d58728500c
71d7689112b1d50c87388ffb8c35be3de6a3e85110123063659367c635dac92e
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
73349d5e621b0170cf8703aba2b27003a7d0b52e0ce3f3ac8bae9938cfe6bbdf
7441ad18eef773549975f65ce556417437960880e120ad41d54a67fbe3b23c3d
7460031a69f2fcc14fab0019bc3ebf86afa6f89e2f8baa863c28c1b7df81b54d
74a0bb4b168036229890aaaa5925e9fb3a9da1ad289bd8fa8b147d1eed228f74
74c35f65412520f76d71f258c7d7fec748ba5b83707a5b58925cce8bdaf410ca
757ad58c6b674c76006228159758edd7b77dd30ff9cd969f54ea94bbd2c31d94
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
7668c9941b80176513e853cc25b61b81a81f80417d52b4c2016deee3935b2b05
77255410684dbbba858c6fabae907a3e8ab1b2a85e43a0ca144fd723d1400327
77ad94e21ce9e28ed1d19e345b9c2d7082e617b82455e7dd43c5aaa924e91d46
7881f09b0845aac26f2da31dae53190524c18400036eccd15402064ed7eb777b
78944548d2909bc65713ad586777137f5a3725e7eea74ae4d51b41d5edd628b8
7aab757e2070b49383573d06e611b14aef47a68f97808c4510381adf87aa0730
7af7b0b960a32440fab80ce7e62d8b0f378720ab58738c4646fbfa506b60919b
7afe6f0860db60846b0b2a092f9e90e3405af43e403de4c74669c4fe03e96f4a
7bdf563015064972e00c66737b939de852da8a782f797973da29e0e148342d07
7c9996503dc034049902e13428f941abc818f75a6257878a261acc3b2206dc61
7d441b393af86dfeae0324a8d37e868ba6de264676a386d47b77d86fb1e6896c
7d9e1b6d1ee612109da1727c68a099ddafcf60f35816b4fde211381546dc56d6
7f0c0c8dce16bb942156ecc7fc060ce5a8804228424ef17d212f86f0681f92bc
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
822b5bcc947ebe9b3f5fb324aaaa035781f66de21a2aeb0f64e376382cc9ef69
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82e9bb1dfff86eeedabdaf07efb8b973c558870fd29d7c16bca42b2764552dcd
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ccf955657d58ec18d8178ea04258f7eb133784dd4fa66bfaf0e5a20951c0bf
84407c6f08c25295974f2fd83d9c545b13644b8205d99a6292ed830f1dd355c7
847e901895ecfdfd06cac35221d75fe3685aa322f3620a35af16c88537812dc9
84d04f4f1fc8216b85979099510b562e89084736527981f167aa46e1efb4b072
85c5556d91b6ff6a9e926a8be1d139c075b2a82d2f7dbfec8ac3c501eae8c2d4
861cae0f0baa045f169177b9b6dc775cf1ddf7d64bd6fa7b71714d2e5090cc26
86320424da24f35b6e52ed0ea628ab97823c8d55da8fa27ba8ef39d7df1629e3
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8764d22dd536cad4957e261de198f79f8ad6281c94ed147e6780d7473798f6e2
87ecdfd85e154483ba32dd52e4eb8bf1f65ad92762b18b6639ce816f3676e2cd
884c527996eda6970ed2b4fde3f3e96ee90090531ade7df5e37233632249b817
886ef02ac431850954b10c96be1437cea255bfebf6d06b2cd838f7f7d7bc94f8
890c008628d90e90a391dd1d2bd5285054a282e9f129e809981fef50457d7d5d
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a8756c03828ec93bcdab97d740ac771ef827017e3ab9f35900f8ff457bef04c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b9f4c5bbbd62caf717e9c06835b800a203ae49ca9d4fedce99a42e9913c3812
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
8bf9a52323e16d44bf059fce129eed2d5c9adeae5ed1ddbf406dffa419a80393
8c2d56e955397368eef17022b35a746fe9f4e9c5674e7eb228a37a367cf26304
8d020750646e6e36a1d543e66c28b7a2c2eb8b7382693706f7112acadee39f57
8d20f11c0652bd2f3a42da8690c51a107f30e3da9f5878f098f8eb9a13976246
8d5905d56eaddfcfd2ad9010e85e0a9f26f4c83619904f720458221a3cb20892
8e28938136c1dccb0e1d076b886dd0a0b00b51ac09ed77e0591a13fb0580b3f5
8efa950be6d28aa1103053638a776ab8f2dcda011254bab316bc409018714e33
8f058db621ce232a79fb505060c5292f679acf50885ae1fd2dddc19c0c1bcfd4
8f4ad4651d303f2ba96e415554e247770276cbf7a9165d3ae1d3fd8fcaed5f41
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
91537255b9ed401cb4d8ffb0ac0a45c27664d589e267faea625cdbb620d6a7f9
922f2e6a9addce02f48cd495377a00419a47e684e37f82e43368a12eb79fc146
92411bb6cf7a2487b53b53a202a740f50ce44b1fb5aec4640969a28bbc36b091
928020bc3c73ccd5ce29c497048d8d2d75373cbc9c545d922f661f552d8be660
936ad958ff03965aa08336a732d43390793b61b62c93677a374eaf09729e3dd2
949999ff27f09352cf096e7cd2174d977228c47ae93acf6c9a63cd154633342c
94a7b143129419a6475367f2a8075f820ecef495185bb7cb04426988ee88ab6f
94b92f18e218aa64d2ef492b296eecf4d3bb3a85bc36851155b4e5113dc7a27f
952ba4adc4b70f62795f966e6703cb95a4ce7efa24db0db8123457960e7ebd08
9814ed88fecbd63a6e03dc09f197e9a8ffd60c4103b5a1b240f8804a0a8d9da4
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
993e52f75aa4cf5cba577a72078bd34de791fae9ae7e115fee8a4246c731ad76
993eb25a78e2d68a356e67b87890abecb56ff7d04c8fa84683b9b81ce7949900
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6d9b8c42ee2d9471a18e460c0fb54cd263af4cc6ff6620bbb8ec885b2e83d9
9cd45efc611f266f6124d77b4a19d3dce2f303130a499ec52e4f2e69952a9242
9d47cf99756dc667b48425736c08335ec9de9b241b6544119aea4d76698f35b6
9da7832c2738bfbc3672bb0014466ee5052534168b86813099615da3b99669f0
9ddc8427bde88dc7024989396b2908b195c3ae92640d7d3aee58b8b806827eea
9ed5a82a0d155e5c8dfa3083247c02088a3e2dcccc2c2fe1493919f9ab5d0952
9f16f0898b02a9df6ac2f9888ed88b4f63976e512e9fac22c8d468cf6877b605
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c147b11fdac151e5b3a8d2ee27dcffa51e8e5b44fabf35d717e24cbdc3e8ce
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a2cee63b50ef1b6a38cc8984bc9cd87c778b139c98d92da531ab42a93d858aaf
a33f8bfdaf0dad8862d21ddbd1b8632d93a56665a6ff11cd5b8101281d9eb291
a384d1fc7d84b2fe1b1cb470193838a86a5c72d39268aed7825e2235285b5ef7
a424ae4b920750d36ab54506a8a12071255b0526936d6dbe5a59cec1cb4c2ca3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c166f8e68b02873ac934e809004d03644d9bdc147c3f331a25564bacd1c6a8
a55a3a8954de155283c948422632dab6b33e6463b73e2ebc57273957a8f43c2c
a6cbdbab9f2d1b6844d55a59d7d9d391a33f69f2bf07e9ef93936bbe8cec78a7
a6fc122826a52466fa03f49abc2f73c6ed599d674b873f28586634371f08a1a2
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78f43446c07555ccad9cd29f5b39a3e0a7ebbebe47725066464a7a8f1b3fde9
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a8a7cf649a68c6a92ed7d7be99160e275afde928691d4fe68db2440f8a0924f8
a95965df410eb11b32a1a91c238b42336e83905c4faf7223ca321f3e78de6716
a9a4bcc10cf08203e602576a8dc2eddc2059a548f3b1f1b10bf80db47dcd5c9e
a9ae235ee3971530f38d44a8a5d156bde08d67fa2a9bd8f8dba7b21de9712371
ab4ce99d1089f759727fcc73482863736eca397c3236b905fe14cf394faa548c
ac6001a1c69c19b366fafa0a8112e1f76323a0e354abb3f27a4e0dd32538a90c
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
ad012cc891e44b578484fe9ccd9648a0866ca88f7b4d532d74a0af52f16d266e
ad0fb1c28b23d11ad0c18aa75022fefc84b22219cc92a1257de4776cf0f8a890
ad34f3ba91a2787950f4c7349509c097c10a71cb9fa663adde66c83dab8d4d4f
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
adc5ea41f01640df70c1cc7e9b956274814dca8381e58baf3ed2266d81192aeb
afd6113212463b3fbcb3643886c37ea182a8fcf755eefde72b2a7e225bd1914c
b03a82439732b9917b89d88a5aba10bc9b0a6d29723b757477cdf8b318bb8dc8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14d8bf0dbbbd2b1041768672acecd22f2d1c921179c364f979226f9e8e4bbaa
b373ba6150393be9f68785c239df92bc75b03c084d7f9a1e9116ba5a6ef23920
b3f1b1d07c61e6d33c3dd1a02d96b554f5d6868609e4950528c0c07b23b344b9
b40c12b01d7dd928361aad83fb76e10878527f3b048cd0a4a4aff3ec8b85d9fc
b41bf82b7fcf28ff777e3ee2735df3763a0424d119ce578645e32af670db9699
b4b33c0e7bcf1828b81107c8380dcb273e2aad02f134963189708d5a5321eb88
b5569fb0ef5aa9ab3e4907eee446df7f6e438d9db0a2aaa390de52c07521cb2b
b6173d6f54fba912266ad51fd3664d5729e638c7fbbfb4ffca36b2e06905855b
b6f011768d084149789c6539aa4371a66b160bcf6bbcc2070bfee3074491f0fe
b827654fd70402513d5340d5eb285bce5d9f1326dfb2fad2f76d796fa7347299
b93d936b09e1c858ab10da8d45569bd1958e5b25f15eccd52858fa2178550581
b97e1267275a452b65330a27318dae07a01fc37e1cee6f978ca33ec4206a3f6b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5334349c484ba60ba5a100be2c130f2c098ecf712e341074f908ff80a0d123
bbb749673b2dc793267b0acaed8a8db2489083aca737701da8073adf4794256b
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bc519a148d36c7106566d222724cfb7ded9c3bf637d3b12b9a8c070bc69953af
bc5327543d927f2ce35e191597bdd054b35161f3d0eca221408de0d734210844
bc5a9ac18b56bb805ff834a455a2adcffd3246377ac7720e76aa7a740ebb7223
bc902768c2ec3a51106337c1b7b7ee9d0994a21f795b879db7cd24029edd33c7
bcf53d6a19c31ebd93ac0517d1d7248fefba8e3234ced423becbdb7ecc991f08
bda56707bf20744124e4bf13fc1893819d08c2c47f9087b7e599fe45f2fa78bb
be1ccbff52cd3b34de345efe7f2168dfc039d46e35b78a491d0e275e30b2d274
be9c0db85b0ec582c023f514537652ffc57435b2e05f5b174bf0916482210ca1
c0150803dae9e3513a0c84b071f79f64c51e265a02aaf35b043c91d6897dc84d
c05064bcf2f7a1a0a4bf1c24c4a4b64eb0ecb7ea3f714368a0a7c3d88e612ab2
c1e3776e46d46ba266df8bfb2126d981d51c2077b7a480d8cc718ce5765f6ace
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23cfc9f0714dc2a044f943226120d3dad076ee293af28f24dd3da9963455aaa
c372dc88a373bcf1f00dedc239696c270978dedc74adcb49bc659a233070f6eb
c682f11f436b09c0f49e0f3c6ad3525000bec52c72754afa5692c16c9ece776f
c7a1002653530b6b1c892953fac1420baba27e0ee400a9db37479227dcf612e1
c80147784eb16cbf6cc8d19e002b849d3e344021d30364379d0ee8adadcd5361
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
caf860fd1d429962b54066e653e2671181945a89dc2b7661bcca64a5783ecf97
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cb59848b4e6672fb3b94f7ce6ee8c7f6916c0ea6110c79e1384d9a71e8ebbf1d
cbe1d2471825f42f02126ad100e6d2c9826b1518454f083c608a299b3a568a21
cbfda2d2707bbbf9d46dffaf0eaf926c08336923a9b642b9c5f75d2c4821411f
ce3d6b893ee35084b21eb263ee53f4fb6b454bfcfcac2e6e40d68f92c00a8cf8
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
ce7127c38e30e92a021ed2bd09287713c6a923db9ffdb43f126e8965d777fbf0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0574ef27ece544cf460703990b1516d5a1fec90b20505a6efe0a746d60dfb94
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1e9fbe889409754c41031bd11c912d001f6f894075e32ad2f17e2b5330c9c1c
d2601e1341a019d61d7f3b1b3d8ebcc67bcacf689f04d07c622ca25cd2896597
d2afcc83c9ccebf5a65be4b7df246cb0b3e12eda2ad01a58203e7a8b9ea42cda
d30052e942167f1f7cc0b6b1268866a1d1c1ce2e543fd14faf6db97c16039aa6
d3062d58a1af9262d5640b9c41f166986f546d50e0e47e66a4c23819c712b422
d386ba19322d2adcd34d245d8259b116813d2bcf461df4474e053b8fb9c6c732
d390d8f4a41751b407c4e8c2a4fa480d3faa610452f7336310fb0661899e8394
d3e26116a04210351c613630d62d53eae8ddff5732b0400908365e14c486a119
d6193fd1c3e9595d88582fca012ec5f152451a05acb961b0aa654ddaea3e705a
d61b6901954ff2c0aaf9b5e6a470776ba3e23f12f2c5d455ed7276294b67e6cb
d6aa3fcf04d6a362c2a082cd482606251de0e0129861145fca91cbdd3121af86
d6ae6faf0336d8aeb746e551e9a2cc1d33fcfa2e3eab3a8eadbe2a63849e6591
d752bd177fc892e88ed290e24b59f6fd6aacc04798d86538610b5bcfdd2c5361
d84d438f1cdfa10e1eb81e115ad2799be8f35e8219fb8adfc87eaf89fdcee3f3
da0808618d655d2511fe6e643000875e3e97983b03d15b7d4117110438a1f152
dbcbf5f2acc0127b002a13f8a0473ee849a9a2a92aa38697f3c967f707f42a79
dbe3843e0dc46cce65b3841be6c93e037e8fe161af931365e5009affc6463883
dc1cab4f4c008ab655e0450ee31b87e6c7d0ed166910ccbdb81716b2a972d7cd
dc456d63390ecccfc6c356f2b013f63c60877e98401199b663634b5f2423ba4d
dd620ff1363947eaa898325ec249aad550adf5e7937d2ed37dcad5e6b4751636
dd99f527ba9626ab3b99fd526418bb14542153c24acfa93e80f0616221cbe320
de1904d0b1a95eee9cce55754de8b550794ed214db5cb73ad7706e9c0608a586
de84a77891a31a88fb07bc753ac2a3900f1928f4d4bc449a7564ba8a41927d16
dfbebe61b59d122f656a1e968a56f023bae266057f6138950214a971dd9ae620
e07b3319d5a741f1ca29867ca20eea04e4254d196841a7887143c720c564e007
e07bf5ffc10eb81845388c2f1a12b3569c6b29c227faa0e9de17139d9a9e1823
e0eb0034e8cef840d1ddeeea153048d4349ba9aa96e2ef0ff58a208bea25d131
e125201640b58bbaeec23304abfe434618b3cc793521d3014adec720fa4f77b7
e160fa87d6a461066b724fb344a26dddce1f71b15eac09bd7215c5e13e9386bb
e24bf4ae9c71dda4a69258e20674ecafe075dc978d1e142cf14256c3bd7bed12
e26cb87b85034491ec908ba9123151eb055af496fa57facbf732e6a51093c4ee
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
e38f7698b273506394fedb2afc26753ac8101d54cdf0bb60cd7fab597df2564c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b23885ebf4b4d565ce2a64fcda67527316aadabd375531616b5bad8a2edd88
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e536b2c1882bb1a4099bce0174bf7159388d0bc7b63d66e4e0f20fccb620fcde
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e7e638e2b784c385f72ad60a8832fbb550b716769988d9abf570968e268e87f4
e80c069425cf656ae0f04568d76ce7cc5898cf550a02d1253861f19c39cd1c8e
e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9
e9a087a125682aea2e97c088c5fcc623b45d714487f79f82a714c77bd14c1918
ea2700c50c47911cc85379e323d077ced4853bf5f776b2dfcb308748c68df57d
ea71cb853afd282eb3897cf4acbb2ec1ba230631bf065d1c1829b7d482ebe762
eb23194757af50253fa1a25fac3b459e71dfb7bf7c4c3db6f78c4eb5c00d1af7
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecf31d03b0335b2099411a2b2ffe02cb9272db8ee1878e7f693b9f07caf12af1
ed7f26ed6ad4423e3a8bd3184c87c613719f395393c22a62871869670b6a402a
ed872ca1c35cd9bced9a8f847d829e1a18cc87944ce1dcfbd7c566bb837dd1d3
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef145673525a43c144053a5645028c3069b079d98449904244ae8c319a5b4842
ef19081a99395e5f8d62012f1afe053640256cdcdde6c92468c3e3c4e6c27b4d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
efb06c34278556e86f79245d043d5ef65b5b32c24dc85af70004809ff6d881ec
efee60553488e3661711cdf3ca62be875fdc1b05ff755b440a841d49c96344f3
f0a53507e02a1dd35fd5f290808ce97724ddd684000173f9a6773849966cf13f
f1a9b39cceec1fd8631a8d7e5811de9c337c4996b04450cda520ecaaf9c9b81d
f252462d4099cc41daf3824c6661737a68eaa8e1515cbbcc885ba6c4a70c877e
f2ff936bbfc5f08e39063b192c55e5fe80b2d399546aa3fe5bf69e28ac290a94
f39f99b6d3118125c7f0996ae98ec78cff2ac8714283d85c6accee5e0a7102ba
f41ea718fb594c8b1f7c7dc4b0bb0f6defd066c0996d95a14b9df132349078b7
f44575dec03c8b3f4d5dc9efd4b5b4c12c0c3ffdf19c5ae5bd2d0e0abbe8aff4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f70f9ebd1fc1685dd00ccc12f66efec3127c54444a2689fa83ef5b677e13390d
f8e04afdc2f6ee5ac15f842be5d59fb6d5f02091080f250c764023df488b5d14
f937aafe633a61af40ac179b3d30138d38bae6db00fad23d3d097051a6264bab
f96a9807d2422d6ac77aa38d81f0748f9194de57389f1a23f5013fb62aa30cec
fa991ac885bc28ef5e6b507226f33cbe1440b900f392889fad55c8233c492c70
fac9be34606c02015807b30f40c2cf0bd1f99b0da18cab68b0891b4198b3fd66
fb93a5b61fb0a0be71dc32b39aa81e8fcdd911f85b6099f93ed159b811c9acff
fc17530752af6e7db1489ceffc6f6e5332f925bf9cd3c6a4f486eed8e3349f10
fd81803f0fece4c1cbd5fce9947ccf5c4bce36afe4eb50c5353527f030cbe085