urlscan.io logo urlscan.io
SecurityTrails logo

wegotthiscovered.com Open in urlscan Pro
172.67.15.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wegotthiscovered.com/
Effective URL: https://wegotthiscovered.com/
Submission: On October 17 via manual from NO — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 142 IPs in 11 countries across 109 domains to perform 561 HTTP transactions. The main IP is 172.67.15.35, located in United States and belongs to CLOUDFLARENET, US. The main domain is wegotthiscovered.com. The Cisco Umbrella rank of the primary domain is 72854.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2022. Valid for: a year.
This is the only time wegotthiscovered.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 136 172.67.15.35 13335 (CLOUDFLAR...)
7 142.250.186.99 15169 (GOOGLE)
3 142.250.186.138 15169 (GOOGLE)
3 142.250.184.232 15169 (GOOGLE)
2 108.138.19.89 16509 (AMAZON-02)
18 142.250.184.226 15169 (GOOGLE)
1 172.67.70.134 13335 (CLOUDFLAR...)
3 185.59.220.194 60068 (CDN77 ^_^)
6 142.250.186.98 15169 (GOOGLE)
4 185.60.216.19 32934 (FACEBOOK)
1 142.250.74.193 15169 (GOOGLE)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 151.139.128.11 20446 (STACKPATH...)
1 104.18.47.230 13335 (CLOUDFLAR...)
5 104.17.78.34 13335 (CLOUDFLAR...)
1 2 104.16.123.175 13335 (CLOUDFLAR...)
2 13.32.99.105 16509 (AMAZON-02)
1 18.66.248.38 16509 (AMAZON-02)
4 34.110.240.68 396982 (GOOGLE-CL...)
1 34.110.189.112 396982 (GOOGLE-CL...)
2 34.120.157.206 396982 (GOOGLE-CL...)
1 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 104.22.47.142 13335 (CLOUDFLAR...)
1 151.101.66.202 54113 (FASTLY)
1 54.160.55.69 14618 (AMAZON-AES)
3 172.217.18.14 15169 (GOOGLE)
1 108.157.4.74 16509 (AMAZON-02)
6 142.250.184.194 15169 (GOOGLE)
1 142.250.186.142 15169 (GOOGLE)
2 13.107.246.45 8068 (MICROSOFT...)
1 172.67.69.19 13335 (CLOUDFLAR...)
1 18.66.122.81 16509 (AMAZON-02)
1 18.222.102.2 16509 (AMAZON-02)
1 3 91.228.74.168 16509 (AMAZON-02)
5 108.138.4.10 16509 (AMAZON-02)
3 72.251.249.14 32475 (SINGLEHOP...)
1 1 147.75.85.234 54825 (PACKET)
2 34.208.107.239 16509 (AMAZON-02)
7 8 3.126.157.114 16509 (AMAZON-02)
2 162.19.138.118 16276 (OVH)
1 34.120.133.55 396982 (GOOGLE-CL...)
2 52.11.176.167 16509 (AMAZON-02)
1 104.18.158.234 13335 (CLOUDFLAR...)
2 216.239.34.36 15169 (GOOGLE)
3 74.125.133.157 15169 (GOOGLE)
1 172.217.18.3 15169 (GOOGLE)
10 18.156.195.47 16509 (AMAZON-02)
1 213.19.162.61 3356 (LEVEL3)
1 69.166.1.8 27630 (AS-XFERNET)
3 198.47.127.22 62713 (AS-PUBMATIC)
2 213.19.147.43 26120 (RHYTHMONE)
5 34.149.20.76 15169 (GOOGLE)
6 35.244.159.8 15169 (GOOGLE)
1 3.64.202.105 16509 (AMAZON-02)
1 178.250.2.131 44788 (ASN-CRITE...)
4 52.28.237.81 16509 (AMAZON-02)
1 23.3.109.122 16625 (AKAMAI-AS)
8 99.80.190.113 16509 (AMAZON-02)
2 5 185.89.210.82 29990 (ASN-APPNEX)
2 6 216.52.2.48 30282 (AS-INAPCD...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 52.29.149.17 16509 (AMAZON-02)
7 185.86.137.113 201081 (SMARTADSE...)
1 104.18.18.126 13335 (CLOUDFLAR...)
1 89.207.16.210 41041 (VCLK-EU-SE)
2 185.94.180.124 35220 (SPOTX-AMS)
2 44.196.106.145 14618 (AMAZON-AES)
1 13.32.99.122 16509 (AMAZON-02)
2 185.60.216.35 32934 (FACEBOOK)
3 108.138.17.118 16509 (AMAZON-02)
2 143.204.94.230 16509 (AMAZON-02)
1 23.206.210.112 16625 (AKAMAI-AS)
1 52.222.139.112 16509 (AMAZON-02)
1 172.67.38.106 13335 (CLOUDFLAR...)
1 108.138.7.46 16509 (AMAZON-02)
2 3 52.49.202.27 16509 (AMAZON-02)
4 52.167.85.21 8075 (MICROSOFT...)
12 142.250.181.225 15169 (GOOGLE)
1 152.199.22.24 15133 (EDGECAST)
2 15 52.95.122.74 16509 (AMAZON-02)
23 13.225.78.35 16509 (AMAZON-02)
1 162.19.138.120 16276 (OVH)
1 141.95.98.68 16276 (OVH)
9 19 142.250.181.226 15169 (GOOGLE)
1 172.217.18.2 15169 (GOOGLE)
2 142.250.185.98 15169 (GOOGLE)
3 216.58.212.161 15169 (GOOGLE)
2 178.250.2.130 44788 (ASN-CRITE...)
2 2 95.101.200.23 16625 (AKAMAI-AS)
1 1 18.66.112.116 16509 (AMAZON-02)
1 51.89.9.251 16276 (OVH)
3 3 64.74.236.255 19024 (INTERNAP-...)
1 54.72.178.118 16509 (AMAZON-02)
3 5 104.18.19.126 13335 (CLOUDFLAR...)
1 1 46.228.164.11 56396 (AMOBEE)
5 88.221.168.201 16625 (AKAMAI-AS)
1 52.17.64.38 16509 (AMAZON-02)
1 7 23.203.77.3 16625 (AKAMAI-AS)
3 3 18.156.0.31 16509 (AMAZON-02)
3 76.223.111.18 16509 (AMAZON-02)
2 69.173.144.165 26667 (RUBICONPR...)
2 2 54.171.34.58 16509 (AMAZON-02)
1 1 193.0.160.128 54312 (ROCKETFUEL)
2 4 185.89.210.122 29990 (ASN-APPNEX)
1 15 34.247.233.198 16509 (AMAZON-02)
2 2 168.119.127.61 24940 (HETZNER-AS)
3 4 64.202.112.63 23352 (SERVERCEN...)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
2 2 34.231.120.233 14618 (AMAZON-AES)
2 3 52.49.242.74 16509 (AMAZON-02)
1 1 3.231.84.56 14618 (AMAZON-AES)
1 150.136.156.92 31898 (ORACLE-BM...)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 54.77.23.81 16509 (AMAZON-02)
2 2 213.19.147.44 26120 (RHYTHMONE)
5 15.197.193.217 16509 (AMAZON-02)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 2 185.86.139.101 201081 (SMARTADSE...)
2 2 103.229.205.243 30419 (MEDIAMATH...)
2 2 151.101.130.49 54113 (FASTLY)
1 3.71.169.66 16509 (AMAZON-02)
1 1 202.241.208.57 4694 (IDCF IDC ...)
1 89.207.16.201 41041 (VCLK-EU-SE)
4 54.170.205.64 16509 (AMAZON-02)
2 2 3.120.142.33 16509 (AMAZON-02)
1 3 52.46.130.91 16509 (AMAZON-02)
2 7 185.80.39.216 27381 (CASALE-MEDIA)
2 2 66.155.71.150 13768 (COGECO-PEER1)
2 2 35.227.248.159 15169 (GOOGLE)
1 34.240.197.120 16509 (AMAZON-02)
13 18.203.130.15 16509 (AMAZON-02)
1 1 185.94.180.125 35220 (SPOTX-AMS)
1 104.19.173.108 13335 (CLOUDFLAR...)
2 6 69.173.144.139 26667 (RUBICONPR...)
1 2 54.81.173.34 14618 (AMAZON-AES)
1 1 23.213.161.138 20940 (AKAMAI-ASN1)
1 1 80.77.87.162 46636 (NATCOWEB)
7 65.9.86.39 16509 (AMAZON-02)
2 37.157.4.23 198622 (ADFORM)
1 104.16.88.20 13335 (CLOUDFLAR...)
1 54.87.2.133 14618 (AMAZON-AES)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 13.107.43.14 8068 (MICROSOFT...)
2 185.64.190.78 62713 (AS-PUBMATIC)
1 2 54.229.167.95 16509 (AMAZON-02)
2 172.217.18.4 15169 (GOOGLE)
3 8 34.98.64.218 396982 (GOOGLE-CL...)
3 23.35.237.56 16625 (AKAMAI-AS)
2 142.250.186.106 15169 (GOOGLE)
9 100.20.118.155 16509 (AMAZON-02)
2 142.250.185.66 15169 (GOOGLE)
2 52.28.220.111 16509 (AMAZON-02)
10 18.66.248.13 16509 (AMAZON-02)
1 3.126.58.88 16509 (AMAZON-02)
1 142.250.74.198 15169 (GOOGLE)
1 142.250.184.202 15169 (GOOGLE)
8 13.225.78.83 16509 (AMAZON-02)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 204.79.197.200 8068 (MICROSOFT...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 18.66.122.63 16509 (AMAZON-02)
2 3.64.188.198 16509 (AMAZON-02)
2 151.101.65.108 54113 (FASTLY)
1 104.17.119.107 ()
5 67.202.105.31 ()
2 2 37.157.3.29 ()
561 142
136    172.67.15.35 (United States)

ASN13335 (CLOUDFLARENET, US)
wegotthiscovered.com
7    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com
3    142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
fonts.googleapis.com
3    142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com
2    108.138.19.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-19-89.fra56.r.cloudfront.net
static.chartbeat.com
18    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
pagead2.googlesyndication.com
1    172.67.70.134 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
3    185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-713.bunnyinfra.net
hb.vntsm.com
6    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
4    185.60.216.19 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net
connect.facebook.net
1    142.250.74.193 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f1.1e100.net
cdn.ampproject.org
2    104.17.24.14 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
s.skimresources.com
1    104.18.47.230 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
5    104.17.78.34 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
abcheck.proper.io
eb.proper.io
2    104.16.123.175 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    18.66.248.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-38.dus51.r.cloudfront.net
certify-js.alexametrics.com
4    34.110.240.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.240.110.34.bc.googleusercontent.com
superficialeyes.com
1    34.110.189.112 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 112.189.110.34.bc.googleusercontent.com
terrifictooth.com
2    34.120.157.206 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 206.157.120.34.bc.googleusercontent.com
spc.wegotthiscovered.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    104.22.47.142 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
1    151.101.66.202 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    54.160.55.69 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-55-69.compute-1.amazonaws.com
ping.chartbeat.net
3    172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f14.1e100.net
www.google-analytics.com
1    108.157.4.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-74.dus51.r.cloudfront.net
ats.rlcdn.com
6    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net
www.googleoptimize.com
2    13.107.246.45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    18.66.122.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-81.fra60.r.cloudfront.net
certify.alexametrics.com
1    18.222.102.2 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-222-102-2.us-east-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
3    91.228.74.168 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
5    108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net
c.amazon-adsystem.com
3    72.251.249.14 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    34.208.107.239 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-107-239.us-west-2.compute.amazonaws.com
usync.proper.io
8    3.126.157.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-157-114.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
2    52.11.176.167 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-176-167.us-west-2.compute.amazonaws.com
bids.proper.io
1    104.18.158.234 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
player.propervideo.io
2    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net
stats.g.doubleclick.net
bid.g.doubleclick.net
1    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net
www.google.no
10    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    213.19.162.61 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
1    69.166.1.8 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
3    198.47.127.22 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    213.19.147.43 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
5    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
6    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
propermedia-d.openx.net
us-u.openx.net
u.openx.net
eu-u.openx.net
1    3.64.202.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-202-105.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
4    52.28.237.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-237-81.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    23.3.109.122 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-109-122.deploy.static.akamaitechnologies.com
a.teads.tv
8    99.80.190.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-190-113.eu-west-1.compute.amazonaws.com
g2.gumgum.com
5    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
6    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    52.29.149.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-149-17.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
7    185.86.137.113 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    89.207.16.210 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
2    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
2    44.196.106.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-106-145.compute-1.amazonaws.com
reachms.bfmio.com
1    13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net
geo.privacymanager.io
2    185.60.216.35 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com
www.facebook.com
3    108.138.17.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-118.fra56.r.cloudfront.net
static.adsafeprotected.com
2    143.204.94.230 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-230.fra50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    52.222.139.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-112.ams50.r.cloudfront.net
tags.crwdcntrl.net
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    108.138.7.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-46.fra56.r.cloudfront.net
rules.quantcount.com
3    52.49.202.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-202-27.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
4    52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
i.clarity.ms
12    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
tpc.googlesyndication.com
1    152.199.22.24 (United States)

ASN15133 (EDGECAST, US)
adserver.adtech.advertising.com
15    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
23    13.225.78.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-35.fra2.r.cloudfront.net
live.primis.tech
1    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu
lbs.eu-1-id5-sync.com
19    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
cm.g.doubleclick.net
www.googletagservices.com
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
adservice.google.no
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
adservice.google.com
3    216.58.212.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f1.1e100.net
c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
2    178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    95.101.200.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-200-23.deploy.static.akamaitechnologies.com
cs.media.net
1    18.66.112.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-116.fra56.r.cloudfront.net
s.ad.smaato.net
1    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
3    64.74.236.255 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    54.72.178.118 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-178-118.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
5    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
5    88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    52.17.64.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-64-38.eu-west-1.compute.amazonaws.com
sync-amz.ads.yieldmo.com
7    23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    54.171.34.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-34-58.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
15    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    168.119.127.61 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.61.127.119.168.clients.your-server.de
bidswitch-eu.splicky.com
4    64.202.112.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    34.231.120.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-120-233.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    52.49.242.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-242-74.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    3.231.84.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-84-56.compute-1.amazonaws.com
sync.ipredictive.com
1    150.136.156.92 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    54.77.23.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-23-81.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    213.19.147.44 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
5    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    3.71.169.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    202.241.208.57 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    89.207.16.201 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-usadmm.dotomi.com
yieldmo-match.dotomi.com
4    54.170.205.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-205-64.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
2    3.120.142.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-142-33.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
3    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
7    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
r.casalemedia.com
dsum.casalemedia.com
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    34.240.197.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-197-120.eu-west-1.compute.amazonaws.com
d.adroll.com
13    18.203.130.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
s.srvmath.com
1    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    104.19.173.108 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
6    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    54.81.173.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-173-34.compute-1.amazonaws.com
mb9eo.publishers.tremorhub.com
1    23.213.161.138 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-138.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
7    65.9.86.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-39.ams1.r.cloudfront.net
video.primis.tech
2    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    104.16.88.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    54.87.2.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-2-133.compute-1.amazonaws.com
mb9eo-7w62j.ads.tremorhub.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    54.229.167.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
2    172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f4.1e100.net
www.google.com
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
u.openx.net
eu-u.openx.net
3    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
2    142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
imasdk.googleapis.com
9    100.20.118.155 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-118-155.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
2    52.28.220.111 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-220-111.eu-central-1.compute.amazonaws.com
ads.celtra.com
10    18.66.248.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-13.dus51.r.cloudfront.net
delivered-by-madington.com
1    3.126.58.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-58-88.eu-central-1.compute.amazonaws.com
celtraidentity.com
1    142.250.74.198 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
s0.2mdn.net
1    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
ajax.googleapis.com
8    13.225.78.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-83.fra2.r.cloudfront.net
cache-ssl.celtra.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    18.66.122.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-63.fra60.r.cloudfront.net
track.streamedby.com
2    3.64.188.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-188-198.eu-central-1.compute.amazonaws.com
track.celtra.com
2    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    104.17.119.107 (None, )

ASN- ()
biddr.brealtime.com
5    67.202.105.31 (None, )

ASN- ()
de.tynt.com
2    37.157.3.29 (None, )

ASN- ()
c1.adform.net
Apex Domain
Subdomains		 Transfer
138 wegotthiscovered.com
wegotthiscovered.com — Cisco Umbrella Rank: 72854
spc.wegotthiscovered.com — Cisco Umbrella Rank: 152220
1 MB
33 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
bid.g.doubleclick.net — Cisco Umbrella Rank: 444
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317
231 KB
33 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
345 KB
30 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2902
video.primis.tech — Cisco Umbrella Rank: 6002
742 KB
25 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 313
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 534
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205
s.amazon-adsystem.com — Cisco Umbrella Rank: 296
111 KB
24 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1430
rtb.gumgum.com — Cisco Umbrella Rank: 1123
usersync.gumgum.com — Cisco Umbrella Rank: 2144
16 KB
20 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
eus.rubiconproject.com — Cisco Umbrella Rank: 596
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2112
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 929
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
token.rubiconproject.com — Cisco Umbrella Rank: 682
37 KB
16 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 895
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426
3 KB
14 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 594
fw.adsafeprotected.com — Cisco Umbrella Rank: 794
dt.adsafeprotected.com — Cisco Umbrella Rank: 546
103 KB
14 openx.net
propermedia-d.openx.net — Cisco Umbrella Rank: 11011
us-u.openx.net — Cisco Umbrella Rank: 409
u.openx.net — Cisco Umbrella Rank: 664
eu-u.openx.net
2 KB
13 srvmath.com
s.srvmath.com — Cisco Umbrella Rank: 18193
56 KB
13 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 519
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
r.casalemedia.com — Cisco Umbrella Rank: 1351
dsum.casalemedia.com — Cisco Umbrella Rank: 1311
11 KB
12 celtra.com
ads.celtra.com — Cisco Umbrella Rank: 3194
cache-ssl.celtra.com — Cisco Umbrella Rank: 3930
track.celtra.com — Cisco Umbrella Rank: 3839
391 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
secure.adnxs.com — Cisco Umbrella Rank: 438
acdn.adnxs.com — Cisco Umbrella Rank: 618
10 KB
10 delivered-by-madington.com
delivered-by-madington.com — Cisco Umbrella Rank: 962980
161 KB
10 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470
ads.pubmatic.com — Cisco Umbrella Rank: 495
image6.pubmatic.com — Cisco Umbrella Rank: 671
38 KB
9 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1396
ssbsync.smartadserver.com — Cisco Umbrella Rank: 863
3 KB
9 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 918
ap.lijit.com — Cisco Umbrella Rank: 599
6 KB
9 proper.io
global.proper.io — Cisco Umbrella Rank: 8364
abcheck.proper.io — Cisco Umbrella Rank: 8992
usync.proper.io — Cisco Umbrella Rank: 12361
bids.proper.io — Cisco Umbrella Rank: 8625
eb.proper.io — Cisco Umbrella Rank: 11505
145 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 303
4 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 565
i.clarity.ms — Cisco Umbrella Rank: 5274
c.clarity.ms — Cisco Umbrella Rank: 1062
26 KB
7 gstatic.com
fonts.gstatic.com
106 KB
6 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 5017
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
2 KB
6 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 3345
r.skimresources.com — Cisco Umbrella Rank: 3218
t.skimresources.com — Cisco Umbrella Rank: 3387
p.skimresources.com — Cisco Umbrella Rank: 4387
20 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
imasdk.googleapis.com — Cisco Umbrella Rank: 435
ajax.googleapis.com — Cisco Umbrella Rank: 306
357 KB
5 tynt.com
de.tynt.com
2 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
1 KB
5 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5478
ads.yieldmo.com — Cisco Umbrella Rank: 660
2 KB
5 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1686
1 KB
4 adform.net
adx.adform.net — Cisco Umbrella Rank: 3993
c1.adform.net
1 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 832
1 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1160
bcp.crwdcntrl.net — Cisco Umbrella Rank: 818
sync.crwdcntrl.net — Cisco Umbrella Rank: 756
11 KB
4 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1269
sync.teads.tv — Cisco Umbrella Rank: 1137
1 KB
4 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 998
641 B
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 585
eb2.3lift.com — Cisco Umbrella Rank: 373
928 B
4 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1362
sync.1rx.io — Cisco Umbrella Rank: 543
2 KB
4 superficialeyes.com
superficialeyes.com — Cisco Umbrella Rank: 82252
121 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
199 KB
3 tremorhub.com
mb9eo.publishers.tremorhub.com — Cisco Umbrella Rank: 6729
mb9eo-7w62j.ads.tremorhub.com — Cisco Umbrella Rank: 24149
1 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 657
1 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
878 B
3 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 509
sync.search.spotxchange.com — Cisco Umbrella Rank: 572
3 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1238
cs.media.net — Cisco Umbrella Rank: 1392
2 KB
3 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
gum.criteo.com — Cisco Umbrella Rank: 425
7 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 471
cdn.id5-sync.com — Cisco Umbrella Rank: 1193
17 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 948
pixel.quantserve.com — Cisco Umbrella Rank: 516
cms.quantserve.com
11 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
3 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 22736
315 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1323
mab.chartbeat.com — Cisco Umbrella Rank: 2299
25 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
190 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
93 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 456
641 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 923
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 578
631 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 681
624 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 723
1 KB
2 splicky.com
bidswitch-eu.splicky.com — Cisco Umbrella Rank: 26464
440 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 508
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
58 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1358
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1440
549 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
235 B
2 bfmio.com
reachms.bfmio.com — Cisco Umbrella Rank: 6013
291 B
2 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1980
yieldmo-match.dotomi.com — Cisco Umbrella Rank: 5216
881 B
2 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 2629
cs.emxdgt.com — Cisco Umbrella Rank: 1055
162 B
2 google.no
www.google.no — Cisco Umbrella Rank: 31079
adservice.google.no — Cisco Umbrella Rank: 193381
1 KB
2 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1421
api.rlcdn.com — Cisco Umbrella Rank: 825
38 KB
2 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 10759
certify.alexametrics.com — Cisco Umbrella Rank: 6052
3 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
2 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 801
3 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
6 KB
1 brealtime.com
biddr.brealtime.com
1 KB
1 streamedby.com
track.streamedby.com
351 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
557 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
17 KB
1 celtraidentity.com
celtraidentity.com — Cisco Umbrella Rank: 35115
337 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
707 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 394
2 KB
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1161
880 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 702
788 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 890
131 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1484
181 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1201
705 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 538
664 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 891
44 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1204
294 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 934
465 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 740
730 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 766
418 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 777
148 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 717
536 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 888
703 B
1 advertising.com
adserver.adtech.advertising.com — Cisco Umbrella Rank: 9873
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 876
2 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1340
17 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1492
603 B
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1501
969 B
1 propervideo.io
player.propervideo.io — Cisco Umbrella Rank: 21829
28 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 924
230 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1180
934 B
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1140
41 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1228
201 B
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 29876
667 B
1 terrifictooth.com
terrifictooth.com — Cisco Umbrella Rank: 81082
6 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1116
5 KB
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 363
16 KB
1 btloader.com
btloader.com — Cisco Umbrella Rank: 1084
6 KB
561 109
Domain Requested by
136 wegotthiscovered.com 1 redirects wegotthiscovered.com
hb.vntsm.com
23 live.primis.tech wegotthiscovered.com
live.primis.tech
18 pagead2.googlesyndication.com wegotthiscovered.com
pagead2.googlesyndication.com
c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
googleads.g.doubleclick.net
fw.adsafeprotected.com
tpc.googlesyndication.com
www.googletagservices.com
hb.vntsm.com
16 cm.g.doubleclick.net 9 redirects ap.lijit.com
rtb.gumgum.com
eus.rubiconproject.com
googleads.g.doubleclick.net
u.openx.net
15 usersync.gumgum.com 1 redirects rtb.gumgum.com
15 aax-eu.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ap.lijit.com
rtb.gumgum.com
sync-amz.ads.yieldmo.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
13 s.srvmath.com live.primis.tech
s.srvmath.com
12 tpc.googlesyndication.com superficialeyes.com
c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
10 delivered-by-madington.com c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
delivered-by-madington.com
10 c2shb.pubgw.yahoo.com global.proper.io
9 dt.adsafeprotected.com c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
8 cache-ssl.celtra.com ads.celtra.com
wegotthiscovered.com
8 g2.gumgum.com global.proper.io
8 x.bidswitch.net 7 redirects wegotthiscovered.com
7 video.primis.tech wegotthiscovered.com
7 us-u.openx.net 3 redirects rtb.gumgum.com
googleads.g.doubleclick.net
u.openx.net
7 prg.smartadserver.com global.proper.io
live.primis.tech
7 fonts.gstatic.com wegotthiscovered.com
fonts.googleapis.com
6 pixel.rubiconproject.com 2 redirects wegotthiscovered.com
eus.rubiconproject.com
6 eus.rubiconproject.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
eus.rubiconproject.com
global.proper.io
6 ap.lijit.com 2 redirects global.proper.io
aax-eu.amazon-adsystem.com
ap.lijit.com
wegotthiscovered.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
wegotthiscovered.com
6 securepubads.g.doubleclick.net wegotthiscovered.com
securepubads.g.doubleclick.net
hb.vntsm.com
imasdk.googleapis.com
5 de.tynt.com global.proper.io
5 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
5 match.adsrvr.org rtb.gumgum.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
u.openx.net
5 ads.pubmatic.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
live.primis.tech
global.proper.io
5 ssum-sec.casalemedia.com 3 redirects aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
5 ib.adnxs.com 2 redirects global.proper.io
googleads.g.doubleclick.net
5 ssc.33across.com global.proper.io
5 c.amazon-adsystem.com global.proper.io
hb.vntsm.com
live.primis.tech
c.amazon-adsystem.com
4 token.rubiconproject.com 4 redirects
4 ads.yieldmo.com sync-amz.ads.yieldmo.com
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 secure.adnxs.com 2 redirects acdn.adnxs.com
4 i.clarity.ms hb.vntsm.com
4 btlr.sharethrough.com global.proper.io
4 superficialeyes.com wegotthiscovered.com
superficialeyes.com
4 connect.facebook.net wegotthiscovered.com
connect.facebook.net
3 sync.teads.tv googleads.g.doubleclick.net
global.proper.io
3 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
eus.rubiconproject.com
3 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
3 creativecdn.com 3 redirects
3 eb2.3lift.com aax-eu.amazon-adsystem.com
wegotthiscovered.com
global.proper.io
3 ups.analytics.yahoo.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 static.adsafeprotected.com superficialeyes.com
wegotthiscovered.com
c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
3 propermedia-d.openx.net global.proper.io
3 hbopenbid.pubmatic.com global.proper.io
live.primis.tech
3 ce.lijit.com global.proper.io
ap.lijit.com
3 www.google-analytics.com www.googletagmanager.com
hb.vntsm.com
wegotthiscovered.com
3 hb.vntsm.com wegotthiscovered.com
hb.vntsm.com
3 www.googletagmanager.com wegotthiscovered.com
www.googletagmanager.com
3 fonts.googleapis.com wegotthiscovered.com
live.primis.tech
2 c1.adform.net 2 redirects
2 eu-u.openx.net u.openx.net
2 acdn.adnxs.com global.proper.io
2 track.celtra.com
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 c.clarity.ms 1 redirects
2 ads.celtra.com c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
ads.celtra.com
2 googleads4.g.doubleclick.net fw.adsafeprotected.com
2 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
2 www.google.com c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
tpc.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
2 www.googletagservices.com c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
2 image6.pubmatic.com ads.pubmatic.com
2 adx.adform.net live.primis.tech
2 mb9eo.publishers.tremorhub.com 1 redirects wegotthiscovered.com
2 u.openx.net live.primis.tech
global.proper.io
2 pixel.tapad.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 sync.mathtag.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects wegotthiscovered.com
2 sync.1rx.io 2 redirects
2 ad.360yield.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 bidswitch-eu.splicky.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 pixel-eu.rubiconproject.com ap.lijit.com
eus.rubiconproject.com
2 cs.media.net 2 redirects
2 static.criteo.net global.proper.io
hb.vntsm.com
2 adservice.google.com pagead2.googlesyndication.com
imasdk.googleapis.com
2 aax-dtb-cf.amazon-adsystem.com hb.vntsm.com
2 www.facebook.com wegotthiscovered.com
2 reachms.bfmio.com global.proper.io
2 search.spotxchange.com global.proper.io
2 tag.1rx.io global.proper.io
2 stats.g.doubleclick.net www.googletagmanager.com
hb.vntsm.com
2 region1.analytics.google.com www.googletagmanager.com
2 bids.proper.io global.proper.io
hb.vntsm.com
2 id5-sync.com global.proper.io
hb.vntsm.com
2 usync.proper.io wegotthiscovered.com
2 abcheck.proper.io wegotthiscovered.com
2 www.clarity.ms www.googletagmanager.com
www.clarity.ms
2 p.skimresources.com wegotthiscovered.com
2 t.skimresources.com wegotthiscovered.com
s.skimresources.com
2 spc.wegotthiscovered.com wegotthiscovered.com
2 sb.scorecardresearch.com wegotthiscovered.com
2 unpkg.com 1 redirects wegotthiscovered.com
2 global.proper.io wegotthiscovered.com
global.proper.io
2 cdnjs.cloudflare.com wegotthiscovered.com
2 static.chartbeat.com wegotthiscovered.com
1 cms.quantserve.com 1 redirects
1 biddr.brealtime.com global.proper.io
1 track.streamedby.com
1 c.bing.com 1 redirects
1 ajax.googleapis.com delivered-by-madington.com
1 s0.2mdn.net imasdk.googleapis.com
1 celtraidentity.com ads.celtra.com
1 bid.g.doubleclick.net c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 mb9eo-7w62j.ads.tremorhub.com live.primis.tech
1 cdn.jsdelivr.net live.primis.tech
1 cs.admanmedia.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 csync.loopme.me wegotthiscovered.com
1 sync.search.spotxchange.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 r.casalemedia.com ssum-sec.casalemedia.com
1 yieldmo-match.dotomi.com sync-amz.ads.yieldmo.com
1 secure-assets.rubiconproject.com 1 redirects
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com rtb.gumgum.com
1 bh.contextweb.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 p.rfihub.com 1 redirects
1 sync-amz.ads.yieldmo.com aax-eu.amazon-adsystem.com
1 ad.turn.com 1 redirects
1 rtb.gumgum.com aax-eu.amazon-adsystem.com
1 onetag-sys.com aax-eu.amazon-adsystem.com
1 s.ad.smaato.net 1 redirects
1 pixel.quantserve.com wegotthiscovered.com
1 eb.proper.io hb.vntsm.com
1 adservice.google.no pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 lbs.eu-1-id5-sync.com hb.vntsm.com
1 lb.eu-1-id5-sync.com hb.vntsm.com
1 adserver.adtech.advertising.com superficialeyes.com
1 bcp.crwdcntrl.net hb.vntsm.com
1 rules.quantcount.com secure.quantserve.com
1 cdn.id5-sync.com wegotthiscovered.com
1 tags.crwdcntrl.net wegotthiscovered.com
1 secure.cdn.fastclick.net wegotthiscovered.com
1 geo.privacymanager.io ats.rlcdn.com
1 web.hb.ad.cpe.dotomi.com global.proper.io
1 htlb.casalemedia.com global.proper.io
1 hb.emxdgt.com global.proper.io
1 prebid.media.net global.proper.io
1 a.teads.tv global.proper.io
1 bidder.criteo.com global.proper.io
1 tlx.3lift.com global.proper.io
1 apex.go.sonobi.com global.proper.io
1 fastlane.rubiconproject.com global.proper.io
1 www.google.no wegotthiscovered.com
1 player.propervideo.io global.proper.io
1 api.rlcdn.com global.proper.io
1 prebid.a-mo.net 1 redirects
1 secure.quantserve.com global.proper.io
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com wegotthiscovered.com
1 certify.alexametrics.com wegotthiscovered.com
1 ad-delivery.net hb.vntsm.com
1 www.googleoptimize.com www.googletagmanager.com
1 ats.rlcdn.com hb.vntsm.com
1 ping.chartbeat.net wegotthiscovered.com
1 mab.chartbeat.com static.chartbeat.com
1 hb.vntsm.io hb.vntsm.com
1 r.skimresources.com s.skimresources.com
1 terrifictooth.com wegotthiscovered.com
1 certify-js.alexametrics.com wegotthiscovered.com
1 static.cloudflareinsights.com wegotthiscovered.com
1 s.skimresources.com wegotthiscovered.com
1 cdn.ampproject.org wegotthiscovered.com
1 btloader.com wegotthiscovered.com
561 181

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
instagram.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-08 -
2023-05-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-14 -
2023-04-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-26 -
2022-10-24		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-10-28		 a year crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2022-05-07 -
2023-05-07		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
certify-js.alexametrics.com
Amazon		 2022-05-30 -
2023-06-27		 a year crt.sh
superficialeyes.com
R3		 2022-08-30 -
2022-11-28		 3 months crt.sh
terrifictooth.com
R3		 2022-09-01 -
2022-11-30		 3 months crt.sh
spc.attackofthefanboy.com
R3		 2022-10-12 -
2023-01-10		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
certify.alexametrics.com
Amazon		 2022-05-30 -
2023-06-28		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2022-09-12 -
2023-10-11		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2022-01-10 -
2023-02-09		 a year crt.sh
*.google.no
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-09-14 -
2022-12-13		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.bfmio.com
Amazon		 2022-04-16 -
2023-05-15		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.adtech.advertising.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-11 -
2023-04-24		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.primis.tech
Amazon		 2021-10-28 -
2022-11-26		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
adroll.mgr.consensu.org
Amazon		 2022-08-10 -
2023-09-08		 a year crt.sh
srvmath.com
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
celtra.com
Amazon		 2022-02-09 -
2023-03-10		 a year crt.sh
*.delivered-by-madington.com
Amazon		 2022-01-08 -
2023-02-06		 a year crt.sh
celtraidentity.com
Amazon		 2022-10-12 -
2023-11-10		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.streamedby.com
Amazon		 2022-08-20 -
2023-09-18		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh

This page contains 60 frames:

Primary Page: https://wegotthiscovered.com/
Frame ID: 37E76383B2409A2D8142A887F23900E8
Requests: 311 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.9822833504905488
Frame ID: 50AFEE661B8A06C949C7DEC290CA2D62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html
Frame ID: B4D9DA962C98A78C1EB6395FAC3D2322
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: B7BC950A71420718F0D6FB5DD1EF2EA7
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&dcc=t
Frame ID: 91F6A38A34B70E636ED2C7393A65F432
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&adk=2018173897&adf=1110508544&lmt=1665991174&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwegotthiscovered.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665991173551&bpp=6&bdt=1441&idt=1048&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2706020275387&frm=20&pv=2&ga_vid=1146920510.1665991174&ga_sid=1665991175&ga_hid=170619640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706&oid=2&pvsid=3271238232573634&tmod=649120664&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1239
Frame ID: C74AC50189A7EDD947D36D8E513140C3
Requests: 1 HTTP requests in this frame

Frame: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 569F87A274EBFA0AF20EAC85EDCE91F0
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 64045FC42837E280C5A9914425877561
Requests: 6 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1665991175&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Frame ID: 2978F7668AF297D2159150F9C0CF616F
Requests: 48 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 07962270243B376BC3CC22FF7B2BA1AE
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 755EC000963D89F8A0DCF6E7D786F91F
Requests: 10 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3710936749595118862
Frame ID: BEB99563EC5AEFC0AAE22F26266702E4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 8CA0A5766AE01EC69636799552B4AEEE
Requests: 2 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 88D66FF046C4E9FEE6B5094D4229BB86
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: 4E0F5EF34C7A3B583AD2C3299FD4C48A
Requests: 11 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=eS1vVmJWelJGRTJ1S1BqamNkNl9HRnV5aE1wT2QuU0pheH5B&
Frame ID: B2D01A6ADEB269834D2C77F7CB7D2DB2
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: F555F7507EE7B2140225A56C22235C11
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Frame ID: 6910CE4BE4741F9C5E0703567D885F9B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=15ef634d-0208-4900-81d7-51cff97ccef3&gdpr=&gdpr_consent=
Frame ID: FB7E6481023037961F93F68EC373BC8D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y00CBwAAALFipQAW&gdpr=&gdpr_consent=&_test=Y00CBwAAALFipQAW
Frame ID: 6AA15D5CD4F0D4EC177CB729BBEE1758
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81ZjAyNzM2Yi04NGYxLTRkMWEtOThlNS0yNmI1MDM0ZWEyMDI=&gdpr=&gdpr_consent=
Frame ID: 45EF0F4625A434021F0FE69DE03AD953
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 467D5641CA24C9FA0DB01409E3875B6E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 6350C06DC52B058F0CB3D56FEC9EEAAB
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent=
Frame ID: BB2F184D28783150D641CD2943DA08A2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y00CCMCo5ukAAP.-eRIAAAAA
Frame ID: 2D6B27DFA73CC2F7C0B2B79E10245D15
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y00CB57oA85I5ypaqBa9wwAA%264378
Frame ID: CA1F35A892B2ECC90E7333F7FC11E6C4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=Rxv13bX84CQbZMPwfucR&pi=gumgum&tc=1
Frame ID: 4FDA20C9E0248EF06314D92D5B50937E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: BA1DA094A1BDD44F30CD09B5D66F6F00
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: AA856D4B48C3DBC42D4153D4F9935021
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: B782E1BDA5B239A86AB4F9A40D0F8B54
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=634d020751aff&pixel=&advId=94&advUuid=0cd0eb1c-4dec-11ed-a8d0-1dbc55590006
Frame ID: C6C907BFB0A253D0FDA8B829EF9BF863
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: A266076B9D75C2B4DBFF63BA28304DDC
Requests: 1 HTTP requests in this frame

Frame: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 71ABC238CFE7A116362759D4D22DED5D
Requests: 10 HTTP requests in this frame

Frame: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8F4FC83E750C4CC6BD699E1BCA3630CA
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCKoAEQ2c2gARia2-u0ATAB&v=APEucNWQVHDSxzz10Dy-HTbboDeWpDJkanhFc1C-axMbD90fCGIeg7lyqWjPRrj2Zu0OD-xzPM0Znz5Q7tQwFezEUECADEGPAYS2yr2i1mK095J9qaThH2s
Frame ID: AEC4BF71849BF74E2F029E31AE795310
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQ6NnSARiCpqPSATAB&v=APEucNW-ZcDWB4f-qLg0W4_9FzmREzPquuGvUz5bUnWw6wbJla42mTmpI6PtC02w3AM1bXYKLoRHRvMmyFc_10wbwyyqVz58mcjn_P80Jt8x6xrQaS7CKj8
Frame ID: E80F34618AA29E4D014FDCF2E3EE4557
Requests: 5 HTTP requests in this frame

Frame: blob://https://wegotthiscovered.com/7f579643-bf8c-480f-bcfe-c5c4b4aa92a7
Frame ID: 95D79EC3A47DBBC0EDB437A7F0270AFA
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 003266625C3460388D1BC2727D315D79
Requests: 1 HTTP requests in this frame

Frame: https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.html?messId=fD0FOGBOPFObsPt3Z9Z0&lang=no&size=300x250&clickTag=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTIH7BwJNY56zHcrA7gPqnZLIDbb23sVsvbuFhaoO7Y78wgMQASDY6rYgYMOEgICYGKAB3cLr_wLIAQmpAkrH2hoSI3k-qAMBqgSHAk_QqnT75hNWw32wje_KVvkBu06HCTJd3_gtdxKhbmhOZDhx3nhZVBTQeE8pdq-yxLL2ioFOP6zT1bMzh1TjHV6zHLAOaTakS0h2UJuXYaKPl9MfcGTAaLN5gIIOWfpBeiGPhj5vBdkAH-XdkhtrbZV0olEaudvfFwDDszvrwl4iBsenI-72w-z3YnYlknZOixYq1MWthw6KHL7V4zVelxFGlGgNjwA7Tqh7sVEm_ePR3IC-eSGnX-AHzscJMzX7nKMzjR1bRKuczEvCGfEma42OyJcKoUuNAg-txNF6H1ParPdCTpEL1DuXfY3bW7khlOyG_8PA_ZmgQ1pwxa6uzf-4leBfv-opwATf6oLvyQPgBAOQBgGgBk2AB4u9lIABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiIYRABGB0yA4qCAToCgEDyCBthZHgtc3Vic3luLTU1MzU1MjE3NzY4ODY3MjmACgOYCwHICwGADAGwE8T6yRDIE9jFgt0D0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg%26sig%3DAOD64_2XSJwAX_q58DYVUA-pum2iWDf4HA%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-CK5f-LzEnzcdeBI49-HJgXLb4IrJnqQmYPHHL541ql1kYGfcrxnSZy7XrpUB89qFen7s2TIeQfVqswc4UArUVWfSTxr7wNa6To6yMQreZ4kN8Kj75gpG4QfJecvbhbSh31gKdB0GlXH3oHUiIr6Gh2KkuOx6D4IvPanrOtD3V5sdR8aCY%26cry%3D1%26dbm_d%3DAKAmf-AwEP0GMDg5jTfg2_xEp5zYaHW_reMdbUuUtrLD4oGQTjHeVS66ykpgjKrTWOmltxcB71wmdQ0NH3t-1TWl5a7_Ji8lCVKUKxd3G7yhDQAm4kGWw0xx5ZN2QL2Jxp_wSAzUQ-OnoOC783ZaP5SG5PgDZ8tsvuqMPtChMuqutDFRjc7aRUPd72SltNetxlmRPP27xtc7vi-AX8zAI2ZNS68tNaGwfyC_ZyOc1w7sWhfhHg5tOpl8Dm9ycIapBOAtOhOyhq-Co67e3Xo8B3xLcXIhvW0MY-hrNbGUcMrASKtjfVT8eLjQ5hEhrJJskKH2J-v2ZzTM1lDjQD5tTqB2UFrOjwfDEx64v42Ik5SJgjBsGGfiUiCwvPW7Ou8fZfp6jdKSesQNP2TZEK5zc9TXpNtpGB2cC7lx0RJYGxAaXMS6764nv6c7jjNseXX6FXhrJQsow0JeGThY4_zzNsv60aO7QgAFIEaMQ7oeA_2YEjqJl4ARdi4ZO6EoSSr29xd0NWEC6ISZucIMD6W-IauS0pZi3ZS1MwMCyhjIta0Vz4bY0dB3P2U%26adurl%3D
Frame ID: 86296492A4DC1A76E8AA56AF9A32A579
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 63DDFE752AE444533CC7C859F1E22BE3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E0ABA67A0D08BAC7EB9EA7A3F9BE1035
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.539.0_en.html
Frame ID: 84666A06D77FBBC0380C84F5F86D89EF
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: FCE1D2DEBBF333D161ED3D4AEDCDABB1
Requests: 1 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/fonts/16bf8d7f/3_cb19957205cb8dd9b8c6a45e451a34a854cdff86c97628846dddfb1f39a9a519/adineuePROCond-Bold.woff?subset=AEGIJNPRS
Frame ID: 98B73CB528039A756F1B04AAC4D8F2CE
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wegotthiscovered.com&gdpr=0&gdpr_consent=
Frame ID: 3D7D49E7944DED140280978032F482F7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E530C20F249B147EE8385D6735747D9E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F75BB6F1399D0A5DD5A0F07AA389A6E6
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr_consent=undefined
Frame ID: 52C688FC2219E4FAF855795E539D74E6
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E3F8DD3E00FCE71BAFF90AFBAB136411
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 6645C70E8C79E554050340B3CA92F16D
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Frame ID: 3781220EA2FA298D5589EF3ECE299271
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 0803C2442398596C347140915D2F1B20
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: DC7157D9585D9D4075786D9DDC08F277
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 9B37C0B1F0E64F76427AEE6FADD788C9
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: B0EED0D1A303C831DBC973975FDB014B
Requests: 7 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aARC5I0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: CBD36B29A8AAAAB347C309C237FAA957
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: C6B9167684ED16FBA8F66949C5AF232B
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 1918BC023223313CEEE5C8266561DC35
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aq47yi0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 779671C01D642CE544C5327D591733B5
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 0DACE6F69F50A482D65DA8ABE777432D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Movie News, Gaming News, Blu-Ray News, Music News, and TV News | We Got This CoveredArrow Left #1 IconArrow right #1 Icon

Page URL History Show full URLs

  1. http://wegotthiscovered.com/ HTTP 301
    https://wegotthiscovered.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

561
Requests

89 %
HTTPS

0 %
IPv6

109
Domains

181
Subdomains

142
IPs

11
Countries

5606 kB
Transfer

13524 kB
Size

113
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wegotthiscovered.com/ HTTP 301
    https://wegotthiscovered.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 138
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@3.0.3/dist/web-vitals.iife.js
Request Chain 192
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dadaptmx%26proper_uid%3D613ccf2b-104a-47e3-8359-b3eb18fcde46%26uid%3D&&callback=window.proper_edb0c162_05522647_2 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=613ccf2b-104a-47e3-8359-b3eb18fcde46&uid=85771e22-245e-4bd9-a348-d2c57530031e&gdpr=&gdpr_consent=&us_privacy=
Request Chain 193
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D613ccf2b-104a-47e3-8359-b3eb18fcde46%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_9fcc9409_6a1a9710_3 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D613ccf2b-104a-47e3-8359-b3eb18fcde46%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_9fcc9409_6a1a9710_3 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=613ccf2b-104a-47e3-8359-b3eb18fcde46&uid=fd40c209-fe0b-47c3-874a-27d345d44587
Request Chain 279
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&dcc=t
Request Chain 298
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=fd40c209-fe0b-47c3-874a-27d345d44587
Request Chain 299
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3089927759418831000V10
Request Chain 300
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=75b303cd
Request Chain 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
Request Chain 304
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 305
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3710936749595118862
Request Chain 309
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=eS1vVmJWelJGRTJ1S1BqamNkNl9HRnV5aE1wT2QuU0pheH5B&
Request Chain 310
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 321
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RmZxM3RQWkhnVXJScW5CcVExQ2JXamtL&gdpr=0
Request Chain 322
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAMkN07GmgQAACC9prZjfA&gdpr=0
Request Chain 323
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=5124322323441471753
Request Chain 325
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6707861486997632952
Request Chain 326
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5f02736b-84f1-4d1a-98e5-26b5034ea202&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=fd40c209-fe0b-47c3-874a-27d345d44587 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=fd40c209-fe0b-47c3-874a-27d345d44587 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=fd40c209-fe0b-47c3-874a-27d345d44587
Request Chain 327
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28mYp-eV-H2jazLP7aoj9WdqdhzyVPjahM4XuGa6HAPxMQNy3djVuJZ7N81Vp5CqH8%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28mYp-eV-H2jazLP7aoj9WdqdhzyVPjahM4XuGa6HAPxMQNy3djVuJZ7N81Vp5CqH8%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_5f02736b-84f1-4d1a-98e5-26b5034ea202&obuid=ENC(mYp-eV-H2jazLP7aoj9WdqdhzyVPjahM4XuGa6HAPxMQNy3djVuJZ7N81Vp5CqH8) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://creativecdn.com/cm-notify?pi=outbrain&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=Rxv13bX84CQbZMPwfucR&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA
Request Chain 329
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-fc783da8-c1c9-4378-4a1c-1ecea9692f9d$ip$178.255.148.172
Request Chain 330
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-knYImaBE2pel6Nb.zyBCJplaXvFa0vRw5Jpj~A
Request Chain 331
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=60b6a5aa-9fb2-40f7-8e5d-9111aabb026b
Request Chain 334
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5f02736b-84f1-4d1a-98e5-26b5034ea202&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 335
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=47e86614-5e44-428d-b6eb-6ec5b1af9d5d
Request Chain 336
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1665991176152 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4878863135
Request Chain 337
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=gsCglYhOqayW&ev=1&pid=558355
Request Chain 338
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=7257882633351935861
Request Chain 340
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=15ef634d-0208-4900-81d7-51cff97ccef3&gdpr=&gdpr_consent=
Request Chain 341
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=Y00CBwAAALFipQAW HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y00CBwAAALFipQAW&gdpr=&gdpr_consent=&_test=Y00CBwAAALFipQAW
Request Chain 346
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y00CCMCo5ukAAP.-eRIAAAAA
Request Chain 347
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y00CB57oA85I5ypaqBa9wwAA%264378
Request Chain 348
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=Rxv13bX84CQbZMPwfucR&pi=gumgum&tc=1
Request Chain 349
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 352
  • https://b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__ HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=z&userid=
Request Chain 353
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=6707861486997632952&pn_id=an
Request Chain 354
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=16187c8e-675a-42ea-9ea1-b23851e32350&gdpr=&gdpr_pd=&gdpr_consent=
Request Chain 355
  • https://sync.srv.stackadapt.com/sync?nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=6m46KvFESVp5zXQKTox9vrL_lKw&gdpr=&gdpr_consent=
Request Chain 358
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y00CB57oA85I5ypaqBa9wwAAERoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOh4z323h_EYOSF97aVxvjY&google_cver=1
Request Chain 359
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y00CB57oA85I5ypaqBa9wwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDSjWQjiaH10uoU8zpn6zk4&google_cver=1
Request Chain 360
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=ba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Dba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=ba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Dba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=ba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Dba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=ba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Dba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=ba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f&gdpr=0&gdpr_consent=
Request Chain 361
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=index&bsw_custom_parameter=fd40c209-fe0b-47c3-874a-27d345d44587 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=index&expires=10&bsw_param=fd40c209-fe0b-47c3-874a-27d345d44587 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=fd40c209-fe0b-47c3-874a-27d345d44587
Request Chain 373
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=634d020751aff&pixel=&advId=94&advUuid=0cd0eb1c-4dec-11ed-a8d0-1dbc55590006
Request Chain 379
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=634d020751aff&pixel=&advId=99&advUuid=Y00CB57oA85I5ypaqBa9wwAAERoAAAIB
Request Chain 382
  • https://ups.analytics.yahoo.com/ups/58627/occ HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-BN9y7QBE2uFdJuyPogQ5TE0GoKsaU.DmY2EBR34-~A&advUuid=y-BN9y7QBE2uFdJuyPogQ5TE0GoKsaU.DmY2EBR34-~A
Request Chain 383
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=634d020751aff&pixel=&advId=105&advUuid=6707861486997632952
Request Chain 384
  • https://mb9eo.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
Request Chain 385
  • https://cs.media.net/cksync?cs=34&type=pri&ovsid=634d020751aff&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D1723987475%2526pcid%253D%3Cvsid%3E%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=634d020751aff&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA
Request Chain 387
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=1&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%263rdpcid%3D14ee1d767274c6f439a51aab8aa60b2&advId=134&advUuid=14ee1d767274c6f439a51aab8aa60b2
Request Chain 388
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D793790479%25263rddpi%253D2136778551%25263rdpcid%253D%5BUID%5D%26advId%3D138%26advUuid%3D%5BUID%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D2136778551%263rdpcid%3D3ecec759-cbc4-45f2-b4a6-da9db333e415&advId=138&advUuid=3ecec759-cbc4-45f2-b4a6-da9db333e415
Request Chain 412
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/13FcErHhrPfOfs2XxbdDUA?csrc=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1727161173976041085
Request Chain 413
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=q4H_saB7SB2ulAbywdMz2g&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=q4H_saB7SB2ulAbywdMz2g&gdpr=0
Request Chain 415
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=w2T0c8tPRACKocYqJCSM0g&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=w2T0c8tPRACKocYqJCSM0g&gdpr=0
Request Chain 416
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjZmNjZkNjYzZWFiYzUzZDY4NzllZmQxYzAzNzNiNmZkNTQwNjkwNw&gdpr=0&us_privacy=1---
Request Chain 417
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9CG4P8O-3-HITT&gdpr=0&us_privacy=1---
Request Chain 418
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlDRzRQOE8tMy1ISVRU&gdpr=0&us_privacy=1---
Request Chain 419
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHUlKqJSK4oxraqtcq027Vw&google_cver=1
Request Chain 445
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDSjWQjiaH10uoU8zpn6zk4&google_cver=1&gdpr=0
Request Chain 446
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y00CB57oA85I5ypaqBa9wwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDSjWQjiaH10uoU8zpn6zk4&google_cver=1
Request Chain 447
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEJmhlk5XdRqCQuu1GkoKmB4&google_cver=1
Request Chain 448
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcwNzg2MTQ4Njk5NzYzMjk1Mg%3D%3D
Request Chain 449
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECSzFZo75hbxC6aQFdIpNTA&google_cver=1&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESECSzFZo75hbxC6aQFdIpNTA&google_cver=1&gdpr=0
Request Chain 450
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDI1NGI4YzYtNDhiMS0yZmE0LWZjZjQtNmQ1MzFiNWRiYTM1
Request Chain 451
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEBc4QDwd-USkc2iHGLWS-nE&google_cver=1&gdpr=0
Request Chain 459
  • https://fw.adsafeprotected.com/rfw/bgd/1187894/65962642/xbbe/creative/adj?p=APEucNUJq12RY64ys5UrhkeuX4F_EnRQwts9Az3I5_PvoM8WlY28ovY&d=CokBAKAmf-C8d-1Q1h8qUAutMYJ0PQkStKNxTNVTmfB6EgOvwVqplUujGvBLnlkpFcNR66BWx0f8ZNhZ9hU8UfSxdXPNBf50cihqvz9dNY7TNhSAwDLDkUQWLfiZySe32P0_TgUCpCCsncGgkznKcNAEYwC1aGHwUUm7ob4ntj7lR5Qh8GNHClcuTyMSqRQAoCZ_4PRkKbMKfzNHp6_h_IlvnpYYfdnA7XoPG4id3Rx_R_-Xd8JI4ZGDERajGJ2Y7ZijvJnjT_C-fFaPsVV8e7lULBf5Y3JCqnAWu2CIU-uqmLCiCrdhvuS-avlgv-7wZsKvEZXHelDeNLM5r95VQtqDUDZr_N9qLzPteaAXGBBGoWBP_93QiGcJhF-ZKaIzo_SOeLm3ARZzkOiNm5PfuRBAIA_d_ngAN7UV8v3qBCOBwuq5Js1-NCTAnSde3_qAvQN7A0bKnPl_qwZCapHNzaOzcXHKU5i5r1CkXtWYYakRpiAJ5PTkvxKyxeTuaHGcNYvWukSwpSQ-B9F3KZNl3Sx43bQxyXH5BSIbz2wyJLnKWYBlg4t-IrS16dH7sP8xAfr7bTSIbe9KDsqKMfScgVc0_jt5m5KSO7UpoNtf_Bfqlnw5rCAJIu7sC7cCe1lNvNe0gnMZzI5rdkIMT3e8sNW8GlxDOeoN3Dr9Sa62Wrd2HJzuL3IDfKBk_L0x7VmJv56PJDqVeUBQxCzU6dvDYwqXh-F8pfMmcfhAPz_pl3Mxtqk8hCpqtWcUPhT-ZG58W7WthZM1Njc7jQH6lwQEwQwH4Iy44cexQxEFddhdAtvAQ9l2NomNcug91E7odcmAMedeolagFnRnJn7txsRqhMWXa7qdaTZQwgLtLhq7OBWTxC6DrRt31zypG7LNaq8_JzQ8WTG4FNq8dKnS8I7rSpIr0Vy0W0BQ4nZNLmi6TqETv3sZfcGNS5z1q-V3xhJcF_p32-5xEvU5KaDVDkWpaUNjFp6sglRj9kmW3RglDoqOFpDiy9DyRqB_8uKjDypc64jCA059LVk-FwIZ1RApzdfhK-Jezx-gLgdQaiMfVxsn-7AxLroiKxqbKCh4Jn5N6JKanUd81xb_zj5fe3EKq8Bm2p1tCF4CpaUbvRXisZAwdedLwOyp6-ZQkHoBVWru4jfW2br6SPfnJfpDHtpDWm2J6lgMptLkvU9jBABq7_zLzKgf9I-o2E77oJXbz4KuL20TKBz8jPdd6symPODs-p1L1lii42m6YBj7_mP89k5haQI3YCRVPPv4ynrxTMGws-FaECETVvYYi4Xq_cqySuMbnK7sJISbtbTzLtBGATh9ogRPawyMK2ju2h98CqTwcHjBk0PMXx-9vRYhRjUdnTd7eh6qo-f0EfynzuEMniHPmR9nqvxVzkz5cZohZKtHdUbEsnmr2zQ_Y_snx3zI9RBumJTo_pgFTVKSZ6vp1920HpqPKKc41E9pS-JgJzVGGX_ag97uvCM0xqjkYDKEDy-g5rAybkH5xIGzR6T2q2kqQEBOMBCrTBskBdp6T_NvepIUapRRRYA8dr6qy43IzGd3_9aGIETEqWMYrUqoHqDJilopkef07tN4ko6WhWfrDXHdme0P0jPktr1oZuFjIDK-1MjhkCFnHgC7B3MM0sST4_ybdoIdY3V8luugfJLGoFg3HrEoOhA6BUto6uGj-_Z7Hn417g7A2zEWchImoEd1KvMPMfHQ46vKWN6nuqG8Tmzu4OPjIoofRTZdh3eA9mKfM49dUNhpdlYROk3n3CaOsMercbyQK-hREjc_pd_tY1ziGU5I1PYRBTh5TY17MMtq1-Z8v8s-Pz6164-dhg2yB6VcdwDx840t6v7j8rOlytbDz4exQBhPbKjeodl1-KVV3GgPCSdcHrS-YATYIuH6TxV2o0Fa3xPH-bigmK-hzYDzQm-4vh1borv-A3AuF7URb2PK4PBTCqQjmm0JHnHsWpEs4HTyYEuCJ2MBR6iiOdGcS3H-FteN9j5HPis3DjQTmZBTI1IqE8dA8jg0Rm1yrlhOIrHBBg-WcV2vPLsf6HUqRTm2cDBfa_2sC2mSLmDNImtpI9asUVQ2BwQoQqTsowfpZipVPRRrqZ4kuMNPJLF5GMpzPbmqxpwIKpoF3lHwxjQvZMJn7jNoTPDMZKupVJ5phSe7EL09Hbx15yJomPW6XhHIiavTDVaueFvz4-9toeg5j3jDJae2RfNWkpylU-FeVEM7nXt08womw5rYx7wKTyVlYJwCvHN6-rhbH_Uo8G8CRkmHQGBdCI87FMQlaSBhehVO2UEHttsBG5aQzZPjgRjRClZsUqhnWBlZiDq7j3kSR4IiV1FcoHFnGXn68T3CxF81IT2cmog1EKh6pEspeEKZNFid8anXwouvSFQun2exawqV-9ZwZuO6mVvF1ctnLgUOSNml_SvgJ908zFfC1Fl83x6c4E2gghRanc_Ku5gA7mgsdG8jSyaSrZ5W3xOENwBLi5j_zVhHCYniMEPD1OWuXjGLylhHzrDyx4XaaE2MCLf4DYuwBEU5IE1TzkLMRWbrkxUTpFAQKgXjL6mESkvVsMhjz1VTP8Gu5Y57hKYMDgRol5OzbhHs6NHR_lCh2mWqajLSiqrjvnBOONak6SDEUjQqCi-0Lc4yR_GVu57GNa89AbVP5CmpZI6kj2DnCC1J4-qPm-GkaURg-0exV7FJkr3wYyWx-73b6GqBef22nqaURrnme61kDp0Ik70t-YjO41Gd1ZDLhbDHXfVewpYmg3M7NkBGpTcxc1r_ObclmZB-aPtkSJ3kirpApP7ebGQuFpwNZDpkA3j65UDrL84AEIneX4dIYyiTI-NJQ9LHiC1jiukm48tpWbY8z_ltBfz1HC3mOXDmF1Edhu92l1mpIX6XR7Ru7WI2_FT8qSIWnZGwpbPSmeBt6Pm94drv1rE0smE8jNu3WxkSR0DcbisA2d9UzFTRRKxpJ5c6hPLroCJredsGAwEZX-cqLPNqDUhlWtu3tk2V1PzMbRkwxWFYV2DFoBmgB6zN3AhdBZ8NvmF71f4LiiZ1o7HZ7vj7CBGwj9zWaTcEgUcATVWwN-6z9g3Q3GPEbLYHuibOIifBYdhMwR37wSw458Iie7E9QUYfIHso7cGPkePSUxnhQoAElrm0xlZIQq5VijEOcGhmpRAfYT-AyUKPeGmAKSzdTSHFtJffp5OULK2549hMv2MY7oyqFA4GaQgoqR34pz-W1AKvESheGgwhqEcVIlmeWhEkFCx4gcINEeqrMTptWcSXq6hrPP-O2I-hPGRIliPRYl7C35XlsSXjAFPGFSXR4U6y_u0_kjBLbN_wmlSis-p4iDhfgf5Q9nWf6Yh31xTLSgNVwFPI31ibbFluOLunON_1zkagJFVsKY3WalPr9dpIWgYUKzSso5p6rDVxRlHY6ShjAfsOngQ0nt7isWVhKYq_r2W6ukjSW6-QePEgZfhYznGZ6XbiIbzL55MDfg2wr41v87onsg9Bbmm5BOfKFvRFYcNU-wxAU-npihEZ9cAOmRH_742hjYyxohMY1qS45vKy0O_C3FSXqHLXj0VOHbtKNvyD0z5x1lnx3gADzpZcDHuJZpuLfiJlvWC9TbrAMuD48PW7KMDNC8IPmlfoFIgeQ9u_Zba8INr6V77uN4HQADoaRggEEj4A6tujfT3uQpXVgow27E-OwyXQEazWtRT8Z5cBHsRG6-7xRr3vIuPwPQpwCVu7XifL5hAzi7AB1gEoPkKs9BgBIA5gAQ&ias_dspID=3&ias_campId=1008940221&ias_pubId=pub-6897902191714833&ias_chanId=1&ias_placementId=18267969278&bidurl=https://wegotthiscovered.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hvaL4OoYTPP1dI34g2SKpH&adsafe_url=https%3A%2F%2Fwegotthiscovered.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:1f4abc1e-fad9-55bc-6ec7-e8018ce40ae1,c:rhCzri,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765f644cdf-f7v26,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:rHRbA1,mtim:3,mot:0,app:0,maw:0,fm:tkvfcd4+11%7C12%7C13%7C14%7C15111%7C15112%7C15113%7C15114%7C15115%7C15116%7C15117%7C15118%7C15119%7C1511a%7C1512%7C1513%7C1514%7C1515%7C1516%7C1517%7C1518%7C1519%7C16%7C17%7C181%7C1821%7C183%7C184%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e*.1187894-65962642%7C1e1,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:23,oid:0e505734-4dec-11ed-853c-26350697d102,v:19.8.355,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUJq12RY64ys5UrhkeuX4F_EnRQwts9Az3I5_PvoM8WlY28ovY&d=CokBAKAmf-C8d-1Q1h8qUAutMYJ0PQkStKNxTNVTmfB6EgOvwVqplUujGvBLnlkpFcNR66BWx0f8ZNhZ9hU8UfSxdXPNBf50cihqvz9dNY7TNhSAwDLDkUQWLfiZySe32P0_TgUCpCCsncGgkznKcNAEYwC1aGHwUUm7ob4ntj7lR5Qh8GNHClcuTyMSqRQAoCZ_4PRkKbMKfzNHp6_h_IlvnpYYfdnA7XoPG4id3Rx_R_-Xd8JI4ZGDERajGJ2Y7ZijvJnjT_C-fFaPsVV8e7lULBf5Y3JCqnAWu2CIU-uqmLCiCrdhvuS-avlgv-7wZsKvEZXHelDeNLM5r95VQtqDUDZr_N9qLzPteaAXGBBGoWBP_93QiGcJhF-ZKaIzo_SOeLm3ARZzkOiNm5PfuRBAIA_d_ngAN7UV8v3qBCOBwuq5Js1-NCTAnSde3_qAvQN7A0bKnPl_qwZCapHNzaOzcXHKU5i5r1CkXtWYYakRpiAJ5PTkvxKyxeTuaHGcNYvWukSwpSQ-B9F3KZNl3Sx43bQxyXH5BSIbz2wyJLnKWYBlg4t-IrS16dH7sP8xAfr7bTSIbe9KDsqKMfScgVc0_jt5m5KSO7UpoNtf_Bfqlnw5rCAJIu7sC7cCe1lNvNe0gnMZzI5rdkIMT3e8sNW8GlxDOeoN3Dr9Sa62Wrd2HJzuL3IDfKBk_L0x7VmJv56PJDqVeUBQxCzU6dvDYwqXh-F8pfMmcfhAPz_pl3Mxtqk8hCpqtWcUPhT-ZG58W7WthZM1Njc7jQH6lwQEwQwH4Iy44cexQxEFddhdAtvAQ9l2NomNcug91E7odcmAMedeolagFnRnJn7txsRqhMWXa7qdaTZQwgLtLhq7OBWTxC6DrRt31zypG7LNaq8_JzQ8WTG4FNq8dKnS8I7rSpIr0Vy0W0BQ4nZNLmi6TqETv3sZfcGNS5z1q-V3xhJcF_p32-5xEvU5KaDVDkWpaUNjFp6sglRj9kmW3RglDoqOFpDiy9DyRqB_8uKjDypc64jCA059LVk-FwIZ1RApzdfhK-Jezx-gLgdQaiMfVxsn-7AxLroiKxqbKCh4Jn5N6JKanUd81xb_zj5fe3EKq8Bm2p1tCF4CpaUbvRXisZAwdedLwOyp6-ZQkHoBVWru4jfW2br6SPfnJfpDHtpDWm2J6lgMptLkvU9jBABq7_zLzKgf9I-o2E77oJXbz4KuL20TKBz8jPdd6symPODs-p1L1lii42m6YBj7_mP89k5haQI3YCRVPPv4ynrxTMGws-FaECETVvYYi4Xq_cqySuMbnK7sJISbtbTzLtBGATh9ogRPawyMK2ju2h98CqTwcHjBk0PMXx-9vRYhRjUdnTd7eh6qo-f0EfynzuEMniHPmR9nqvxVzkz5cZohZKtHdUbEsnmr2zQ_Y_snx3zI9RBumJTo_pgFTVKSZ6vp1920HpqPKKc41E9pS-JgJzVGGX_ag97uvCM0xqjkYDKEDy-g5rAybkH5xIGzR6T2q2kqQEBOMBCrTBskBdp6T_NvepIUapRRRYA8dr6qy43IzGd3_9aGIETEqWMYrUqoHqDJilopkef07tN4ko6WhWfrDXHdme0P0jPktr1oZuFjIDK-1MjhkCFnHgC7B3MM0sST4_ybdoIdY3V8luugfJLGoFg3HrEoOhA6BUto6uGj-_Z7Hn417g7A2zEWchImoEd1KvMPMfHQ46vKWN6nuqG8Tmzu4OPjIoofRTZdh3eA9mKfM49dUNhpdlYROk3n3CaOsMercbyQK-hREjc_pd_tY1ziGU5I1PYRBTh5TY17MMtq1-Z8v8s-Pz6164-dhg2yB6VcdwDx840t6v7j8rOlytbDz4exQBhPbKjeodl1-KVV3GgPCSdcHrS-YATYIuH6TxV2o0Fa3xPH-bigmK-hzYDzQm-4vh1borv-A3AuF7URb2PK4PBTCqQjmm0JHnHsWpEs4HTyYEuCJ2MBR6iiOdGcS3H-FteN9j5HPis3DjQTmZBTI1IqE8dA8jg0Rm1yrlhOIrHBBg-WcV2vPLsf6HUqRTm2cDBfa_2sC2mSLmDNImtpI9asUVQ2BwQoQqTsowfpZipVPRRrqZ4kuMNPJLF5GMpzPbmqxpwIKpoF3lHwxjQvZMJn7jNoTPDMZKupVJ5phSe7EL09Hbx15yJomPW6XhHIiavTDVaueFvz4-9toeg5j3jDJae2RfNWkpylU-FeVEM7nXt08womw5rYx7wKTyVlYJwCvHN6-rhbH_Uo8G8CRkmHQGBdCI87FMQlaSBhehVO2UEHttsBG5aQzZPjgRjRClZsUqhnWBlZiDq7j3kSR4IiV1FcoHFnGXn68T3CxF81IT2cmog1EKh6pEspeEKZNFid8anXwouvSFQun2exawqV-9ZwZuO6mVvF1ctnLgUOSNml_SvgJ908zFfC1Fl83x6c4E2gghRanc_Ku5gA7mgsdG8jSyaSrZ5W3xOENwBLi5j_zVhHCYniMEPD1OWuXjGLylhHzrDyx4XaaE2MCLf4DYuwBEU5IE1TzkLMRWbrkxUTpFAQKgXjL6mESkvVsMhjz1VTP8Gu5Y57hKYMDgRol5OzbhHs6NHR_lCh2mWqajLSiqrjvnBOONak6SDEUjQqCi-0Lc4yR_GVu57GNa89AbVP5CmpZI6kj2DnCC1J4-qPm-GkaURg-0exV7FJkr3wYyWx-73b6GqBef22nqaURrnme61kDp0Ik70t-YjO41Gd1ZDLhbDHXfVewpYmg3M7NkBGpTcxc1r_ObclmZB-aPtkSJ3kirpApP7ebGQuFpwNZDpkA3j65UDrL84AEIneX4dIYyiTI-NJQ9LHiC1jiukm48tpWbY8z_ltBfz1HC3mOXDmF1Edhu92l1mpIX6XR7Ru7WI2_FT8qSIWnZGwpbPSmeBt6Pm94drv1rE0smE8jNu3WxkSR0DcbisA2d9UzFTRRKxpJ5c6hPLroCJredsGAwEZX-cqLPNqDUhlWtu3tk2V1PzMbRkwxWFYV2DFoBmgB6zN3AhdBZ8NvmF71f4LiiZ1o7HZ7vj7CBGwj9zWaTcEgUcATVWwN-6z9g3Q3GPEbLYHuibOIifBYdhMwR37wSw458Iie7E9QUYfIHso7cGPkePSUxnhQoAElrm0xlZIQq5VijEOcGhmpRAfYT-AyUKPeGmAKSzdTSHFtJffp5OULK2549hMv2MY7oyqFA4GaQgoqR34pz-W1AKvESheGgwhqEcVIlmeWhEkFCx4gcINEeqrMTptWcSXq6hrPP-O2I-hPGRIliPRYl7C35XlsSXjAFPGFSXR4U6y_u0_kjBLbN_wmlSis-p4iDhfgf5Q9nWf6Yh31xTLSgNVwFPI31ibbFluOLunON_1zkagJFVsKY3WalPr9dpIWgYUKzSso5p6rDVxRlHY6ShjAfsOngQ0nt7isWVhKYq_r2W6ukjSW6-QePEgZfhYznGZ6XbiIbzL55MDfg2wr41v87onsg9Bbmm5BOfKFvRFYcNU-wxAU-npihEZ9cAOmRH_742hjYyxohMY1qS45vKy0O_C3FSXqHLXj0VOHbtKNvyD0z5x1lnx3gADzpZcDHuJZpuLfiJlvWC9TbrAMuD48PW7KMDNC8IPmlfoFIgeQ9u_Zba8INr6V77uN4HQADoaRggEEj4A6tujfT3uQpXVgow27E-OwyXQEazWtRT8Z5cBHsRG6-7xRr3vIuPwPQpwCVu7XifL5hAzi7AB1gEoPkKs9BgBIA5gAQ
Request Chain 513
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=5EB2B8ACC657422FBCA26634C48814BA&RedC=c.clarity.ms&MXFR=0A5A96FD24836A37365F84BD208364D3 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=5EB2B8ACC657422FBCA26634C48814BA&MUID=2F983B5D44E66CC7130E291D45B16DFE
Request Chain 552
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=15ef634d-0208-4900-81d7-51cff97ccef3
Request Chain 553
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=3Cn_Bdoo-1fHf_xS0y_mANsprgfHe_JYjiksQvck
Request Chain 554
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2649579307043192526
Request Chain 557
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECSzFZo75hbxC6aQFdIpNTA&google_cver=1

561 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wegotthiscovered.com/
Redirect Chain
  • http://wegotthiscovered.com/
  • https://wegotthiscovered.com/
165 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28930a94473be1f9279f53a47e850ed938db6da5692cc554b34713083d9b156e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-apo-via
origin,no-cache
cf-cache-status
BYPASS
cf-edge-cache
cache,platform=wordpress
cf-ray
75b744303e470b02-OSL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 17 Oct 2022 07:19:32 GMT
link
<https://wegotthiscovered.com/wp-json/>; rel="https://api.w.org/"
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
75b7442d9ad60b4d-OSL
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 17 Oct 2022 07:19:30 GMT
Expires
Mon, 17 Oct 2022 08:19:30 GMT
Location
https://wegotthiscovered.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 18:23:36 GMT
x-content-type-options
nosniff
age
564956
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16256
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 10 Oct 2023 18:23:36 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 06:07:11 GMT
x-content-type-options
nosniff
age
522741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14872
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 06:07:11 GMT
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:56:52 GMT
x-content-type-options
nosniff
age
300160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14932
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 19:56:52 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 18:18:05 GMT
x-content-type-options
nosniff
age
565287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 10 Oct 2023 18:18:05 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 15:45:49 GMT
x-content-type-options
nosniff
age
56023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14880
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Oct 2023 15:45:49 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
fonts.gstatic.com/s/oswald/v36/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v36/TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
81b683dd9d42cd417d7d9b29ab60b1d30c8f3b6d0cd6dde6587725805559a7d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 21:55:48 GMT
x-content-type-options
nosniff
age
552224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24052
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:31:25 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 10 Oct 2023 21:55:48 GMT
style.min.css
wegotthiscovered.com/wp-includes/css/dist/block-library/ 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Apr 2022 04:40:04 GMT
server
cloudflare
age
4575
etag
W/"624d19a4-145db"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
75b74439fefb0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style-index.css
wegotthiscovered.com/wp-content/plugins/dotesports-gutenberg-blocks/build/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/dotesports-gutenberg-blocks/build/style-index.css?ver=1641880874
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d409d40452e89d9d370724999a883b2c61e2a38756d16399f5a42b17ffebe74

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 11 Jan 2022 06:01:14 GMT
server
cloudflare
age
5601
cf-polished
origSize=5722
etag
W/"61dd1d2a-165a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
75b74439fefc0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
styles.css
wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/css/styles.css?ver=3
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33277ffb1c537988994e15918695f168d9b7ee59d5866f132731d3f5dfa35068

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 10 Jan 2022 00:25:52 GMT
server
cloudflare
age
4575
cf-polished
origSize=11163
etag
W/"61db7d10-2b9b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
75b74439fefd0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twitter-feed.css
wegotthiscovered.com/wp-content/plugins/wp-to-twitter/css/ 		1 KB
586 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/wp-to-twitter/css/twitter-feed.css?ver=5.9.4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a53bc33c39273359690f66fe69169c7f21746854db5a1541fb76bd1313e2122

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 19 May 2022 07:10:28 GMT
server
cloudflare
age
1837
cf-polished
origSize=1742
etag
W/"6285ed64-6ce"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
75b74439fefe0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
04269817a64ce1af.css
wegotthiscovered.com/wp-content/uploads/hurrytimer/css/ 		2 KB
844 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/uploads/hurrytimer/css/04269817a64ce1af.css?ver=5.9.4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ba6e1bdb4acee34e54dc147acabd1d0573218dbe12fc0fdf9148d45eacbbed

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 20 Jul 2022 16:24:28 GMT
server
cloudflare
age
1837
cf-polished
origSize=2782
etag
W/"62d82c3c-ade"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
75b74439feff0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wpp.css
wegotthiscovered.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 		391 B
308 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.4.2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
544655deb2ee0c64031ce29769c557f467a81dc635a70f19f348869a224fd8a3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Sep 2021 01:49:33 GMT
server
cloudflare
age
5601
cf-polished
origSize=1585
etag
W/"6141512d-631"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
75b74439ff000b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/ 		96 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/style.css?ver=21
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3172e5d863d06983bb8b757ac3964d31fabf43b9028cf39c6b926f1042ac94f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 28 Jun 2022 08:05:15 GMT
server
cloudflare
age
1837
cf-polished
status=cannot_optimize
etag
W/"62bab63b-17e08"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
75b74439ff030b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
responsive.css
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/responsive.css?ver=6
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37af83b7b3447b5e7b839c6406cbb743d9258ce5a11e65ad03381efd9cad1a71

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
76
cf-polished
origSize=41205
etag
W/"6282e35f-a0f5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
75b74439ff040b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
update.css
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/ 		1 KB
590 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/update.css?ver=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aa87ccf3a1419b793e70ac232b54165a20b868b04b90d91a61184f9c6e25d1c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
5601
cf-polished
origSize=1559
etag
W/"6282e35f-617"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
75b74439ff060b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wgtc-icons.css
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/icons/ 		1 KB
543 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/icons/wgtc-icons.css?ver=20210809
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4f27ebb0f237a1ae53cfeffa54619fb1c003abd679afb6660ce76e28cbedcad

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
1837
cf-polished
origSize=2507
etag
W/"6282e35f-9cb"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
75b74439ff070b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ml-social-buttons-colorful.css
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/css/ 		35 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/css/ml-social-buttons-colorful.css?ver=5.9.4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9fafd10b9c075cbd480ddbc7e48b43c24fb0d857277a5af1e967fefdca1c8f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
1837
cf-polished
origSize=39810
etag
W/"6282e35f-9b82"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
75b7443a2f2d0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
font.css
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/font/ 		441 B
263 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/font/font.css?ver=4.0.17
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c5a777ae5f019ccfc137e41a5ba673f03c52e28538ff33ecd31be1e8741709e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
75
cf-polished
origSize=1702
etag
W/"6282e35f-6a6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
75b7443a2f2f0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		4 KB
1023 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo+Narrow%3A400%2C400italic%2C700%2C700italic&ver=5.9.4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
3d65ddec06825d1ebc7e354b4fe88540c3f4e3cbac0e652fd6234a19eefa6688
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 07:15:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Oct 2022 07:19:32 GMT
main.css
wegotthiscovered.com/wp-content/plugins/aawp/assets/dist/css/ 		80 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/aawp/assets/dist/css/main.css?ver=3.18.2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3348a8ee1dbd57fad45698e5b6fb89c2fec31e8029bdaa35b835b2a79497f0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 29 Jul 2022 02:24:35 GMT
server
cloudflare
age
1837
cf-polished
origSize=81639
etag
W/"62e344e3-13ee7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
75b7443a4f4c0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
wegotthiscovered.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Oct 2021 13:31:32 GMT
server
cloudflare
age
1837
etag
W/"615c53b4-15db1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443a4f4d0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-migrate.min.js
wegotthiscovered.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Mar 2021 15:17:14 GMT
server
cloudflare
age
5601
etag
W/"6050cbfa-2bd8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443a4f500b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wpp.min.js
wegotthiscovered.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.4.2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ace4208545fb0ff5ea87fbe1470d3bf0af8e73d7d52fea869966c4b9d8c78a60

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Sep 2021 01:49:33 GMT
server
cloudflare
age
1837
etag
W/"6141512d-bc3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443a4f510b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-17178859-1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0b0536f3ab7c2d86d08672c1bff8619633b6d2517d8e71411ce374f40b376cce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
43490
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 17 Oct 2022 07:19:33 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.19.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-19-89.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 05:58:42 GMT
content-encoding
gzip
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
FRA56-P7
age
4851
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
-Tq8DK7jzd8qVfnmjhbs0NJ2dk3gOJn7RyeLQ1qb4Y3zhWSuLC5v0g==
expires
Mon, 17 Oct 2022 07:58:42 GMT
ads-prebid-banner-proper-outbrain.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		25 B
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ads-prebid-banner-proper-outbrain.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
1837
cf-polished
origSize=27
etag
"6282e35f-1b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443a4f520b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		164 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
25d2b6d716f6c8f6419a6125300c789b8d3e98790246821df596731db1d2ee61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54278
x-xss-protection
0
server
cafe
etag
10955672968945073444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 17 Oct 2022 07:19:33 GMT
tag
btloader.com/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5645585240555520&upapi=true
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d68ded511b0ec29073be0d212fd6478708778e7175153e06ce973b322f720c5d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Oct 2022 06:28:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3030
etag
W/"ac8bed0498963b937f643a69a2743f6e"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6wiKUd%2FbSzMMU9MKpSf%2BYb%2FRQGhiGgTCWDhLKMcfShLuWRBYX0DYBH%2BMXTP2QjOQ0fq1rByVHpWLcneLODgYPg8Np%2BTU7mR%2BR8cC9g8LO%2BtTirz9PDEuJbDPw%2FMjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray
75b744401d7efab4-OSL
ad-manager.min.js
hb.vntsm.com/v3/live/ 		1 MB
311 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-713.bunnyinfra.net
Software
BunnyCDN-DE-713 /
Resource Hash
45bb03d1c0234d1066d3fcfd2de8103b00fd71759a4ccb0a209081edb4dba4b6

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cdn-edgestorageid
713
cdn-cachedat
10/11/2022 14:11:07
cdn-pullzone
131999
last-modified
Tue, 11 Oct 2022 14:10:58 GMT
server
BunnyCDN-DE-713
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"99d59c49c6df1f35010841bf24e959c1"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
x-bl
0
cdn-requestid
d63818b8391fb0d1f1da058320371290
cdn-requestcountrycode
NO
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
555c5831361c4820ac95074518dd826bfe3d8656b4999a31ac5e8e0afbe4ff3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27647
x-xss-protection
0
server
sffe
etag
"1366 / 626 of 1000 / last-modified: 1665796911"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 17 Oct 2022 07:19:33 GMT
logo.png
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/logo.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd295e68be50a02352f50a968b8d76e6ce5b2754171c6e1ae231e34d6e6e023

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
4575
cf-polished
origFmt=png, origSize=4277
content-disposition
inline; filename="logo.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3710
cf-bgj
imgq:85,h2pri
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
etag
"6282e35f-10b5"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deafc0b02-OSL
emily-blunt-fantastic-four-john-krasinski-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/emily-blunt-fantastic-four-john-krasinski-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2306d78b774202daa2ededd0873d1b661cb411331dee4b4f957c94ae4fd2263

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
2840
cf-polished
qual=85, origFmt=jpeg, origSize=37116
content-disposition
inline; filename="emily-blunt-fantastic-four-john-krasinski-650x350.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26428
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 03:01:44 GMT
server
cloudflare
etag
"634cc598-90fc"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deaff0b02-OSL
alien-vs-predator-leaves-streaming-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/alien-vs-predator-leaves-streaming-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9d4401126316114976a03b5a4cbb6f3afc0c011786c3a78b88c081c84cb17c4

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
2840
cf-polished
qual=85, origFmt=jpeg, origSize=12380
content-disposition
inline; filename="alien-vs-predator-leaves-streaming-325x190.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9184
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 03:22:06 GMT
server
cloudflare
etag
"634cca5e-305c"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb000b02-OSL
she-hulk-attorney-at-law-finale-1-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/she-hulk-attorney-at-law-finale-1-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c355087a7f93e2ee470fd36378c8b9f34843cbfc7e83ab834b6eee218f6330

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=13369
content-disposition
inline; filename="she-hulk-attorney-at-law-finale-1-325x190.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8678
cf-bgj
imgq:85,h2pri
last-modified
Sat, 15 Oct 2022 06:15:48 GMT
server
cloudflare
etag
"634a5014-3439"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb010b02-OSL
rhaenyra-targaryen-house-of-the-dragon-red-keep-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/rhaenyra-targaryen-house-of-the-dragon-red-keep-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be4f858d0a3ad5660f598c4f361546437a459ccc399a6c68a958f7e0003d7994

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=4474
content-disposition
inline; filename="rhaenyra-targaryen-house-of-the-dragon-red-keep-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2846
cf-bgj
imgq:85,h2pri
last-modified
Sun, 16 Oct 2022 22:11:58 GMT
server
cloudflare
etag
"634c81ae-117a"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb020b02-OSL
jonathan-majors-kang-dynasty-avengers-grounded-1-225x135.png
wegotthiscovered.com/wp-content/uploads/2022/10/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/jonathan-majors-kang-dynasty-avengers-grounded-1-225x135.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
455a332b75d9d91f920cce6c87a8d05cb682f69a3aad04986bc9a8bf507fb994

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
origFmt=png, origSize=42945
content-disposition
inline; filename="jonathan-majors-kang-dynasty-avengers-grounded-1-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28192
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 01:18:39 GMT
server
cloudflare
etag
"634cad6f-a7c1"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb110b02-OSL
halloween-ends-box-office-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/halloween-ends-box-office-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34ecb7ef623a42fc54de0a4507e36de0384f0de391b9de25a68f0903b89a6800

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=9741
content-disposition
inline; filename="halloween-ends-box-office-1-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7704
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 00:52:01 GMT
server
cloudflare
etag
"634ca731-260d"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb120b02-OSL
isabela-merced-madame-web-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/isabela-merced-madame-web-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5924f525fe9bbf754240e3d9fc7ee3dc7e4d2973e981edc7c19c976d228fb38e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Sun, 16 Oct 2022 23:51:04 GMT
server
cloudflare
age
71
cf-polished
degrade=85, origSize=11868, status=webp_bigger
etag
"634c98e8-2e5c"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb140b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10209
terrifier-2-fainting-vomiting-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/terrifier-2-fainting-vomiting-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926846273f4dd0ea2ec93638b1470b8c708695bd34cb7a09f1b0bd34e5b2df2d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=7892
content-disposition
inline; filename="terrifier-2-fainting-vomiting-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4964
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 00:00:20 GMT
server
cloudflare
etag
"634c9b14-1ed4"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb150b02-OSL
halloween-who-kills-michael-myers-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/halloween-who-kills-michael-myers-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a81bd2425e5725039db450e784f4fa7cb512dbed007c21547a084fa4141e303

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=9432
content-disposition
inline; filename="halloween-who-kills-michael-myers-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7644
cf-bgj
imgq:85,h2pri
last-modified
Wed, 17 Aug 2022 02:37:16 GMT
server
cloudflare
etag
"62fc545c-24d8"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb190b02-OSL
Lady-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Lady-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ebf9870a51c84275abbecf380260c983fbbdbcff801b18cc6f112aeaafdf52f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=19470
content-disposition
inline; filename="Lady-1-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6804
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Oct 2022 00:23:33 GMT
server
cloudflare
etag
"63475a85-4c0e"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb1e0b02-OSL
halloween-ends-critics-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/halloween-ends-critics-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae879f1c8ff87a4f27a1482174aea8a471f8bcf1d464175d50f4c571149a6f4

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=10109
content-disposition
inline; filename="halloween-ends-critics-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7862
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Oct 2022 23:40:09 GMT
server
cloudflare
etag
"6348a1d9-277d"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb200b02-OSL
Aftersun-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Aftersun-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03e9dec725aab2d6419dcc153481fafd8b29a1dc57de9c17cc07c900c5240298

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=9347
content-disposition
inline; filename="Aftersun-1-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8674
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Oct 2022 00:30:11 GMT
server
cloudflare
etag
"63475c13-2483"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb250b02-OSL
Inland-1-Black-Twist-Films-225x135.jpeg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Inland-1-Black-Twist-Films-225x135.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45b5ee17b16a3d0e34c52bbaccee93001f0f4df87cee2a5a910a10ed21d3514e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=5385
content-disposition
inline; filename="Inland-1-Black-Twist-Films-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3950
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Oct 2022 00:35:45 GMT
server
cloudflare
etag
"63475d61-1509"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb260b02-OSL
significant-other-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/significant-other-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
431b5140c7a0b3e8424ae07fafec98128dd98361ea2d6855de13d2049ac28146

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=4138
content-disposition
inline; filename="significant-other-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2778
cf-bgj
imgq:85,h2pri
last-modified
Fri, 07 Oct 2022 09:00:25 GMT
server
cloudflare
etag
"633feaa9-102a"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb270b02-OSL
02_EXCL_BOI_21207-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/02_EXCL_BOI_21207-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e504a8f1e20ca3eaf9040377ccfc8dea2b30ff53b09984c6dbf71029dccfb3ae

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
70
cf-polished
qual=85, origFmt=jpeg, origSize=10139
content-disposition
inline; filename="02_EXCL_BOI_21207-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4842
cf-bgj
imgq:85,h2pri
last-modified
Tue, 04 Oct 2022 21:42:30 GMT
server
cloudflare
etag
"633ca8c6-279b"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb280b02-OSL
Alicent-Hightower-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Alicent-Hightower-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45281e337b45f62495d0fc72e21561e5952e1f2bdeea34dd433a1d1523282442

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=34820
content-disposition
inline; filename="Alicent-Hightower-650x350.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16150
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 06:18:12 GMT
server
cloudflare
etag
"634cf3a4-8804"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb290b02-OSL
house-of-the-dragon-aegon-coronation-325x190.png
wegotthiscovered.com/wp-content/uploads/2022/10/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/house-of-the-dragon-aegon-coronation-325x190.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db28fe433ca2b3f123fab12f4f5321994e683d29b1c936c0475fd2b654003a52

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
origFmt=png, origSize=95425
content-disposition
inline; filename="house-of-the-dragon-aegon-coronation-325x190.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58632
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 05:56:09 GMT
server
cloudflare
etag
"634cee79-174c1"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb2a0b02-OSL
Screen-Shot-2022-10-16-at-8.12.22-PM-1-325x190.png
wegotthiscovered.com/wp-content/uploads/2022/10/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Screen-Shot-2022-10-16-at-8.12.22-PM-1-325x190.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b8ede7b4966f6085a73ee7cdf54a83c9898d3f8609eff4dd7ff0626a7de56a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
2839
cf-polished
origFmt=png, origSize=89441
content-disposition
inline; filename="Screen-Shot-2022-10-16-at-8.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60896
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 03:22:59 GMT
server
cloudflare
etag
"634cca93-15d61"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb2b0b02-OSL
house-of-the-dragon-episode-nine-rhaenys-mvp-225x135.png
wegotthiscovered.com/wp-content/uploads/2022/10/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/house-of-the-dragon-episode-nine-rhaenys-mvp-225x135.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dcc3a70a58173edb52c239f825660330766559209a6c1d7ac01082da2d3d9f1

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
70
cf-polished
origFmt=png, origSize=52275
content-disposition
inline; filename="house-of-the-dragon-episode-nine-rhaenys-mvp-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33962
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 05:14:43 GMT
server
cloudflare
etag
"634ce4c3-cc33"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb2c0b02-OSL
Daemon-Targaryen-episode-10-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Daemon-Targaryen-episode-10-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4f62e43764347f7a96f4a243dbc3b79839a9953a756034abe8330597aad0584

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
2839
cf-polished
qual=85, origFmt=jpeg, origSize=14127
content-disposition
inline; filename="Daemon-Targaryen-episode-10-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4532
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 05:08:40 GMT
server
cloudflare
etag
"634ce358-372f"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb2d0b02-OSL
Screen-Shot-2022-10-16-at-8.12.22-PM-1-225x135.png
wegotthiscovered.com/wp-content/uploads/2022/10/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Screen-Shot-2022-10-16-at-8.12.22-PM-1-225x135.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
912ef6b184dac47e0d58acb8dfa85d752772c7a17a2f20edfbed9ee60f1bfef8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
70
cf-polished
origFmt=png, origSize=46524
content-disposition
inline; filename="Screen-Shot-2022-10-16-at-8.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31476
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 03:22:59 GMT
server
cloudflare
etag
"634cca93-b5bc"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb2f0b02-OSL
friend-of-the-family-jake-lacy-225x135.jpeg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/friend-of-the-family-jake-lacy-225x135.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45a8c2670b5333ea90954c5e64695f8f14d45f7050ba1c46a5a050bc332fecbf

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
70
cf-polished
qual=85, origFmt=jpeg, origSize=7631
content-disposition
inline; filename="friend-of-the-family-jake-lacy-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6440
cf-bgj
imgq:85,h2pri
last-modified
Fri, 07 Oct 2022 20:23:31 GMT
server
cloudflare
etag
"63408ac3-1dcf"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb300b02-OSL
werewolf-by-night-early-screening-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/werewolf-by-night-early-screening-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf39a3fb32574c7b3294edff576675f9f84c2dde6d27d2b2016949c2c215cb22

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
70
cf-polished
qual=85, origFmt=jpeg, origSize=5320
content-disposition
inline; filename="werewolf-by-night-early-screening-1-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3806
cf-bgj
imgq:85,h2pri
last-modified
Mon, 26 Sep 2022 20:28:34 GMT
server
cloudflare
etag
"63320b72-14c8"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb310b02-OSL
fate-the-winx-saga-season-2-2-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/fate-the-winx-saga-season-2-2-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec06d1dea042e8a925dda7af4f3e285ff3dd7ce3be72844a8c9050075c507249

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
70
cf-polished
qual=85, origFmt=jpeg, origSize=10884
content-disposition
inline; filename="fate-the-winx-saga-season-2-2-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7540
cf-bgj
imgq:85,h2pri
last-modified
Fri, 23 Sep 2022 09:10:21 GMT
server
cloudflare
etag
"632d77fd-2a84"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb320b02-OSL
ThaiCaveRescue_Netflix_TCR_102_Unit_02084_thumbnail-225x135.jpeg
wegotthiscovered.com/wp-content/uploads/2022/07/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/07/ThaiCaveRescue_Netflix_TCR_102_Unit_02084_thumbnail-225x135.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c9c22b208188ff00e5a8520e95e65aa736a7534ce0bc906b16825bd68069e0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
70
cf-polished
qual=85, origFmt=jpeg, origSize=80521
content-disposition
inline; filename="ThaiCaveRescue_Netflix_TCR_102_Unit_02084_thumbnail-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6182
cf-bgj
imgq:85,h2pri
last-modified
Wed, 27 Jul 2022 07:09:07 GMT
server
cloudflare
etag
"62e0e493-13a89"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb330b02-OSL
andor-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/andor-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d88eb7dfa5a5960ffb32e82ad1d8fbaff927875188e389f367dce124bce6246a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
70
cf-polished
qual=85, origFmt=jpeg, origSize=6756
content-disposition
inline; filename="andor-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5866
cf-bgj
imgq:85,h2pri
last-modified
Sun, 18 Sep 2022 10:21:16 GMT
server
cloudflare
etag
"6326f11c-1a64"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb350b02-OSL
9024C097-8FA6-4D8E-BF82-98BAB643377B-225x135.jpeg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/9024C097-8FA6-4D8E-BF82-98BAB643377B-225x135.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ce25e13cd9c8a7e7d706d11cbe8ae9f32e60e86c1ef64ce36e5bb78e8aa732a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
70
cf-polished
qual=85, origFmt=jpeg, origSize=9685
content-disposition
inline; filename="9024C097-8FA6-4D8E-BF82-98BAB643377B-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7140
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Sep 2022 21:52:55 GMT
server
cloudflare
etag
"631bb5b7-25d5"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb360b02-OSL
meryl-streep-broken-social-scene-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/meryl-streep-broken-social-scene-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7993f6e0cfa068d4670f4abaa1b2c974694337fe1cabfc365bf64c7af739746d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
2839
cf-polished
qual=85, origFmt=jpeg, origSize=13922
content-disposition
inline; filename="meryl-streep-broken-social-scene-325x190.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11092
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 04:39:33 GMT
server
cloudflare
etag
"634cdc85-3662"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb370b02-OSL
ellie-goulding-fake-news-1-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/ellie-goulding-fake-news-1-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51086502acd4fdc403eeedbd3737637f9ced4fb948d0d6d5e5eb4a77c49c5d6b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=8097
content-disposition
inline; filename="ellie-goulding-fake-news-1-325x190.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4686
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 04:08:51 GMT
server
cloudflare
etag
"634cd553-1fa1"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb390b02-OSL
Kanye-and-Donald-Trump-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Kanye-and-Donald-Trump-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ad7370d435f848f76a3fecc3ca8e9c822978255b28dc3e0724787579ab7ae2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
2839
cf-polished
qual=85, origFmt=jpeg, origSize=10615
content-disposition
inline; filename="Kanye-and-Donald-Trump-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8824
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 01:30:43 GMT
server
cloudflare
etag
"634cb043-2977"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb3a0b02-OSL
markiplier-onlyfans-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/markiplier-onlyfans-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26f7acfaf45918eb3808eb0ed03474989ab933f5d26792f55254de5970df7cfc

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
70
cf-polished
qual=85, origFmt=jpeg, origSize=7615
content-disposition
inline; filename="markiplier-onlyfans-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4220
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 01:15:41 GMT
server
cloudflare
etag
"634cacbd-1dbf"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb3c0b02-OSL
selena-gomez-hailey-bieber-getty-credit-jon-kopaloff-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/selena-gomez-hailey-bieber-getty-credit-jon-kopaloff-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf26ae4b134c741999f2f581d4ab12dd08003c78f0fddbaef7acae1c0ca433b1

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
70
cf-polished
qual=85, origFmt=jpeg, origSize=5422
content-disposition
inline; filename="selena-gomez-hailey-bieber-getty-credit-jon-kopaloff-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3840
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 01:07:30 GMT
server
cloudflare
etag
"634caad2-152e"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb3e0b02-OSL
She-Hulk-retro-intro-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/She-Hulk-retro-intro-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fb1c16399a593cf16e7bc1fb38150f92dc9955b647491682e8abafe288ff0b0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=24539
content-disposition
inline; filename="She-Hulk-retro-intro-650x350.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16688
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Oct 2022 08:44:24 GMT
server
cloudflare
etag
"6347cfe8-5fdb"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb3f0b02-OSL
Doctor-Fate-Black-Adam-1-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/Doctor-Fate-Black-Adam-1-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5fa0e0261e1b6abfdd17a7767d708ea66aec6a5dca3d7fb50479c1a56090ab2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=11064
content-disposition
inline; filename="Doctor-Fate-Black-Adam-1-325x190.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7690
cf-bgj
imgq:85,h2pri
last-modified
Fri, 23 Sep 2022 00:23:46 GMT
server
cloudflare
etag
"632cfc92-2b38"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb410b02-OSL
black-adam-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/black-adam-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21c50e788fb6a49d63782c11d00acd80266e796e83778cd26d6d75f9cc0af674

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=14271
content-disposition
inline; filename="black-adam-325x190.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13220
cf-bgj
imgq:85,h2pri
last-modified
Fri, 23 Sep 2022 15:35:21 GMT
server
cloudflare
etag
"632dd239-37bf"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb420b02-OSL
sydney-sweeney-barbarella-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/sydney-sweeney-barbarella-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c6d8ab696235723aaed176d626b651ac15eed08b0573f67af08ebd8567f78e6

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
70
cf-polished
qual=85, origFmt=jpeg, origSize=10095
content-disposition
inline; filename="sydney-sweeney-barbarella-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8238
cf-bgj
imgq:85,h2pri
last-modified
Wed, 12 Oct 2022 00:39:05 GMT
server
cloudflare
etag
"63460ca9-276f"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb430b02-OSL
black-adam-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/black-adam-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab96ae870f19374c05af51e7edbc5fd889447fb2d67e55eadf71ddcb88cd08c3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Mon, 10 Oct 2022 07:05:27 GMT
server
cloudflare
age
70
cf-polished
degrade=85, origSize=10998, status=webp_bigger
etag
"6343c437-2af6"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb440b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10358
shuri-black-panther-wakanda-forever-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/shuri-black-panther-wakanda-forever-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a781afb124e4c90d1946015f4301edf1bd75dfb3f5b74a57b6fbb61e71fd3800

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=3476
content-disposition
inline; filename="shuri-black-panther-wakanda-forever-1-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1870
cf-bgj
imgq:85,h2pri
last-modified
Tue, 11 Oct 2022 15:59:49 GMT
server
cloudflare
etag
"634592f5-d94"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb450b02-OSL
ComicsGallery_DC_20190619__SMYEAR1_01_300-001_HD_5d041f379cb461.68895765-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/06/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/06/ComicsGallery_DC_20190619__SMYEAR1_01_300-001_HD_5d041f379cb461.68895765-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
846aeb819b7aea3f2f12d38321a6c7cf185a9ac4153fbb5014cd4776621239e7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 19 Jun 2019 16:50:59 GMT
server
cloudflare
age
69
cf-polished
degrade=85, origSize=34516, status=webp_bigger
etag
"5d0a67f3-86d4"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb460b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10679
batman-banner-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/05/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/05/batman-banner-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f32da7978fb595713f344ab7b119f6c56b4a8471fa2e634830116594dacba4a5

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=19154
content-disposition
inline; filename="batman-banner-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3444
cf-bgj
imgq:85,h2pri
last-modified
Sat, 25 May 2019 20:21:12 GMT
server
cloudflare
etag
"5ce9a3b8-4ad2"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb490b02-OSL
detective-comics-1000-banner-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/03/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/03/detective-comics-1000-banner-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1abdc8291e51bfcc3085ca21f273ad2e1a68168e30b860ededd5d6ceca04112d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Tue, 26 Mar 2019 01:56:55 GMT
server
cloudflare
age
69
cf-polished
degrade=85, origSize=36133, status=webp_bigger
etag
"5c9986e7-8d25"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb4a0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11722
The-Return-of-Wolverine-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2018/09/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2018/09/The-Return-of-Wolverine-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
919f42903bb424c247b4a225f4b16b3df0cbff5bae6db237289eea58821271e3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 19 Sep 2018 13:20:17 GMT
server
cloudflare
age
69
cf-polished
degrade=85, origSize=40629, status=webp_bigger
etag
"5ba24d11-9eb5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb4b0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14880
Amazing-Spider-Man-1-banner-textless-e1519938493557-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2018/07/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2018/07/Amazing-Spider-Man-1-banner-textless-e1519938493557-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f57a9438d1f4756f4ae1fe5710b489389a2bd3315f544c25218f21682e514fa

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 11 Jul 2018 15:01:36 GMT
server
cloudflare
age
69
cf-polished
degrade=85, origSize=37198, status=webp_bigger
etag
"5b461bd0-914e"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb4c0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12626
Captain-America-1-cover-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2018/07/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2018/07/Captain-America-1-cover-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66a2ddb76f1fc75bcd261e77b00d8007564c1740855edc939a226afe2a9d1c61

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=31654
content-disposition
inline; filename="Captain-America-1-cover-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8496
cf-bgj
imgq:85,h2pri
last-modified
Wed, 04 Jul 2018 10:34:34 GMT
server
cloudflare
etag
"5b3ca2ba-7ba6"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb4d0b02-OSL
Bayonetta-3-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Bayonetta-3-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c0d51309ed3b00d274af942505dd1d847d031749c9d5da48685de7746a70c0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=27017
content-disposition
inline; filename="Bayonetta-3-650x350.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18314
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 03:32:13 GMT
server
cloudflare
etag
"634cccbd-6989"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb4e0b02-OSL
Bayonetta-3-controversy-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Bayonetta-3-controversy-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
058d7c59d62bfd765b6e8b6de2612368118b326df45ae75b209f80dcc988fba2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=12593
content-disposition
inline; filename="Bayonetta-3-controversy-325x190.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9362
cf-bgj
imgq:85,h2pri
last-modified
Sun, 16 Oct 2022 23:22:19 GMT
server
cloudflare
etag
"634c922b-3131"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb4f0b02-OSL
silent-hill-tv-series-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/silent-hill-tv-series-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac5624936c6753cecc0c839defb1b6d85664861de6d57c016bbed64d4d34fa1e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
71
cf-polished
qual=85, origFmt=jpeg, origSize=12160
content-disposition
inline; filename="silent-hill-tv-series-325x190.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9006
cf-bgj
imgq:85,h2pri
last-modified
Sun, 16 Oct 2022 22:14:59 GMT
server
cloudflare
etag
"634c8263-2f80"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb510b02-OSL
UNDECEMBER-Screenshot-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/UNDECEMBER-Screenshot-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
557fbd54d2f7dad640163c328d5f8812b2cdd3fcf5b0e0240bbfa8daf4d86396

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=4686
content-disposition
inline; filename="UNDECEMBER-Screenshot-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2776
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Oct 2022 11:43:37 GMT
server
cloudflare
etag
"6347f9e9-124e"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb520b02-OSL
Nintendo-Osaka-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Nintendo-Osaka-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d377d4655bac00143bed9eb5a77b6e42b51b4ef08c9beb9eff792f3bd2b9e4f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=9780
content-disposition
inline; filename="Nintendo-Osaka-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7328
cf-bgj
imgq:85,h2pri
last-modified
Fri, 14 Oct 2022 00:17:33 GMT
server
cloudflare
etag
"6348aa9d-2634"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb530b02-OSL
Among-Us-VR-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Among-Us-VR-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9efce1167bfa7986ff49c16eeeaeece62a3e9f705829e97885a1f53e8e6a3707

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=8774
content-disposition
inline; filename="Among-Us-VR-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6888
cf-bgj
imgq:85,h2pri
last-modified
Wed, 12 Oct 2022 15:14:36 GMT
server
cloudflare
etag
"6346d9dc-2246"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb540b02-OSL
Pokemon-Iono-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Pokemon-Iono-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
733fabf50fb55cbe99e96c43cbfc47814539799a07dc71db58c81572bbec2d37

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=8994
content-disposition
inline; filename="Pokemon-Iono-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6874
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Oct 2022 01:08:26 GMT
server
cloudflare
etag
"6347650a-2322"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb560b02-OSL
Chloe-Grace-Moretz-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Chloe-Grace-Moretz-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48a7db562fb13eee614f11a3cdae116fe7c3e0006dd13a0142da5173bb107901

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=6300
content-disposition
inline; filename="Chloe-Grace-Moretz-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3778
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Oct 2022 02:47:53 GMT
server
cloudflare
etag
"63477c59-189c"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb570b02-OSL
UNDECEMBERHeaderJPG-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/UNDECEMBERHeaderJPG-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
330aca3434953f81f77e04046b0ef17298e84ce808f0a051aaba8e956320a4a1

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=7821
content-disposition
inline; filename="UNDECEMBERHeaderJPG-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3864
cf-bgj
imgq:85,h2pri
last-modified
Wed, 12 Oct 2022 15:15:05 GMT
server
cloudflare
etag
"6346d9f9-1e8d"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb590b02-OSL
Splatoon-3-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Splatoon-3-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73812e57136681708334ad8ba2a99156fed80bd1d9969d7d300ad9733fd0253

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 05 Oct 2022 05:04:38 GMT
server
cloudflare
age
69
cf-polished
degrade=85, origSize=15830, status=webp_bigger
etag
"633d1066-3dd6"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb5a0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11400
Overwatch-2-Junker-Queen-Command-Shout-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Overwatch-2-Junker-Queen-Command-Shout-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99168b29ca0e1449918a1b50f7394365cb38dfa622b55fe2e5f993bbecb3db0b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=7715
content-disposition
inline; filename="Overwatch-2-Junker-Queen-Command-Shout-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6892
cf-bgj
imgq:85,h2pri
last-modified
Tue, 04 Oct 2022 16:35:55 GMT
server
cloudflare
etag
"633c60eb-1e23"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb5b0b02-OSL
potion-permit-feature-image-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/potion-permit-feature-image-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
892fca9247bb47d68b34153f59af473c71e1e16d05d61a94f212432387820867

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=13164
content-disposition
inline; filename="potion-permit-feature-image-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10348
cf-bgj
imgq:85,h2pri
last-modified
Fri, 23 Sep 2022 02:59:54 GMT
server
cloudflare
etag
"632d212a-336c"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb5c0b02-OSL
HYPERDEMON-Key-Art-4k-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/HYPERDEMON-Key-Art-4k-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a72b52b794a68531921569f3a375efdec00fc6268489f7d3f9a774dcce73429

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=20623
content-disposition
inline; filename="HYPERDEMON-Key-Art-4k-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5870
cf-bgj
imgq:85,h2pri
last-modified
Tue, 20 Sep 2022 17:26:30 GMT
server
cloudflare
etag
"6329f7c6-508f"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb5d0b02-OSL
Pac-Man-World-Re-Pac-Screenshot-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/Pac-Man-World-Re-Pac-Screenshot-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008e90273db880727fb65b4722d49f4fc0fde84c28f8317e8ba2a61047091838

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=7023
content-disposition
inline; filename="Pac-Man-World-Re-Pac-Screenshot-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6224
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Sep 2022 16:24:12 GMT
server
cloudflare
etag
"6320aeac-1b6f"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb5e0b02-OSL
soul-hackers-2-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/soul-hackers-2-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0250bae94c192308b056716908e76fe160797b10dbfe697796ce894411cbeb5c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=11187
content-disposition
inline; filename="soul-hackers-2-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9298
cf-bgj
imgq:85,h2pri
last-modified
Tue, 30 Aug 2022 01:07:02 GMT
server
cloudflare
etag
"630d62b6-2bb3"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb5f0b02-OSL
Rings-of-Power-The-Stranger-adjusted-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/Rings-of-Power-The-Stranger-adjusted-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2882d3646622afcd0d69bab5f09673279172f1c3b29e446cb92649b0a9ea5fcd

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=55153
content-disposition
inline; filename="Rings-of-Power-The-Stranger-adjusted-650x350.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51560
cf-bgj
imgq:85,h2pri
last-modified
Sun, 25 Sep 2022 10:55:46 GMT
server
cloudflare
etag
"633033b2-d771"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb600b02-OSL
A-Memory-of-Light-Cover-325x190.jpeg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/A-Memory-of-Light-Cover-325x190.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9af9508d25e68d849a04b63411eb788a15aabd08a9eb90660288f6a5cd13cb2f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=14958
content-disposition
inline; filename="A-Memory-of-Light-Cover-325x190.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13972
cf-bgj
imgq:85,h2pri
last-modified
Fri, 07 Oct 2022 21:15:45 GMT
server
cloudflare
etag
"63409701-3a6e"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb610b02-OSL
rhys-ifans-as-otto-hightower-hbo-house-of-the-dragon.jpg
wegotthiscovered.com/wp-content/uploads/2022/05/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/05/rhys-ifans-as-otto-hightower-hbo-house-of-the-dragon.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fabef2a71a1fbb1a908065e2e241e163b8ec00dbdf2a098f6f0411a49546dd4e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=861127
content-disposition
inline; filename="rhys-ifans-as-otto-hightower-hbo-house-of-the-dragon.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
115310
cf-bgj
imgq:85,h2pri
last-modified
Thu, 05 May 2022 16:43:54 GMT
server
cloudflare
etag
"6273feca-d23c7"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb620b02-OSL
joseph-quinn-stranger-things-4-225x135.png
wegotthiscovered.com/wp-content/uploads/2022/09/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/joseph-quinn-stranger-things-4-225x135.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f71abefcd78fd68407e04fd621bb160475930018d8104a0c974c3f47d5ece6e9

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
origFmt=png, origSize=59123
content-disposition
inline; filename="joseph-quinn-stranger-things-4-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41838
cf-bgj
imgq:85,h2pri
last-modified
Wed, 21 Sep 2022 21:05:15 GMT
server
cloudflare
etag
"632b7c8b-e6f3"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb630b02-OSL
better-call-saul-finale-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/better-call-saul-finale-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96f131db63a90ae82dd1bab101e28d3c98e7aa9bf80cd472ca81d471343fd87e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=40901
content-disposition
inline; filename="better-call-saul-finale-650x350.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33928
cf-bgj
imgq:85,h2pri
last-modified
Mon, 15 Aug 2022 17:33:11 GMT
server
cloudflare
etag
"62fa8357-9fc5"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb640b02-OSL
image-88-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/image-88-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
402c6f58539c3a7ce25b7840fc56a2d3f1abf33c8c47522bcec5b7aa04adb2a9

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=12483
content-disposition
inline; filename="image-88-325x190.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8948
cf-bgj
imgq:85,h2pri
last-modified
Thu, 11 Aug 2022 02:28:08 GMT
server
cloudflare
etag
"62f46938-30c3"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb650b02-OSL
tobey-maguire-spider-man.jpeg
wegotthiscovered.com/wp-content/uploads/2022/05/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/05/tobey-maguire-spider-man.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
554ac4187cd25e38d24ec4368d204b0a09356998613445af097e374520865e9f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=250974
content-disposition
inline; filename="tobey-maguire-spider-man.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
88088
cf-bgj
imgq:85,h2pri
last-modified
Tue, 03 May 2022 18:17:36 GMT
server
cloudflare
etag
"627171c0-3d45e"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb660b02-OSL
The-Batman-movie-header-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/03/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/03/The-Batman-movie-header-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e145e91c2c1cc72d1f75aa5249b9f04909852fdf994b9ecc66af952c49e82bac

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=9144
content-disposition
inline; filename="The-Batman-movie-header-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6872
cf-bgj
imgq:85,h2pri
last-modified
Fri, 18 Mar 2022 08:25:22 GMT
server
cloudflare
etag
"623441f2-23b8"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb670b02-OSL
image-12-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/image-12-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b3b300b17657e70b69a9e12d4f798e6cd85acb4d92e14335d2d653b58e8cba4

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=9087
content-disposition
inline; filename="image-12-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8496
cf-bgj
imgq:85,h2pri
last-modified
Tue, 04 Jan 2022 17:24:09 GMT
server
cloudflare
etag
"61d482b9-237f"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb680b02-OSL
godfather-50th-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/godfather-50th-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f047d63f14b397d1bf98dab0f94870d11d4b93a84e3e4be46c1a3a116afc1c3f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=6927
content-disposition
inline; filename="godfather-50th-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6038
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Jan 2022 16:45:27 GMT
server
cloudflare
etag
"61e05727-1b0f"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb690b02-OSL
batman-beyond-header-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/07/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/07/batman-beyond-header-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa7dcfb7bad66bf0f7e45cebfeeae58e48916a9d7d38884eda50236fb812c338

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=27843
content-disposition
inline; filename="batman-beyond-header-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7424
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 Jul 2019 22:25:10 GMT
server
cloudflare
etag
"5d3b7dc6-6cc3"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb6a0b02-OSL
Wonder-Woman-Bloodlines-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/10/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/10/Wonder-Woman-Bloodlines-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c79c43f0651fdf6be32a15cd88006afb7001389fbb3252b44436fa189951d8a0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=24841
content-disposition
inline; filename="Wonder-Woman-Bloodlines-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5974
cf-bgj
imgq:85,h2pri
last-modified
Sun, 13 Oct 2019 21:49:04 GMT
server
cloudflare
etag
"5da39bd0-6109"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb6b0b02-OSL
supernatural-season-14-photos-125-e1567958111388-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/09/supernatural-season-14-photos-125-e1567958111388-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
453b57830935e21f0f2cf183955c5cd69170129b3b7aef9e6caf1fc1676b703d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
age
69
cf-polished
qual=85, origFmt=jpeg, origSize=25836
content-disposition
inline; filename="supernatural-season-14-photos-125-e1567958111388-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6784
cf-bgj
imgq:85,h2pri
last-modified
Sun, 08 Sep 2019 15:55:16 GMT
server
cloudflare
etag
"5d752464-64ec"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb6c0b02-OSL
flash-season-5-banner-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2018/10/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2018/10/flash-season-5-banner-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f97bf6db89407367c816ade62e16ffed0ffba15c978f5475c2fcb3f3649f3b0d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Sat, 06 Oct 2018 20:00:06 GMT
server
cloudflare
age
69
cf-polished
degrade=85, origSize=32283, status=webp_bigger
etag
"5bb91446-7e1b"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb6e0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10203
Untitled-9-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/08/Untitled-9-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df8ad781bd81d499199eb98969eee75d738957c5d1b4a8d4c9812fd0a57a60f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 21 Aug 2019 01:17:45 GMT
server
cloudflare
age
69
cf-polished
degrade=85, origSize=28605, status=webp_bigger
etag
"5d5c9bb9-6fbd"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb700b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8249
GalleryTalent_1900x900_JimLee_HUSH_5b50e10f688065.08491752-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2018/07/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2018/07/GalleryTalent_1900x900_JimLee_HUSH_5b50e10f688065.08491752-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9955e19568508a719db26d8693da8ca6273a5fc2c06b6cd9e8eca8bb2807318

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Sat, 21 Jul 2018 14:03:28 GMT
server
cloudflare
age
69
cf-polished
degrade=85, origSize=30880, status=webp_bigger
etag
"5b533d30-78a0"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb710b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9952
ajax-loader.gif
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ajax-loader.gif
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9003eb7e3040cdb9591230348da3f8342778da4f6ba8b2ce9deafa8970caba4a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
69
cf-polished
origSize=1737, status=webp_bigger
etag
"6282e35f-6c9"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443deb720b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1669
imagesloaded.min.js
wegotthiscovered.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Mar 2021 15:17:14 GMT
server
cloudflare
age
1837
etag
W/"6050cbfa-15fd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443daaac0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-ias.js
wegotthiscovered.com/wp-content/plugins/face3-infinite-scroll-plugin/inc/libs/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/face3-infinite-scroll-plugin/inc/libs/jquery-ias.js?ver=1.0.0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cab7a2588ee09da94299ab1b8c38adacec9e8622e21c01c98e134d7910fa0b8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 07 Aug 2015 18:19:11 GMT
server
cloudflare
age
1837
etag
W/"55c4f69f-137f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443dbab90b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
face3-infinite-scroll.functions.js
wegotthiscovered.com/wp-content/plugins/face3-infinite-scroll-plugin/inc/js/ 		586 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/face3-infinite-scroll-plugin/inc/js/face3-infinite-scroll.functions.js?ver=1.0.0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c5b55ff805d5e4c854c5ab9a9bfe23335fa48df78b79e45334d792507d674d2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 24 Aug 2015 18:49:25 GMT
server
cloudflare
age
4575
cf-polished
origSize=686
etag
W/"55db6735-2ae"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443dbabb0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.zoom.min.js
wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/js/jquery.zoom.min.js?ver=1.7.18
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36888c04868ad973127198ca39debe974bd10d13871eeb44dd7931319d58c88b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2016 14:28:36 GMT
server
cloudflare
age
1837
etag
W/"57d2c714-a09"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443dbabc0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wgtc-gallery.js
wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/js/wgtc-gallery.js?ver=3
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecb6dac496818e5be7cd90e371c56c47f61030000872520d6cadc7f345cd5e6f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 10 Jan 2022 00:23:20 GMT
server
cloudflare
age
5601
cf-polished
origSize=10788
etag
W/"61db7c78-2a24"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443dbabd0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cookie.min.js
wegotthiscovered.com/wp-content/plugins/hurrytimer/assets/js/ 		2 KB
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/hurrytimer/assets/js/cookie.min.js?ver=3.14.1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94d7ec1ea563f6e407c32352b0a74f09bb645a4c4a4805951c3a168e57fbb554

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Jul 2022 04:47:07 GMT
server
cloudflare
age
5601
etag
W/"62d788cb-690"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443dbabe0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.countdown.min.js
wegotthiscovered.com/wp-content/plugins/hurrytimer/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/hurrytimer/assets/js/jquery.countdown.min.js?ver=2.2.0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Jul 2022 04:47:07 GMT
server
cloudflare
age
1836
etag
W/"62d788cb-14db"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443dbabf0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hurrytimer.js
wegotthiscovered.com/wp-content/plugins/hurrytimer/assets/js/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/hurrytimer/assets/js/hurrytimer.js?ver=2.7.2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b48f22bba68355b3e14e2b1b5815459852ff24e2865405bf6d25404bfcb2995

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 20 Jul 2022 04:47:07 GMT
server
cloudflare
age
1836
cf-polished
origSize=28615
etag
W/"62d788cb-6fc7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443deaec0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wgtc-gallery.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		2 KB
769 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/wgtc-gallery.js?ver=0.1.8
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db12238e10df0181b6a1a1d65f4b889a70fecfdaea11d7d166781fa0f15bfbab

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
1836
cf-polished
origSize=4018
etag
W/"6282e35f-fb2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443deaed0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.ba-hashchange.min.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		1 KB
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery.ba-hashchange.min.js?ver=1.3
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f83525f16ff835fe5758be6f531ecd5e4efdce465f5935de044f1625a8d0d7b3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
1836
etag
W/"6282e35f-5f6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443deaee0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?ver=5.9.4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
95c39c3cfa3b86b13a2758d6001727a9f6198240b95c703c854184ab8c49ca52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Oct 2022 07:19:33 GMT
content-md5
gBkSb6ZSBN5gSYxg5JCLvw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
FOBWk0/nDXA7i6mbpF6fK6yOB0obpsNzieZwwE6kvtZR/IUBNOlCNPPK+YbmRqUTLjbY6uJ0rJqKKH2BY3NQ9A==
x-fb-trip-id
2050670934
x-fb-content-md5
a44a2fa845c5c0a422fd09c777663eda
cross-origin-opener-policy
same-origin-allow-popups
etag
"d4d3369fb2b69cce1af77235c1e418f3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Mon, 17 Oct 2022 07:33:52 GMT
main.js
wegotthiscovered.com/wp-content/plugins/aawp/assets/dist/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/aawp/assets/dist/js/main.js?ver=3.18.2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
324229580a277a2f43dabaa9aee2042c1e8197bcf0a8e2fe6fc5aa077f0d14e8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 29 Jul 2022 02:24:35 GMT
server
cloudflare
age
1836
cf-polished
origSize=6293
etag
W/"62e344e3-1895"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443deaef0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
popup.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/popup.js?v=2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eff9682459cdf09edbdc26d40a2ebe4ebe9a89398676952d0b06c1630452789

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
1836
cf-polished
origSize=6341
etag
W/"6282e35f-18c5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443deaf00b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.cookie.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		1 KB
788 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.cookie.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3f05412b273a3c32bf550bf721db6302d8c8c8692d25b847f278ef67693195d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
1836
cf-polished
origSize=1838
etag
W/"6282e35f-72e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443deaf10b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.tweet.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.tweet.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7f23b706c2051cd14bbfdc75b158a623e575846b2a34cf308709793fb72f5e8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
1836
cf-polished
origSize=14391
etag
W/"6282e35f-3837"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443deaf20b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.localscroll.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		1 KB
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.localscroll.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c0a69d6de03571afb770c25f2216665c272ff731e3699ca3a2caf80d730f93

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
5600
cf-polished
origSize=1552
etag
W/"6282e35f-610"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443deaf30b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.bxslider.css
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/bxslider4.2.5/ 		3 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/bxslider4.2.5/jquery.bxslider.css
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7952a34f886e3cef6c4522009e3abebb3b7f8254955848f6ef064a915fa9ed23

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
1836
cf-polished
origSize=4102
etag
W/"6282e35f-1006"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
75b7443deaf40b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
search.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		554 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/search.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
507c27740d49f6b21e854adb09f4f2b4e482ce1e2d043e3d71d25a652543465d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
1836
cf-polished
origSize=720
etag
W/"6282e35f-2d0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443deaf50b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.bxslider.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/bxslider4.2.5/ 		33 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/bxslider4.2.5/jquery.bxslider.js?=4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51308cfc2cee270e6819ae124d2eb4eec815637c9ac20f0b4a44b20ff0c41689

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
1836
cf-polished
origSize=65727
etag
W/"6282e35f-100bf"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443deaf70b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lazyload.min.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/lazyload/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/lazyload/lazyload.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
1836
etag
W/"6282e35f-d35"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443deaf80b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.jcarousel-core.min.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.jcarousel-core.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8ba6e00e79f5d4ffc5e3f634123c36823648e601c5d6465d27c65e7797d2807

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
1836
etag
W/"6282e35f-4435"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443deaf90b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.viewport.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		1 KB
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.viewport.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c51fffe2be6f1a72b6d297c12af42ddea28f64b60d1d75a7fe774114dd6942a3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
1836
etag
W/"6282e35f-4b2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443deafa0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
amp-form-0.1.js
cdn.ampproject.org/v0/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
b626e525becd9c321151bee2d4e9e70fcf7873f4418c3fcf92359fddf0cf51fc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 17 Oct 2022 07:19:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14973
x-xss-protection
0
server
sffe
etag
"0c6fa01c90d735ce"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 17 Oct 2022 07:19:33 GMT
face3.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		3 KB
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/face3.js?v=4.90
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d709873b2dd3058fdb02f9325eb522bd13420e9aa57fa9d1c99723ce6947e517

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
5600
cf-polished
origSize=5006
etag
W/"6282e35f-138e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443deafb0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
selectivizr-min.js
cdnjs.cloudflare.com/ajax/libs/selectivizr/1.0.2/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/selectivizr/1.0.2/selectivizr-min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f17fea7cee4a9ae74981b2930b10a3aafd713f4564080def24e5fb8342a338
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
992018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2152
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-12e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BxQRenjnkF5jlyM0nj4ghnkR%2B5hFJNMEFfJah8NZyAm4Ivlm6tNpIzeSzbGo5QoS1e6dlW%2FXL0y7ehUjl%2FzKpmQLsdgQMYkhyWQum2POAJR%2BNAuFwNTxn5l3DrVVWYgtfd6rZkk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75b74440081eb4f7-OSL
expires
Sat, 07 Oct 2023 07:19:33 GMT
modernizr-1.7.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/1.7/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/modernizr/1.7/modernizr-1.7.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954e385ecd6ed2ab0cb91dc0333ea1b3cf1bdcfe309d4857e7181324cb8dc25b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5924487
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3215
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-233d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3N0DNEEz87I9oTjx%2FOXqGXV3kpAwqpkZ8dWOWQYpXCLUoQCHuxHnbk1GC0JRKj7gfIjPM45CxzZJcUwgTp0JEOiytpznkQIWkouUxnFGnFi37e4z2fpGJY64rGPsaJjwTiF%2FXX2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75b744400821b4f7-OSL
expires
Sat, 07 Oct 2023 07:19:33 GMT
114526X1684673.skimlinks.js
s.skimresources.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/114526X1684673.skimlinks.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10b9d688509666bd9712e877a397c9ea8354cf3725397f7d41cee8be1371829d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 08:52:23 GMT
server
AmazonS3
x-amz-request-id
GR8JHK7X1J34TVVE
etag
"38e23d336c5a4e230698b2c54d1268e4"
x-hw
1665991172.cds230.sk1.hn,1665991172.cds231.sk1.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
18866
x-amz-id-2
3unduIdiQYxHoJ3frLUH3Y1whvQkhPWpB3+2T0mTt4l+T+28bznh0Yox+gGGqhFh6CrradicBbk=
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.47.230 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
75b744414b1fb4eb-OSL
gtm.js
www.googletagmanager.com/ 		220 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NWJQJXJ
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c8344323654a094820e67585d0c4216cb97746f06e4e7b8acd7ee803a8fba010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75080
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Oct 2022 07:19:33 GMT
wegotthiscovered.min.js
global.proper.io/ 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/wegotthiscovered.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.78.34 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad2c5471459209ba7d7a8390ea9ef631be7d4baa8791c6720efe9f9cbb9d2040

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Sep 2022 15:49:32 GMT
server
cloudflare
age
2302163
etag
W/"6329e10c-8ea8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
75b74442bf86b527-OSL
expires
Mon, 17 Oct 2022 07:24:33 GMT
plow.lite.js
wegotthiscovered.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/plow.lite.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7266ace550671f9ee12e1e3cf91480093e6e4222d1aa317e0cc9b2f13ce3927

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 13 Jan 2022 02:22:01 GMT
server
cloudflare
age
1835
cf-polished
origSize=38821
etag
W/"61df8cc9-97a5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75b7443deb740b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
web-vitals.iife.js
unpkg.com/web-vitals@3.0.3/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@3.0.3/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.0.3/dist/web-vitals.iife.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
104.16.123.175 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3741635b1f0031805e7ae2cafeec569dee3bbb6a432d0963d35ca140db6cb4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1083475
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GEJ3PQRDYDJN1MEB9KW035GF-fra
server
cloudflare
etag
W/"1a22-hgiiFG7C7LJYmxvR7SzubSsy+G8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75b74443280c0b02-OSL

Redirect headers

date
Mon, 17 Oct 2022 07:19:33 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GFJCFQ99JESR0BBHN63PPM26-ams
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
526
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@3.0.3/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
75b74442cfb20b02-OSL
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.19.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-19-89.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:43:27 GMT
content-encoding
gzip
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:50:34 GMT
server
nginx
x-amz-cf-pop
FRA56-P7
age
2165
etag
W/"62d7515a-933f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
hrslVNlxWIhioerAJb4ox-Q8dj2oJ1rjhgLMA_SCa0HWJ9rwN8780g==
expires
Mon, 17 Oct 2022 08:43:27 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 02:19:20 GMT
content-encoding
gzip
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
18015
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
zf8OlWBkZtESAidbwgw3rAHgrV3YV8i5eRBqrBXZ2QJvGITinjSfFg==
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-38.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 19 May 2022 07:56:04 GMT
Content-Encoding
gzip
Via
1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-P1
Age
13044210
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=26920000
Connection
keep-alive
X-Amz-Cf-Id
MMgOHnUkPRqfcOVR3Oef7d_tVttbixY7pypJCVQ0lQvLXaVn3xhMew==
fbevents.js
connect.facebook.net/en_US/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Oct 2022 07:19:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
27029
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Ldej69okTOSXT3ld2Xc37LEoL4YssvLj3aN3cm6K/3wHo7nS9u3qPZ98ECHp39kJnR7oc7K2irZOiDAEGad8/g==
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
superficialeyes.com/ 		603 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.240.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.240.110.34.bc.googleusercontent.com
Software
/
Resource Hash
6c02fccef5dabd5a437aca1de220214645fb8f8a247dbd7802b85e7b909e2b59
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Mon, 17 Oct 2022 07:19:33 GMT
x-datacenter
gce-europe-west1
etag
"3cdbd06b6c7660cbd9c5fbe303e703c1e89af0f15eb7883b3060520b4c93d528"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-lf0f
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
661392823
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v2jltJrHqG_ZP_OW2oPEQQcRZfkj9fqNRmQkea3mD7AYbCHJcxNiuERHPUOQvux6fk4xk5IkOGcpr5tMUUA
terrifictooth.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://terrifictooth.com/v2jltJrHqG_ZP_OW2oPEQQcRZfkj9fqNRmQkea3mD7AYbCHJcxNiuERHPUOQvux6fk4xk5IkOGcpr5tMUUA
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.189.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.189.110.34.bc.googleusercontent.com
Software
/
Resource Hash
2aed8ce4cd0453720b1275a7cb826a00d9871349b904e012994099c39592e9f1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Mon, 17 Oct 2022 07:19:33 GMT
x-datacenter
gce-europe-west1
etag
"54651aabe4cbf7d2e4c4dec29b202a48785eda6d8764f34406337136780b4adc"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-lf0f
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
661392823
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
wegotthiscovered.com/fonts.gstatic.com/s/oswald/v49/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24559cb630d9fc7ad4c9c2ceb19663a2dacdc44af12c572d7f08a28e1e74218a

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Jul 2022 19:23:35 GMT
server
cloudflare
age
2404942
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
75b7443dbab60b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17928
expires
Tue, 12 Sep 2023 21:49:44 GMT
wgtc.woff2
wegotthiscovered.com/wp-content/themes/wgtc_v2/font/icons/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wgtc_v2/font/icons/wgtc.woff2?15410951
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c57c4d05d08dad65bc6935b48f240ba3b7a31897805b4def998917a8dcb6ad7

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Jul 2021 07:55:59 GMT
server
cloudflare
age
3347
etag
"60dec68f-10d0"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b7443dbab70b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4304
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Apr 2022 18:08:11 GMT
server
cloudflare
age
2404942
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
75b7443dbab80b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14964
expires
Tue, 12 Sep 2023 21:34:54 GMT
main-sprite.svg
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/main-sprite.svg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/style.css?ver=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63e5cadd935b4e0f99d4e3813d01b5c71f7348fa8ada43d7e46ac9caa57939a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/style.css?ver=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
1458
etag
W/"6282e35f-1e33"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
75b7443deb750b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v23/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Apr 2022 18:08:32 GMT
server
cloudflare
age
2404942
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
75b7443deb780b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16324
expires
Wed, 13 Sep 2023 22:18:59 GMT
House-of-the-Dragon-episode-10-preview.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/House-of-the-Dragon-episode-10-preview.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f515ee2f35036e7e375e60d77a4839fab41037ff1d047c4fc05bbef2fcb02364

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 02:19:42 GMT
server
cloudflare
cf-polished
qual=85, origFmt=jpeg, origSize=389865
etag
"634cbbbe-5f2e9"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
content-disposition
inline; filename="House-of-the-Dragon-episode-10-preview.webp"
accept-ranges
bytes
cf-ray
75b7443e1b7a0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41160
Kanye-and-Donald-Trump-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Kanye-and-Donald-Trump-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d4df0308d725f61662a563021da50bc21873865d0173500bd024009caba0694

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 01:30:43 GMT
server
cloudflare
cf-polished
qual=85, origFmt=jpeg, origSize=16855
etag
"634cb043-41d7"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
content-disposition
inline; filename="Kanye-and-Donald-Trump-325x190.webp"
accept-ranges
bytes
cf-ray
75b7443e1b7b0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13884
markiplier-onlyfans-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/markiplier-onlyfans-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ae53daeae089ba7965b0f90aa6b4cf96481b1059c9b2d17f7bbe0f83692472

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 01:15:41 GMT
server
cloudflare
cf-polished
qual=85, origFmt=jpeg, origSize=12224
etag
"634cacbd-2fc0"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
content-disposition
inline; filename="markiplier-onlyfans-325x190.webp"
accept-ranges
bytes
cf-ray
75b7443e1b7c0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6586
halloween-ends-box-office-1-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/halloween-ends-box-office-1-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f403824565ad03f738fc442bd35d4ea60e66e55db9e0aaa8c97533a1a87b57a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 00:52:01 GMT
server
cloudflare
cf-polished
qual=85, origFmt=jpeg, origSize=16431
etag
"634ca731-402f"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
content-disposition
inline; filename="halloween-ends-box-office-1-325x190.webp"
accept-ranges
bytes
cf-ray
75b7443e1b7d0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13708
emily-blunt-fantastic-four-john-krasinski-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/emily-blunt-fantastic-four-john-krasinski-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
938986e52476bcf4aaee36477f436632149e842ad418d656afbe6d5d50b9a48d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Oct 2022 03:01:44 GMT
server
cloudflare
cf-polished
qual=85, origFmt=jpeg, origSize=15143
etag
"634cc598-3b27"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
content-disposition
inline; filename="emily-blunt-fantastic-four-john-krasinski-325x190.webp"
accept-ranges
bytes
cf-ray
75b7443e1b7e0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11320
1323107-featured-320x165.jpg
wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/1323107-featured-320x165.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb66eb068d2656736193ffde588cb648145440e89dc5673f793c0249dafc11e9

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Sun, 16 Oct 2022 23:39:03 GMT
server
cloudflare
cf-polished
qual=85, origFmt=jpeg, origSize=13953
etag
"634c9617-3681"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
content-disposition
inline; filename="1323107-featured-320x165.webp"
accept-ranges
bytes
cf-ray
75b7443e4b980b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10286
1318053-featured-320x165.jpg
wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/1318053-featured-320x165.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0ab89ac7f1a776cd6fbc92b90634b825b9794b13d255b6a49140091ffbd8496

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Tue, 11 Oct 2022 23:38:58 GMT
server
cloudflare
cf-polished
qual=85, origFmt=jpeg, origSize=16491
etag
"6345fe92-406b"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
content-disposition
inline; filename="1318053-featured-320x165.webp"
accept-ranges
bytes
cf-ray
75b7443e4b990b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13862
1321578-featured-320x165.jpg
wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/1321578-featured-320x165.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d277594d46cc2ed755905a4b6b428c171b80ac509a4bb929aea2595226939abe

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:32 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Sun, 16 Oct 2022 12:56:08 GMT
server
cloudflare
cf-polished
qual=85, origFmt=jpeg, origSize=13148
etag
"634bff68-335c"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
content-disposition
inline; filename="1321578-featured-320x165.webp"
accept-ranges
bytes
cf-ray
75b7443e4b9a0b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11320
tp2
spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 17 Oct 2022 07:19:33 GMT
server
Google Frontend
via
1.1 google
x-cloud-trace-context
03dd40e604c49507f73a0e574a059acf
tp2
spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/ 		2 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/plow.lite.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://wegotthiscovered.com
x-cloud-trace-context
e9629cff691bc85ffdc61a14d85d4ac5
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
r.skimresources.com/api/ 		149 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684673.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
5e20a6b4029146676ea4405b3f92a2e033cbe3aac6f7ba0b5d3a54256bc252b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
robots.txt
t.skimresources.com/api/v2/ Frame 50AF 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.9822833504905488
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
via
1.1 google
server
Python/3.10 aiohttp/3.8.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=9.511908709552037
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Mon, 17 Oct 2022 07:19:33 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=9.511908709552037
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Mon, 17 Oct 2022 07:19:33 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
6218c65ecebca94c45e3c774.enc
hb.vntsm.com/v2/live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/6218c65ecebca94c45e3c774.enc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-713.bunnyinfra.net
Software
BunnyCDN-DE-713 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ref_url
Access-Control-Request-Method
GET
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-pullzone
131999
cdn-requestcountrycode
NO
cdn-requestid
12c9a0d11eda017a035c4f6fe6c63f5a
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
content-type
application/octet-stream
date
Mon, 17 Oct 2022 07:19:33 GMT
server
BunnyCDN-DE-713
x-bl
0
content.html
hb.vntsm.io/ 		32 B
667 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.142 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
cf-cache-status
HIT
x-amz-request-id
4CWY9VJYA1EENH42
age
6668
content-length
32
x-amz-id-2
KtJXTSWkE9FKfnrz5q38JOcPnL8hJzIpMGlqqj/EYAOzGipDyIIE0Y1yqNGqDakVnjfbs5y+RbA=
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, origin, Origin
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b744437afb98f0-ARN
6218c65ecebca94c45e3c774.enc
hb.vntsm.com/v2/live/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/6218c65ecebca94c45e3c774.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-713.bunnyinfra.net
Software
BunnyCDN-DE-713 /
Resource Hash
b5cf3c1e88f1fa0dbbcf17a91699d3b05da3ac779dcc160deb9f1160781365b4

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
ref_url
aHR0cHM6Ly93ZWdvdHRoaXNjb3ZlcmVkLmNvbS8=

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
content-encoding
br
cdn-edgestorageid
713
cdn-cachedat
10/11/2022 14:11:16
cdn-pullzone
131999
last-modified
Wed, 29 Jun 2022 12:35:47 GMT
server
BunnyCDN-DE-713
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"c73b6e4cf93f120c13d96afbf7dd90d3"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
access-control-allow-credentials
true
x-bl
0
cache-control
public, max-age=86400
cdn-requestid
607c12c81f78bd3a2deaed6c21242422
cdn-requestcountrycode
NO
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
all.js
connect.facebook.net/en_US/ 		302 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=634d494630a8534d74fc51b4ce51a906
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?ver=5.9.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
5d1705c7320deef14d27fb8787a05bee8aa18d56f3ee76623660d2e0aae3245b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Oct 2022 07:19:33 GMT
content-md5
7E++VfBeNfT9fdTRJJj2VA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86777
x-fb-rlafr
0
x-fb-debug
NF34tzau3pDYZoBz6so8qW7sDi+x049aIDvmaoqMF6K4BQyJBJqhbvtfwbd4o9Ul3yQ3GWYgwhJu5AuEh/ci8g==
x-fb-trip-id
917726464
x-fb-content-md5
89fbb2b56a41ff339c7818ac914da74f
cross-origin-opener-policy
same-origin-allow-popups
etag
"ee88030333b136224ecac2d0531ac689"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 17 Oct 2023 06:17:33 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		171 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=wegotthiscovered.com&domain=wegotthiscovered.com&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d350d82a519c5fac452e82405846a81ec7a521c645567be99070ca8d613ac1ce

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 17 Oct 2022 07:19:33 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
130
x-served-by
cache-bma1644-BMA
x-timer
S1665991174.710853,VS0,VE96
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sat, 15 Oct 2022 07:19:33 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=wegotthiscovered.com&p=%2F&u=CTwAafkkPs_LbPWB&d=wegotthiscovered.com&g=66987&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10056&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3489&t=C6szToBx2VYUBUuroxCv4mEiDxw5Ju&V=136&i=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&tz=0&sn=1&sv=DBGKG8BXoZXVDI0AjTS2_5U3ai52&sd=1&im=067b0fff&_
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.160.55.69 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-55-69.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Oct 2022 07:19:33 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
js
www.googletagmanager.com/gtag/ 		211 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VRDHJCSX1H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17178859-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
29d0154b2d1b0ff73fc58de7dfc7836a6fc02cd6b329fcdb413873e15dc06cc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75459
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 17 Oct 2022 07:19:33 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17178859-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Oct 2022 07:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
216
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 17 Oct 2022 09:15:57 GMT
pubads_impl_2022101002.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
ce2baa53d54f1cafc4897d96567e68ee120b016c92218d09c331d70c6b7f4bc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
553
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131337
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 16:09:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 17 Oct 2023 07:10:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		436 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=wegotthiscovered.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
6a2e81445d96198a101d10b8e84f27f0d5e393efe23ef8c18514a6369ff5f0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
188
x-xss-protection
0
expires
Mon, 17 Oct 2022 07:19:34 GMT
226866098399083
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/226866098399083?v=2.9.85&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
593fc58f2450af33765b141b31dbd1ad98e24f9482dfdad2a0ac2181988c11ff
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Oct 2022 07:19:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85932
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
GsJQIlUHsNCU9WzLdR+mZAl3UY6l4M2ALLsnF22AYDTjk9/y0+FCjYK5P8a+Z/nCG9ogGG0JZs3QehF/IZtGwg==
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ajax-loader-2.gif
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		613 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ajax-loader-2.gif
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/style.css?ver=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e9e8ae4b52da14c2647bcd0d9697ccb862c5e8cf6f617bbecb1153beb33e950

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/style.css?ver=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
cf-polished
origSize=673, status=webp_bigger
etag
"6282e35f-2a1"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75b74443e8a20b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
613
carousel-ctrls.svg
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		750 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/carousel-ctrls.svg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/style.css?ver=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cbfa45685b4ad91c14f3256742155082ef47dc59fb6838faff5329877c5ad9d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/style.css?ver=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
etag
W/"6282e35f-2ee"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
75b74443f8a80b02-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ats.js
ats.rlcdn.com/ 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-74.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
gzip
via
1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
date
Mon, 17 Oct 2022 04:07:00 GMT
x-amz-cf-pop
DUS51-P2
age
12149
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
QbyrdKmMHFQTyYn4ICFGRAGwiU9nPd9fkwCLTDst8rp4Y89lih3vFA==
page
t.skimresources.com/api/v2/ 		22 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684673.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.1 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:33 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.1
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ 		352 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9356934496955375&plah=wegotthiscovered.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
85630d06eeee4dd3b42a5acb3b36d88c074c1f730826560a9b262c8694f046d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118619
x-xss-protection
0
server
cafe
etag
17234746553751320622
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 17 Oct 2022 07:19:34 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/ Frame B4D9 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

age
75533
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Oct 2022 10:20:41 GMT
etag
9671129459699598864
expires
Sun, 30 Oct 2022 10:20:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
optimize.js
www.googleoptimize.com/ 		104 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-T7VG35Z
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWJQJXJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Google Tag Manager /
Resource Hash
6016274a403f6bdabe82cad8d6e58ba42417b104f61a317e883127ca89a6767a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41684
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Oct 2022 07:19:34 GMT
cgl7jat8wh
www.clarity.ms/tag/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/cgl7jat8wh?ref=gtm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWJQJXJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e703ada3c86166f1d759fb794f9d256117c842223b68af1d3e96a17479c1e687

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
application/x-javascript
date
Mon, 17 Oct 2022 07:19:33 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0BgJNYwAAAACwMz56iYkES5BpbuNrVf5+U1ZHMjBFREdFMDUxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
px.gif
ad-delivery.net/ 		43 B
934 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2233475
x-guploader-uploadid
ADPycdv6b6kmEwmBA9JNVMZlEStolszknZZ4zXHBdAJ4TICv3n9v7B0iu4TkzZXFS2uRqKQLQjYpIRv-WhrNrj31AYN-3I0G7pLE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ji6ux7sIRRWaEnzRXH3I%2BF1BYy5qAI31Qoy4MnvDElAPJhW6J8fHbJwleFfbYnPfnDEBEPxsuYCzFs5D9UQWgbvFgNRcHL%2By4AvTne0TTTDTAkT63nR6DFO5et%2FL869cxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
75b744459c5fb4f3-OSL
expires
Wed, 21 Sep 2022 11:46:01 GMT
latest.js
global.proper.io/payloads/ 		535 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/wegotthiscovered.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.78.34 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d555fca392acd5f6ff71bc19574806ab99899cb73c48cd0a20fe43c469e219ec

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 22:22:20 GMT
server
cloudflare
age
993218
etag
W/"63361a9c-85d06"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
75b744433ff8b527-OSL
expires
Mon, 17 Oct 2022 07:24:33 GMT
px.gif
abcheck.proper.io/ 		842 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=1&rn=1.4940562097762025
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.78.34 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
cloudflare
x-amz-request-id
AP6Y0EYH2J6S6GAN
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75b744434806b527-OSL
content-length
842
x-amz-id-2
fixqPJT3sOMSHa0NgdE8of4Mb5bJsBCwgtg3il60ovydakO7bCoAzwQafVbDE7nJ9ZC68Kt6Cao=
expires
Mon, 17 Oct 2022 11:19:33 GMT
px.gif
abcheck.proper.io/ 		842 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=2&rn=1.4940562097762025
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.78.34 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
cloudflare
x-amz-request-id
AP6X8SH1SFV8MGXX
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75b744434805b527-OSL
content-length
842
x-amz-id-2
XhEG0aqnIFEioMEYXlTGpuxfaTaGD8RkVz1cmXoC3rZQoxPDOJY2o5dQH/WkWv0EixHn8iSs1b4=
expires
Mon, 17 Oct 2022 11:19:34 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&time=1665991173632&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwegotthiscovered.com%2F&random_number=1400705280&sess_cookie=e6d5b0bb183e4cfe60049ba2743&sess_cookie_flag=1&user_cookie=e6d5b0bb183e4cfe60049ba2743&user_cookie_flag=1&dynamic=true&domain=wegotthiscovered.com&account=FMu/w1hNdI20fn&jsv=20130128&user_lang=en-US
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-81.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 02:09:36 GMT
Via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
18598
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
x-amz-meta-alexa-last-modified
20110117123941
Accept-Ranges
bytes
Content-Length
43
x-amzn-internal-status
206
X-Amz-Cf-Id
PZRwywX4GvgcD3ysfHP9l04U9MNrB37FSYtI-a5JIkKoPGXBEC_1Bg==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.222.102.2 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-222-102-2.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
server
Server
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
gzip
etag
"cbFpuah7ilcpMTJLYeCgng=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 24 Oct 2022 07:19:34 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		176 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e23aa41677b6c7479e9f2a46fb0e8a85c5ece6c088bb9fa8938fe970fc8493ab

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:05:44 GMT
content-encoding
gzip
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 22:15:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
831
x-amz-server-side-encryption
AES256
etag
W/"4c87a00941c1aa3dcbab77fc8dc08ec0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
UGz-mYjNj-qF3t4iXslTmaUpuH1n2luIc2guny7pjEOVDro4rCvYQQ==
merge
ce.lijit.com/ 		0
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=263069&3pid=613ccf2b-104a-47e3-8359-b3eb18fcde46&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn%26proper_uid%3D613ccf2b-104a-47e3-8359-b3eb18fcde46%26uid%3D%5BSOVRNID%5D&&callback=window.proper_50a6db8c_14e42236_1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:34 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
P3P
CP="CUR ADM OUR NOR STA NID"
usersync
usync.proper.io/v1/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dadaptmx%26proper_uid%3D613ccf2b-104a-47e3-8359-b3eb18fcde46%26uid%3D&&callback=window.proper_edb0c162_05...
  • https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=613ccf2b-104a-47e3-8359-b3eb18fcde46&uid=85771e22-245e-4bd9-a348-d2c57530031e&gdpr=&gdpr_consent=&us_privacy=
181 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=613ccf2b-104a-47e3-8359-b3eb18fcde46&uid=85771e22-245e-4bd9-a348-d2c57530031e&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
34.208.107.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-107-239.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
df406c79fb8221135cb4e086d2efb95c5aab7ec98fe4026cb8d77c7c02edb89b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 07:19:34 GMT
server
nginx/1.18.0
content-length
181
content-type
text/javascript

Redirect headers

location
https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=613ccf2b-104a-47e3-8359-b3eb18fcde46&uid=85771e22-245e-4bd9-a348-d2c57530031e&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 17 Oct 2022 07:19:33 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D613ccf2b-104a-47e3-8359-b3eb18fcde46%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D613ccf2b-104a-47e3-8359-b3eb18fcde46%26uid%3D%24%7BBSW_UUID%7D?&callback=w...
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=613ccf2b-104a-47e3-8359-b3eb18fcde46&uid=fd40c209-fe0b-47c3-874a-27d345d44587
183 B
386 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=613ccf2b-104a-47e3-8359-b3eb18fcde46&uid=fd40c209-fe0b-47c3-874a-27d345d44587
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
34.208.107.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-107-239.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
d467887618aebe445296aa912a3d16e90406208442b13d12bb6b9a94ba47d788

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 07:19:34 GMT
server
nginx/1.18.0
content-length
183
content-type
text/javascript

Redirect headers

Location
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=613ccf2b-104a-47e3-8359-b3eb18fcde46&uid=fd40c209-fe0b-47c3-874a-27d345d44587
Date
Mon, 17 Oct 2022 07:19:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
445.json
id5-sync.com/g/v2/ 		216 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
3f326fd68ae8024a28ee8c1a343e7756a21c4a75a1c606d95a045d805874cb93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=72
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.176.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-176-167.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Oct 2022 07:19:34 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
main.js
player.propervideo.io/new_rtp/ 		125 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.propervideo.io/new_rtp/main.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.158.234 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66eec5ff1f5907c3bfb3d9fc41b7a9dba1cb34f81ee6cd1dc5f07da29ba5e977

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 06 Sep 2022 22:53:16 GMT
server
cloudflare
age
1080071
cf-polished
origSize=191558
etag
W/"6317cf5c-2ec46"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
cf-ray
75b744481b161c16-OSL
expires
Mon, 17 Oct 2022 07:24:34 GMT
collect
region1.analytics.google.com/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VRDHJCSX1H&gtm=2oeaa0&_p=170619640&_gaz=1&cid=1146920510.1665991174&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665991173&sct=1&seg=0&dl=https%3A%2F%2Fwegotthiscovered.com%2F&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRDHJCSX1H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VRDHJCSX1H&cid=1146920510.1665991174&gtm=2oeaa0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRDHJCSX1H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.no/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VRDHJCSX1H&cid=1146920510.1665991174&gtm=2oeaa0&aip=1&z=1488031533
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 17 Oct 2022 07:19:34 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 17 Oct 2022 07:19:34 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 17 Oct 2022 07:19:34 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 17 Oct 2022 07:19:34 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 17 Oct 2022 07:19:34 GMT
server
ATS/9.1.10.25
fastlane.json
fastlane.rubiconproject.com/a/api/ 		715 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=378212&zone_id=2088034&size_id=15%3B2%3B15%3B15%3B15&alt_size_ids=2%3B%3B%3B%3B10&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=b025ad2f-28fa-4adb-a501-9b6553169cbc%3B6a78fd3c-bd6f-419f-9f3b-6f8fa6d8af25%3B4a82c349-034f-461b-934e-5a35bd4a7595%3Bccafcb63-2597-4bf5-92d8-c3d8b88094ed%3B89904f7f-c870-4a41-a4dc-2e6f109f12a5&p_screen_res=1600x1200&tg_fl.eid=2088034-4%3B2088034-5%3B2088034-1%3B2088034-2%3B2088034-3&rf=https%3A%2F%2Fwegotthiscovered.com%2F&x_source.pchain=proper.io%3A09983aa5-787b-11eb-8272-06ef03bc0096&ppuid=613ccf2b-104a-47e3-8359-b3eb18fcde46&eid_pubcid.org=613ccf2b-104a-47e3-8359-b3eb18fcde46%5E1&rp_schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1&slots=5&rand=0.8491850086218333
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bd16acf789ed09630a22c695b91001427d3151e59d58b274bcb37262a8e77e7d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:34 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://wegotthiscovered.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
715
Expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ 		256 B
969 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222c7f33dec4dac1aef181%22%3A%222c7f33dec4dac1aef181%7C728x90%7C0.1%22%2C%22d3a5634c22c38b36c65c%22%3A%22d3a5634c22c38b36c65c%7C728x90%7C0.1%22%2C%22703655e503a7d7375380%22%3A%22703655e503a7d7375380%7C300x250%7C0.1%22%2C%22f9db147c25e11d5b246b%22%3A%22f9db147c25e11d5b246b%7C300x250%7C0.1%22%2C%228be984380e9d3e24214d%22%3A%228be984380e9d3e24214d%7C300x250%7C0.1%22%2C%22e75905403a42ff80ec58%22%3A%22e75905403a42ff80ec58%7C300x250%7C0.1%22%2C%22915ace92796b2155a77c%22%3A%22915ace92796b2155a77c%7C300x600%7C1%22%7D&ref=https%3A%2F%2Fwegotthiscovered.com%2F&s=4a1700c2-1960-4a5b-a17e-f5a4ef270c8b&pv=bafa01f6-01b0-46c8-947f-5295bb35265f&vp=desktop&lib_name=prebid&lib_v=7.6.0&us=1&ius=1&userid=%7B%22pubcid%22%3A%22613ccf2b-104a-47e3-8359-b3eb18fcde46%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22613ccf2b-104a-47e3-8359-b3eb18fcde46%22%2C%22atype%22%3A1%7D%5D%7D%5D&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
0a5f33873437de5eb40785cd7faf4033b60e342d024720ffb51309572f4fe372
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-33
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
197
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
dbdeba132ce046d3751be6c6f07a66665d6cce5d65930a48d158f4993d95c95a

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
dbdeba132ce046d3751be6c6f07a66665d6cce5d65930a48d158f4993d95c95a

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
dbdeba132ce046d3751be6c6f07a66665d6cce5d65930a48d158f4993d95c95a

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
dbdeba132ce046d3751be6c6f07a66665d6cce5d65930a48d158f4993d95c95a

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
dbdeba132ce046d3751be6c6f07a66665d6cce5d65930a48d158f4993d95c95a

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
mvo
tag.1rx.io/rmp/251629/0/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/251629/0/mvo?z=1r&hbv=7.6,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
f6ebf5f0869db0aa265cb28fea5e4391cc521999013ea234b525595311feafa9

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
05cd57d49bb6781b9467d3ed82f61ab929963df6a8eaec63b7f18851b8640460

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
10e1d9583bec9aebae1231ed389de64660b8412c089e4f28a71baf310731992c

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
7b74e863426ec6d947289cf82bef2c667ed3fa7ed1ae3f37e0541be87fcdccda

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
a7ec2f9db815eb2a10ca811cc4c5e8e97db00d6ee58a328d6f0386a5a3ce2dcb

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
avjp
propermedia-d.openx.net/v/1.0/ 		106 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwegotthiscovered.com%2F&ch=UTF-8&res=1600x1200x24&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a8b8a5e9-5430-4786-b6f6-2dca7b4f3d8a&pubcid=613ccf2b-104a-47e3-8359-b3eb18fcde46&nocache=1665991173849&auid=557731210&aumfs=1000&vwd=400&vht=300&vmimes=video%2Fmp4%2Capplication%2Fjavascript&openrtb=%5Bobject%20Object%5D&vos=101&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1&x_gdpr_f=1&_pubcid=613ccf2b-104a-47e3-8359-b3eb18fcde46
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
propermedia-d.openx.net/v/1.0/ 		106 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwegotthiscovered.com%2F&ch=UTF-8&res=1600x1200x24&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c4d4c1aa-c954-483b-9f48-5359460c829e&pubcid=613ccf2b-104a-47e3-8359-b3eb18fcde46&nocache=1665991173850&auid=557731212&aumfs=1000&vwd=400&vht=300&vmimes=video%2Fmp4%2Capplication%2Fjavascript&openrtb=%5Bobject%20Object%5D&vos=101&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1&x_gdpr_f=1&_pubcid=613ccf2b-104a-47e3-8359-b3eb18fcde46
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:33 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.6.0&referrer=https%3A%2F%2Fwegotthiscovered.com%2F&tmax=550
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.202.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-202-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
accept-ch
sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.6.0&cb=47111404034&im=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=52Yh7Ui7pc8ss6U6rL4I8hAR&bidId=52Yh7Ui7pc8ss6U6rL4I8hAR&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=613ccf2b-104a-47e3-8359-b3eb18fcde46&pubcid=613ccf2b-104a-47e3-8359-b3eb18fcde46&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%22461e9726-0f2d-4fb3-bd95-e9d04b333e41%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.237.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-237-81.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:34 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=P0jqdJh1F5oblGVOhUmtzsOJ&bidId=P0jqdJh1F5oblGVOhUmtzsOJ&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=613ccf2b-104a-47e3-8359-b3eb18fcde46&pubcid=613ccf2b-104a-47e3-8359-b3eb18fcde46&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%22461e9726-0f2d-4fb3-bd95-e9d04b333e41%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.237.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-237-81.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:34 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=4odmH6fmUmDvYMQLfkysCZmO&bidId=4odmH6fmUmDvYMQLfkysCZmO&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=613ccf2b-104a-47e3-8359-b3eb18fcde46&pubcid=613ccf2b-104a-47e3-8359-b3eb18fcde46&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%22461e9726-0f2d-4fb3-bd95-e9d04b333e41%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.237.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-237-81.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:34 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=d1yhXU1BdmCwBzRjjNpeSjw9&bidId=d1yhXU1BdmCwBzRjjNpeSjw9&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=613ccf2b-104a-47e3-8359-b3eb18fcde46&pubcid=613ccf2b-104a-47e3-8359-b3eb18fcde46&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%22461e9726-0f2d-4fb3-bd95-e9d04b333e41%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.237.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-237-81.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:34 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
bid-request
a.teads.tv/hb/ 		16 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.109.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-109-122.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 17 Oct 2022 07:19:34 GMT
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1665991173860&t=mluwmihh&maxw=728&maxh=90&si=302235&bf=728x90&fp=0.1&fpc=USD&pubcid=613ccf2b-104a-47e3-8359-b3eb18fcde46&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C461e9726-0f2d-4fb3-bd95-e9d04b333e41%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.6.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=10240&_t=Mon%20Oct%2017%202022%2007:19:33%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.190.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-190-113.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
58cde63104e1a4f81ec9e8366bba27a717bf03d7201795a8430af0942fd9cac2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1665991173860&t=mluwmihh&maxw=728&maxh=90&si=302236&bf=728x90&fp=0.1&fpc=USD&pubcid=613ccf2b-104a-47e3-8359-b3eb18fcde46&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C461e9726-0f2d-4fb3-bd95-e9d04b333e41%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.6.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=10240&_t=Mon%20Oct%2017%202022%2007:19:33%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.190.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-190-113.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2e0091f801faab4a606b65dc6f0ed1329f2f6648dd6cf1a760d67b467e376e6f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		988 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1665991173860&t=mluwmihh&maxw=970&maxh=90&si=302229&bf=970x90&fp=0.1&fpc=USD&pubcid=613ccf2b-104a-47e3-8359-b3eb18fcde46&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C461e9726-0f2d-4fb3-bd95-e9d04b333e41%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.6.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=10240&_t=Mon%20Oct%2017%202022%2007:19:33%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.190.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-190-113.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c2cc373e3fbad2fae5232f296171808a0d633b056e68e8df237699ce6751cb52

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1665991173861&t=mluwmihh&maxw=300&maxh=250&si=302230&bf=300x250&fp=0.1&fpc=USD&pubcid=613ccf2b-104a-47e3-8359-b3eb18fcde46&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C461e9726-0f2d-4fb3-bd95-e9d04b333e41%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.6.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=10240&_t=Mon%20Oct%2017%202022%2007:19:33%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.190.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-190-113.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ca0ccc7b7800ada7ed4c0880382e70db3660597b4d8be6043b4e3069fe3d8d77

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1665991173861&t=mluwmihh&maxw=300&maxh=250&si=302231&bf=300x250&fp=0.1&fpc=USD&pubcid=613ccf2b-104a-47e3-8359-b3eb18fcde46&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C461e9726-0f2d-4fb3-bd95-e9d04b333e41%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.6.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=10240&_t=Mon%20Oct%2017%202022%2007:19:33%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.190.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-190-113.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8630fd5423bf681eeda0f8debba996c0bb23808b67e028c0c9733b2ee0a66545

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1665991173861&t=mluwmihh&maxw=300&maxh=250&si=302232&bf=300x250&fp=0.1&fpc=USD&pubcid=613ccf2b-104a-47e3-8359-b3eb18fcde46&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C461e9726-0f2d-4fb3-bd95-e9d04b333e41%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.6.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=10240&_t=Mon%20Oct%2017%202022%2007:19:33%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.190.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-190-113.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9b65f9e6f8490065868d7799db46fdd7db35c4b9916bdbab632e801682e40bb1

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1665991173862&t=mluwmihh&maxw=300&maxh=250&si=302233&bf=300x250&fp=0.1&fpc=USD&pubcid=613ccf2b-104a-47e3-8359-b3eb18fcde46&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C461e9726-0f2d-4fb3-bd95-e9d04b333e41%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.6.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=10240&_t=Mon%20Oct%2017%202022%2007:19:33%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.190.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-190-113.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
be7255d813685f0de1613223d8a60eceab095069fa83c62106bb98818faebf95

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1665991173862&t=mluwmihh&maxw=300&maxh=600&si=302223&bf=300x600&fp=1&fpc=USD&pubcid=613ccf2b-104a-47e3-8359-b3eb18fcde46&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C461e9726-0f2d-4fb3-bd95-e9d04b333e41%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.6.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=10240&_t=Mon%20Oct%2017%202022%2007:19:33%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.190.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-190-113.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d3a529a2f55a2f0c02cf974f28028cd3a4948ed6486780d68f1496c6d2465b44

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
ib.adnxs.com/ut/v3/ 		574 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
61c77b92768b078cd57f475c17b015f28a52a040a1a503ab50611e1cb1ec2478
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 17 Oct 2022 07:19:34 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
178.255.148.172; 178.255.148.172; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c6fd9421-d53f-4cfe-a208-2c745e84afa6
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://wegotthiscovered.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		45 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.6.0
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
f0b0df328f4beec729b564e3a3c894daaadb28185d2b91f33af880e35f671bcd

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
gzip
pod
X-Sovrn-Pod: ad_ap5ams1
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
65
prebid
prebid.media.net/rtb/ 		1 KB
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUW4K2MG
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3617f59b95c68af5821319dc484e7de01b9c151942db516ce0e72b0113c79c2a

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
prebid
ib.adnxs.com/ut/v3/ 		243 B
943 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ce630a87cafe7efd332eae170cd429cb853bdef76526391e26cfad6ae23c644b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:34 GMT
AN-X-Request-Uuid
2cd5470a-4123-46e3-be59-56894a1cd260
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wegotthiscovered.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.255.148.172; 178.255.148.172; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
243
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
hb.emxdgt.com/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1000&ts=1665991173867
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.149.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-149-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
v1
prg.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:33 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:33 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:33 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:33 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:33 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:33 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cygnus
htlb.casalemedia.com/ 		58 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=684068&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2238d19001-1fb1-4bc4-9a7c-5ef07156d2aa%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-Ws6wJ%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-Ws6wJ%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22728x90-2-ePRmm%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-ePRmm%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22970x90-1-xj0iB%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22970x90-1-xj0iB%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A970%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22300x250-1-jX3No%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-jX3No%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-2-0uhol%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-0uhol%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-3-E4lS1%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-E4lS1%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-4-GDwek%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-4-GDwek%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x600-1-qNP6s%22%2C%22bidfloor%22%3A1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-qNP6s%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%5D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22613ccf2b-104a-47e3-8359-b3eb18fcde46%22%7D%5D%7D%5D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%22461e9726-0f2d-4fb3-bd95-e9d04b333e41%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c59268e8085c994d261e889135e1f2c218d1543430fc5bf1fea9c2497a3dd85

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5NF9b0W9M5en0SeIywP3h4auVQqyZxvQoppclI6oO5C1f3l2rWAPjQIsap6WtgF90S%2FhawP7g%2F7cOmHzzgt8m9hWdkmHI2C%2FWGXpXZK1v%2FjlvGhO6sHzTiTMeEnQC397s6UgNxt"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75b744454a3f0b45-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		589 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.207.16.210 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
9a81f6a513f2d091d2e41d942bd51cf0eb2059fe2c7217702972b985b4f0a1b9

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
589
expires
0
328786
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/328786
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 17 Oct 2022 07:19:34 GMT
X-SpotX-Timing-SpotMarket-Primary
0.012527
X-SpotX-Timing-Transform
0.001723
X-SpotX-Timing-SpotMarket
0.058574
X-SpotX-Timing-Page-Require
0.000555
X-fe
117
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.002891
X-SpotX-Timing-Page-Cookie
0.000031
X-SpotX-Timing-Page
0.066286
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000551
Last-Modified
Mon, 17 Oct 2022 07:19:34 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://wegotthiscovered.com
X-SpotX-Timing-Page-Exception
0.000000
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000018
X-SpotX-Timing-SpotMarket-Secondary
0.046047
X-SpotX-Timing-Page-Mux
0.001943
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
328786
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/328786
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 17 Oct 2022 07:19:34 GMT
X-SpotX-Timing-SpotMarket-Primary
0.008413
X-SpotX-Timing-Transform
0.000260
X-SpotX-Timing-SpotMarket
0.074804
X-SpotX-Timing-Page-Require
0.000359
X-fe
097
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.002575
X-SpotX-Timing-Page-Cookie
0.000022
X-SpotX-Timing-Page
0.079231
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000288
Last-Modified
Mon, 17 Oct 2022 07:19:34 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://wegotthiscovered.com
X-SpotX-Timing-Page-Exception
0.000001
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000012
X-SpotX-Timing-SpotMarket-Secondary
0.066391
X-SpotX-Timing-Page-Mux
0.000910
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
arj
propermedia-d.openx.net/w/1.0/ 		73 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwegotthiscovered.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tws=1600x1200&aus=728x90%2C300x250%7C728x90%7C300x250%7C300x250%7C300x250%2C300x600&auid=544108942%2C544108943%2C544108949%2C544108950%2C544108953&aumfs=100%2C100%2C100%2C100%2C100&dddid=49b7d73b-6eb2-4826-9d3e-d626f81df1d2%2C7fb43002-3d50-4d69-888c-22ef970ead15%2C27a38e77-022e-4ab4-8587-25b38732d316%2Ce97c3efa-4bfe-4be1-94c6-344a5197dac4%2Cd18ae17a-9653-461f-8915-00cf51a62559&divIds=openx-76f13792-4448-40e2-a77f-021da6f024e2%2Copenx-b82757e3-fbeb-4faf-a6ed-6ba2820d5f1c%2Copenx-a28edca5-8468-4595-af17-ece187d1456f%2Copenx-bf02c1f5-45c8-40ea-84bc-8151f462cb9e%2Copenx-706b7cbd-4834-49bc-b18a-9cc60072cead&be=1&bc=hb_pb_3.0.1&nocache=1665991173874&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1&x_gdpr_f=1&pubcid=613ccf2b-104a-47e3-8359-b3eb18fcde46
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
712136b0e2652dff75d2c0ed3eb2f4e316de8e58a1c26dfb66c23309ce8b50bf

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:33 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
mvo
tag.1rx.io/rmp/251630/0/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/251630/0/mvo?z=1r&hbv=7.6,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bid.json
reachms.bfmio.com/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reachms.bfmio.com/bid.json?exchange_id=eb1985cf-693d-419b-ee26-3d1a81c96314
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.106.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-106-145.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:34 GMT
access-control-expose-headers
location
access-control-allow-credentials
true
vary
Origin
bid.json
reachms.bfmio.com/ 		0
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reachms.bfmio.com/bid.json?exchange_id=eb1985cf-693d-419b-ee26-3d1a81c96314
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.106.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-106-145.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:34 GMT
access-control-expose-headers
location
access-control-allow-credentials
true
vary
Origin
/
geo.privacymanager.io/ 		30 B
603 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash
6d6cd1bc5c5f6f74a45d532bd75e3fa3ba2bf68de66d8f7d3e4b55a3e5f00576

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 01:12:31 GMT
via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront), 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
22023
x-amzn-requestid
339aebb3-3798-4d0c-b4a5-24d51c3871df
x-amzn-trace-id
Root=1-634cabff-51524ec574b99d60284037ce;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
aH_P4Gz4DoEFYKg=
content-length
30
x-amz-cf-id
9vXsTKidYAj53ZMsoAF2dxJ2v4MwEyRTQuQ24625HVx3RgattMfMtA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=226866098399083&ev=PageView&dl=https%3A%2F%2Fwegotthiscovered.com%2F&rl=&if=false&ts=1665991173902&sw=1600&sh=1200&v=2.9.85&r=stable&ec=0&o=30&fbp=fb.1.1665991173901.1854948234&it=1665991173382&coo=false&rqm=GET
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 17 Oct 2022 07:19:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
acv.json
superficialeyes.com/ 		81 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/acv.json
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.240.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.240.110.34.bc.googleusercontent.com
Software
/
Resource Hash
c4650b58465a55f3d663bca634f08b6ac44b63053752457add5a2c13e7648b2b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Mon, 17 Oct 2022 07:19:34 GMT
x-buildnumber
661392823
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Mon, 10 Oct 2022 19:43:57 GMT
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
x-hostname
fen-hoothoot-europe-west1-spot-lf0f
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
skeleton.js
static.adsafeprotected.com/ 		17 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
21057691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
c4nPPk1lwRDCdk3f7DKRXiEhvEw0hzk63RYp8AY9bk0nBSGPsZNOtQ==
collect
www.google-analytics.com/j/ 		2 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=170619640&t=pageview&_s=1&dl=https%3A%2F%2Fwegotthiscovered.com%2F&ul=en-us&de=UTF-8&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABQAAAACAAI~&jid=227925136&gjid=1961261023&cid=1146920510.1665991174&tid=UA-17178859-1&_gid=230528678.1665991174&_r=1&gtm=2ouaa0&z=631433094
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=170619640&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwegotthiscovered.com%2F&ul=en-us&de=UTF-8&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Block&ea=Allowed&_u=YADAAUABQAAAACAAI~&jid=&gjid=&cid=1146920510.1665991174&tid=UA-17178859-1&_gid=230528678.1665991174&gtm=2ouaa0&z=842944026
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 02:19:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17979
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
YousslGi_alc9N7i1PBVBMNtdY1LkTzi
content-encoding
gzip
via
1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
date
Mon, 17 Oct 2022 02:41:26 GMT
x-amz-cf-pop
FRA56-P6
age
16877
x-cache
Hit from cloudfront
last-modified
Thu, 06 Oct 2022 01:32:47 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
LmhJOh14XJetZYi4RllygU8I4EI2YY1Bd1mpkYRtGyd0HvZTAg98Lw==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwegotthiscovered.com&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
0e9c1e427a5e80c2866377d7efcf372713fe8de95427f06e0fcfedfe1e3cd12a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 01:44:11 GMT
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
20122
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1378
x-amz-cf-id
R-u6sxyn-PtXPo-zOIsliswZiLH9CPM_beAtDzsR9ZCK8VWMn00OSQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		214 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwegotthiscovered.com%2F&pid=KoyhKajNxoGjC&cb=0&ws=1600x1200&v=22.10.32118&t=550&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A100%2C%22id%22%3A%22Outstream_400x300%22%2C%22mt%22%3A%22v%22%7D%2C%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A100%2C%22id%22%3A%22Outstream_400x300%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C461e9726-0f2d-4fb3-bd95-e9d04b333e41%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.94.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-94-230.fra50.r.cloudfront.net
Software
Server /
Resource Hash
e44e09455a039215e492d806ab0bb302d322de38a7bc95f3e5398c78042be815
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
VFHGDJSNA9SVXQW7BM5J
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
214
x-amz-cf-id
LxY6jn7MoU6vO7AHvMtn6Wk4yderkZFy_S2nyz2_hMWxP-xonk9-Ag==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		214 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwegotthiscovered.com%2F&pid=KoyhKajNxoGjC&cb=1&ws=1600x1200&v=22.10.32118&t=550&slots=%5B%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-5%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C461e9726-0f2d-4fb3-bd95-e9d04b333e41%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.94.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-94-230.fra50.r.cloudfront.net
Software
Server /
Resource Hash
aa87f164c753fcd9ff3025f95a937a6f7009046c1bcffe1fe714f2b03ccf3648
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
7K3W1BCMPQRPF8QQREA9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
214
x-amz-cf-id
PMFOIDuXgWcHPXDYT-mrhQCzFCvnAsbESqIQ_UWV-kCloY-wy4Lw0w==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 20:10:31 GMT
server
Apache
etag
"d71e-5e830058020dd-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17404
expires
Mon, 17 Oct 2022 07:34:34 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-112.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ca7d45c26841657f394d905623d5e5c9c7f32aecc66d66ff8401388ffc43097

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 00:50:36 GMT
content-encoding
gzip
via
1.1 9463f100725b8b17da2d778617835760.cloudfront.net (CloudFront)
last-modified
Tue, 19 Jul 2022 18:12:22 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
23339
x-amz-server-side-encryption
AES256
etag
W/"979a52ecf913f8004d0123a9b7ba2a05"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
QHooGhR_g8BO8Zoy33rIkDqLzqWoWLDoKCS0VZwHhfqWfD7N4yfS4w==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
NB2A206MY26ZNA92
age
2679
etag
W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
75b74449aa0fb4f3-OSL
x-amz-id-2
xquZ6QoBGtIgECOlulfi9qoPm7v0WWNvgdo/gHYkJool7qqKRJv1p7VLfgECP96SCtmXrsRKKZg=
clarity.js
www.clarity.ms/eus2-c/s/0.6.42/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-c/s/0.6.42/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/cgl7jat8wh?ref=gtm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:33 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
etag
"1d8de484d1af7d4"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
x-azure-ref
0BgJNYwAAAADAQPnydQuAT5l6VE425LFWU1ZHMjBFREdFMDUxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2541943eb1b759367d198f4b470134d85aadc1bf18a48da5e49de3c61b9a59ac

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:44:09 GMT
content-encoding
gzip
via
1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
2126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 14 Oct 2022 00:52:56 GMT
server
AmazonS3
etag
W/"bc35b7c476efec25f5c48ba8fb7b9906"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
rSRbaeLtwW1MlQBIpzObSIdlzq7-uHkQwRtHBHnvXzr2XEoAWXGXMA==
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=226866098399083&ev=Microdata&dl=https%3A%2F%2Fwegotthiscovered.com%2F&rl=&if=false&ts=1665991174406&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22All%20the%20latest%20news%2C%20trailers%20%26%20reviews%20for%20movies%2C%20video%20games%2C%20music%20and%20TV.%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22We%20Got%20This%20Covered%22%2C%22og%3Adescription%22%3A%22All%20the%20latest%20news%2C%20trailers%20%26%20reviews%20for%20movies%2C%20video%20games%2C%20music%20and%20TV.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2F%22%2C%22og%3Asite_name%22%3A%22We%20Got%20This%20Covered%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22%40id%22%3A%22https%3A%2F%2Fwegotthiscovered.com%23Organization%22%2C%22name%22%3A%22We%20Got%20This%20Covered%22%2C%22url%22%3A%22https%3A%2F%2Fwegotthiscovered.com%22%2C%22sameAs%22%3A%5B%5D%2C%22logo%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2Fwp-content%2Fuploads%2F2022%2F03%2FWGTC-Featured-Image-Logo.png%22%2C%22width%22%3A%221200%22%2C%22height%22%3A%22675%22%7D%7D%5D%2C%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwegotthiscovered.com%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2F%3Fs%3D%7Bsearch_term_string%7D%26submit%3D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.85&r=stable&ec=1&o=30&fbp=fb.1.1665991173901.1854948234&it=1665991173382&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 17 Oct 2022 07:19:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
collect
stats.g.doubleclick.net/j/ 		1 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-17178859-1&cid=1146920510.1665991174&jid=227925136&gjid=1961261023&_gid=230528678.1665991174&_u=YADAAUAAQAAAACAAI~&z=640687038
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 17 Oct 2022 07:19:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		20 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.202.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-202-27.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

expires
0
pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache
x-server
10.45.11.164
access-control-allow-credentials
true
content-length
20
x-consent
absent
collect
i.clarity.ms/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:35 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 14:52:58 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
9822396
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
YHckn-W33hQH8Nh3Y5_xXM_OBuEQKtNmHgX6BaoNvfJAtTYNzZEOqQ==
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame B7BC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
47088
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2973
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 16 Oct 2022 18:14:47 GMT
expires
Mon, 16 Oct 2023 18:14:47 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ADTECH;v=2;cmd=bid;cors=yes
adserver.adtech.advertising.com/pubapi/3.0/1/977555.66/0/0/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adserver.adtech.advertising.com/pubapi/3.0/1/977555.66/0/0/ADTECH;v=2;cmd=bid;cors=yes
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
nel
{"report_to": "default", "max_age": 86400, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
server
awselb/2.0
report-to
{"group": "default", "max_age":86400, "endpoints":[{"url":"https://report.edgecast.com/","priority":1 }, {"url":"https://nelcollector.sre.ecsvc.net/report","priority":2 }]}
iu3
aax-eu.amazon-adsystem.com/s/ Frame 91F6
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&dcc=t
384 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
07b5544225f2af1fa86acc92b50d3ff50887b594493d3ceaa5379b9cdc0a6881
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
384
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 17 Oct 2022 07:19:35 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZGFKSFW6Q122N31VYB28

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 17 Oct 2022 07:19:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
3T2QFQAC6HBS295HB4JW
liveView.php
live.primis.tech/live/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
d8d141e2588d55caf64536a94190dda4a50ef888c3cba56a0600a0a6b290b1e8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
c6TXmftZ-PouvG2i-P_9OaZEgP-l5A31MqcnTNfkqWBQZbNMR_ut3g==
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
25e3ac717642cb99a0785b006f493b8463e9e5f9bd9dce2add3a86cd9ef1ba1d

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:34 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		34 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
7c64a2e50e17df0de764f7d3ed69a5852bcc5c2bc6367f5e4854a1c10a850ea4

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:35 GMT
content-length
34
vary
Origin
content-type
application/json
b
sb.scorecardresearch.com/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035334&cs_it=b3&cv=3.8.0.210223&ns__t=1665991173601&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=4&cs_cmp_rt=1169&c7=https%3A%2F%2Fwegotthiscovered.com%2F&c8=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&c9=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
iYcSz7uO7oIgHpmu56AVP6JGK3YkTMX_OIAMjBYJyGSFGZz5pgKAig==
x-cache
Miss from cloudfront
cookie.js
partner.googleadservices.com/gampad/ 		407 B
703 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=wegotthiscovered.com&callback=_gfp_s_&client=ca-pub-9356934496955375&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9356934496955375&plah=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a40de02ac15a36a562d8b5364b884154d047e72cca6ce0a4c887d7d69dbf737c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
integrator.js
adservice.google.no/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.no/adsid/integrator.js?domain=wegotthiscovered.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9356934496955375&plah=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wegotthiscovered.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9356934496955375&plah=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwegotthiscovered.com%2F&tn=DIV&id=mainHeader&cls=header%20sticky&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C74A 		0
179 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&adk=2018173897&adf=1110508544&lmt=1665991174&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwegotthiscovered.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665991173551&bpp=6&bdt=1441&idt=1048&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2706020275387&frm=20&pv=2&ga_vid=1146920510.1665991174&ga_sid=1665991175&ga_hid=170619640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531706&oid=2&pvsid=3271238232573634&tmod=649120664&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1239
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9356934496955375&plah=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Oct 2022 07:19:35 GMT
expires
Mon, 17 Oct 2022 07:19:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		593 B
802 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3271238232573634&correlator=751340872440442&eid=31070117%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=22723339152%2Cwegotthiscovered.com%2Cwegotthiscovered_pskin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=3269287658&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1665991174805&lmt=1665991174&dlt=1665991172109&idt=1812&adxs=55&adys=80&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwegotthiscovered.com%2F&frm=20&vis=1&psz=1600x1600&msz=1490x0&fws=0&ohw=0&ga_vid=1146920510.1665991174&ga_sid=1665991175&ga_hid=170619640&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
fc12b7cb49c152a52b1a3a29fc12fef3101c7e54ecf620d9c18387bdf316e7d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 569F 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Oct 2022 07:19:35 GMT
expires
Tue, 17 Oct 2023 07:19:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
s2s
eb.proper.io/ 		367 B
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.78.34 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38af84288c6a60c461f6cf4cbe518f766c05705602ffc9e31124902bdefb7a62

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-timing
dur:504
cf-ray
75b7444ac83cb527-OSL
expires
-1
pixel;r=2077928928;labels=type.article%2Ctitle.We%20Got%20This%20Covered;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwegotthiscovered.com%2F;uht=2;fpan=1;fpa=P0-918389762-1665991174904;pbc=;ns=0;ce=1;...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2077928928;labels=type.article%2Ctitle.We%20Got%20This%20Covered;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwegotthiscovered.com%2F;uht=2;fpan=1;fpa=P0-918389762-1665991174904;pbc=;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;us_privacy=1---;ref=;d=wegotthiscovered.com;dst=0;et=1665991174904;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.We%20Got%20This%20Covered%2Cdescription.All%20the%20latest%20news%252C%20trailers%20%26%20reviews%20for%20movies%252C%20video%20games%252C%20music%20and%20TV%252E%2Curl.https%3A%2F%2Fwegotthiscovered%252Ecom%2F%2Csite_name.We%20Got%20This%20Covered;ses=3da55278-96e0-47c2-ad47-e31aee633b88
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:34 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 18 Oct 2022 07:19:35 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3271238232573634&correlator=3782736774496708&eid=31070117%2C44775318&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&tfcd=0&iu_parts=5376056%3A143457427%2Cwegotthiscovered_side_1%2Cdynamic_1%2Cwegotthiscovered_sticky_1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F3&prev_iu_szs=1x1%7C300x250%7C300x50%7C300x100%2C1x1%7C728x90%7C970x90%7C320x50%7C300x50&ifi=3&adks=3702255727%2C2087247537&sfv=1-0-38&fsapi=false&prev_scp=proper_slot%3D2.01%26proper_floor%3D0.10%26refresh_count%3D0%7Cproper_slot%3D20%26proper_sticky%3Dtrue%26proper_floor%3D0.10%26refresh_count%3D0&eri=1&cust_params=post_id%3Dunknown%26member%3Dno%26category%3D%26split_version%3D17597%26proper_site%3Dwegotthiscovered%26proper_page%3D1%26s_depth%3D1%26tags%3Dhome-page&ppid=613ccf2b-104a-47e3-8359-b3eb18fcde46&sc=1&cookie=ID%3D3363e59df3579081-2278478c48ce009c%3AT%3D1665991174%3ART%3D1665991174%3AS%3DALNI_Ma3MC3WuUjeypOUn00YL4rFiGJgGQ&gpic=UID%3D00000b7461aede65%3AT%3D1665991174%3ART%3D1665991174%3AS%3DALNI_MbfIn3R4DLL5Gr7wtV6fDQCk2Vm9w&arp=1&abxe=1&dt=1665991175096&lmt=1665991175&dlt=1665991172109&idt=1812&adxs=1049%2C-12245933&adys=875%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwegotthiscovered.com%2F&frm=20&vis=1&psz=302x-1%7C0x-1&msz=300x-1%7C0x-1&fws=516%2C640&ohw=342%2C0&ga_vid=1146920510.1665991174&ga_sid=1665991175&ga_hid=170619640&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
4632a5bb144ed6611182211786fc7993b0528bb8f51fa36a1bdbb1da8510381d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16244
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 6404 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c17b56f8d87f80bcbf15ec1adbf2f801a4ce4fc2de2fae6d67597a1ec1a152b3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3290
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 17 Oct 2022 07:19:35 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
61DQPVSJBZ5FYKCR412D
445.json
id5-sync.com/g/v2/ 		216 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
b19c60fa43cb401e392a7df755e73ebf9947ffd6f43e978893a39cfe0f7e74ee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
liveView.php
live.primis.tech/live/ Frame 2978 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1665991175&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
19097fa904822558caf987e8aff8661d00f55af1e78c4512bcf62c7ff9ca8cb0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
QJZasCmjvLmPQnsfiDw-fJnKbmB5o6Eqq0LmDenGoK6dVq9lIsF9fA==
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6404
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=fd40c209-fe0b-47c3-874a-27d345d44587
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=fd40c209-fe0b-47c3-874a-27d345d44587
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
655BH3ZGY6ER5ZK3WV7Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=fd40c209-fe0b-47c3-874a-27d345d44587
Date
Mon, 17 Oct 2022 07:19:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6404
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3089927759418831000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3089927759418831000V10
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BT1T006QE281EJRG9G6Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:35 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3089927759418831000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Mon, 17 Oct 2022 07:19:35 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6404
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=75b303cd
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=75b303cd
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2GYHY5HKKQ1SAZV9SK4B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 17 Oct 2022 07:19:35 GMT
via
1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=75b303cd
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
STaNicYhFiD1XB-6Lgjy4-6nHYKrZdB8xbCvQ0ty2IyNjaerKkMjWw==
/
onetag-sys.com/match/ Frame 6404 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6404
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8ENEPFFRF24HKZG08P62
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
88
Content-Type
text/html; charset=utf-8
amzns2s
rtb.gumgum.com/usync/ Frame 0796 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.178.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-178-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
af016586aec330dd4780cb337a771e77965798a265773f55105e77e6a3b57d6b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 17 Oct 2022 07:19:35 GMT
etag
W/"095450baf6c72c79309f9e168e5b57c34"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 755E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8662027f2d18a06c77dfb505e1ce31999817ea9d380aeb81c47b38019bda843

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75b7444f3d7ab524-OSL
content-encoding
br
content-type
text/html
date
Mon, 17 Oct 2022 07:19:35 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MW7981vFIA7anxWhhypjp2LmZKhcmLGecMClfrPXMKiqQ%2F8ior%2BRbdJSPeb9WvC5lA6vGA7ToEdb%2B9Tis7mMciH7HnIhSoe9v0ld%2BA7avXHguhM8T0Hs9S65XdhCIKfcocM2wHs1LJx%2Buw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75b7444e885db512-OSL
content-length
0
date
Mon, 17 Oct 2022 07:19:35 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8A3cxUPQuOqxg7FJMC2oZqWF6picraH%2BoZY4hzxnPLCATxKZSWYLmMqPY3WSw84y3txifvzpkwtEz%2FSEmqa%2Fi7uYzK7tVCWl5psoo42NjafO3KJ2CAv1Q6arkmBdIR7zpmKgAGF111KbvA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame BEB9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3710936749595118862
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3710936749595118862
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 17 Oct 2022 07:19:35 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
E537SSH2VTX7DT2EN8FK

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Mon, 17 Oct 2022 07:19:35 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3710936749595118862
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8CA0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=111604
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 17 Oct 2022 07:19:35 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 18 Oct 2022 14:19:39 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 88D6 		915 B
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.64.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-64-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1aace6d8444e3be8f862828dbfc5c12226caae6b6251d08a461d681d25045b86

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 17 Oct 2022 07:19:35 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 4E0F 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Oct 2022 07:19:35 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B2D0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=eS1vVmJWelJGRTJ1S1BqamNkNl9HRnV5aE1wT2QuU0pheH5B&
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=eS1vVmJWelJGRTJ1S1BqamNkNl9HRnV5aE1wT2QuU0pheH5B&
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 17 Oct 2022 07:19:35 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
0SWN4T8BV5H6YWZEDEM9

Redirect headers

age
0
content-length
0
date
Mon, 17 Oct 2022 07:19:35 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=eS1vVmJWelJGRTJ1S1BqamNkNl9HRnV5aE1wT2QuU0pheH5B&
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
amazon
ap.lijit.com/beacon/ Frame F555
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
bc0161ac646d29d227691fa974edb1c45866e3e11c16954c2f923d8a9576f57e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
1131
content-type
text/html
date
Mon, 17 Oct 2022 07:19:35 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pod
X-Sovrn-Pod: ad_ap5ams1
pragma
no-cache

Redirect headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
date
Mon, 17 Oct 2022 07:19:35 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
location
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
p3p
CP="CUR ADM OUR NOR STA NID"
pod
X-Sovrn-Pod: ad_ap5ams1
pragma
no-cache
getuid
eb2.3lift.com/ Frame 6910 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 17 Oct 2022 07:19:35 GMT
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 2978 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1665991175&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
x-amz-cf-pop
FRA2-C2
etag
W/"5e441350-4be0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
vKe6WPKG1TuD6NaBizpvQ1DQPYnf3V8Dfhoj9TrGP6M2cVbM8OnEBA==
expires
Tue, 17 Oct 2023 07:19:35 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 2978 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1665991175&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
FRA2-C2
etag
W/"6024fccc-228f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
bNaC62uT9AWaC7Q9ixS-9ygCASdTAHc9Qawc4vFhYnhQ_8NZ8hDuAQ==
expires
Tue, 17 Oct 2023 07:19:35 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 2978 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1665991175&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
FRA2-C2
etag
W/"6024fccc-1ef8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
C6F5TMyBxUb2pMmVxt3ktXNu05VCpLtymIx6j2Z6N2wvO-HXt0LIyA==
expires
Tue, 17 Oct 2023 07:19:35 GMT
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame 2978 		258 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1665991175&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:36 GMT
server
nginx
x-amz-cf-pop
FRA2-C2
etag
W/"623b1724-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
ZGekNkmlgVv03MrNwV56nzCXKqVNBcExCxT-8h00Q9ethqdBKwmvlg==
expires
Tue, 17 Oct 2023 07:19:35 GMT
prebidVid.6.18.0_15.min.js
live.primis.tech/content/prebid/ Frame 2978 		512 KB
257 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.6.18.0_15.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1665991175&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
a7f30e418e25a2d6f77cadc8a1476981548b1eb0e153c5d48280348dd8c77051

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 17:00:27 GMT
server
nginx
x-amz-cf-pop
FRA2-C2
etag
W/"6303b62b-7fe72"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
bBMkFICrDzBMaNmrjBVWqBDZfpBjLSA7BF7QCeB32nLq5oDb3wuxnw==
expires
Tue, 17 Oct 2023 07:19:35 GMT
liveVideo.php
live.primis.tech/live/ Frame 2978 		612 KB
258 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31302D31375F31307D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.172&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=634d020751aff&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1665991175&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
2da2ffa6e2de6d8e2cdc2ef2051e0f3a26fb76d6400c0d988ba7a036a81957a2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-amz-cf-id
jt5ZpXHG9CjjS1FVUu8i-1s-_nCcTlllJvZwLLpvm36T9xnDzfk72w==
collect
i.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:35 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F555 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=Ffq3tPZHgUrRqnBqQ1CbWjkK&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GE7F2PF596Q2DRZAYW62
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame F555 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame F555
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RmZxM3RQWkhnVXJScW5CcVExQ2JXamtL&gdpr=0
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RmZxM3RQWkhnVXJScW5CcVExQ2JXamtL&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 17 Oct 2022 07:19:35 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
access-control-allow-methods
GET, POST, DELETE, PUT
location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RmZxM3RQWkhnVXJScW5CcVExQ2JXamtL&gdpr=0
access-control-allow-origin
*
access-control-allow-credentials
true
connection
close
access-control-allow-headers
X-Requested-With, Content-Type
merge
ce.lijit.com/ Frame F555
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AAMkN07GmgQAACC9prZjfA&gdpr=0
43 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAMkN07GmgQAACC9prZjfA&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAMkN07GmgQAACC9prZjfA&gdpr=0
Date
Mon, 17 Oct 2022 07:19:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame F555
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=5124322323441471753
0
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=5124322323441471753
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:35 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=5124322323441471753
Date
Mon, 17 Oct 2022 07:19:35 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
amazon
ap.lijit.com/beacon/ Frame F555 		0
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/beacon/amazon?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
usersync
usersync.gumgum.com/ Frame 0796
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6707861486997632952
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6707861486997632952
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:35 GMT
AN-X-Request-Uuid
4b48da0b-d577-4dad-9a2d-a4ecf82cfba8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=6707861486997632952
Connection
keep-alive
X-Proxy-Origin
178.255.148.172; 178.255.148.172; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 0796
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5f02736b-84f1-4d1a-98e5-26b5034ea202&gdpr=&gdpr_consent=&us_privacy=
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=fd40c209-fe0b-47c3-874a-27d345d44587
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=fd40c209-fe0b-47c3-874a-27d345d44587
  • https://usersync.gumgum.com/usersync?b=bsw&i=fd40c209-fe0b-47c3-874a-27d345d44587
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=fd40c209-fe0b-47c3-874a-27d345d44587
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=fd40c209-fe0b-47c3-874a-27d345d44587
Date
Mon, 17 Oct 2022 07:19:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 0796
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28mYp-eV-H2jazLP7aoj9WdqdhzyVPjahM4XuGa6HAPxMQNy3djVuJZ7N81Vp5CqH8%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_5f02736b-84f1-4d1a-98e5-26b5034ea202&obuid=ENC(mYp-eV-H2jazLP7aoj9WdqdhzyVPjahM4XuGa6HAPxMQNy3djVuJZ7N81Vp5CqH8)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://creativecdn.com/cm-notify?pi=outbrain&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=Rxv13bX84CQbZMPwfucR&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=Rxv13bX84CQbZMPwfucR&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:19:37 GMT
Cache-Control
no-cache
X-TraceId
902f8e2e92d118a7fe12e1b383faf8d0
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=Rxv13bX84CQbZMPwfucR&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA
pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT, Mon, 17 Oct 2022 07:19:36 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 0796 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame 0796
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-fc783da8-c1c9-4378-4a1c-1ecea9692f9d$ip$178.255.148.172
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-fc783da8-c1c9-4378-4a1c-1ecea9692f9d$ip$178.255.148.172
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-fc783da8-c1c9-4378-4a1c-1ecea9692f9d$ip$178.255.148.172
Date
Mon, 17 Oct 2022 07:19:36 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 0796
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-knYImaBE2pel6Nb.zyBCJplaXvFa0vRw5Jpj~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-knYImaBE2pel6Nb.zyBCJplaXvFa0vRw5Jpj~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 17 Oct 2022 07:19:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-knYImaBE2pel6Nb.zyBCJplaXvFa0vRw5Jpj~A
content-length
0
usersync
usersync.gumgum.com/ Frame 0796
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=60b6a5aa-9fb2-40f7-8e5d-9111aabb026b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=60b6a5aa-9fb2-40f7-8e5d-9111aabb026b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=60b6a5aa-9fb2-40f7-8e5d-9111aabb026b
Date
Mon, 17 Oct 2022 07:19:36 GMT
Connection
keep-alive
X-CI-RTID
896e02a3-def1-4768-9180-ea0f9d7a6826
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 0796 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
506049668
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 0796 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 0796
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5f02736b-84f1-4d1a-98e5-26b5034ea202&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 0796
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=47e86614-5e44-428d-b6eb-6ec5b1af9d5d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=47e86614-5e44-428d-b6eb-6ec5b1af9d5d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=47e86614-5e44-428d-b6eb-6ec5b1af9d5d
access-control-allow-origin
*
date
Mon, 17 Oct 2022 07:19:36 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
generic
match.adsrvr.org/track/cmf/ Frame 0796
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1665991176152
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4878863135
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4878863135
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
etag
RXccd1c137dc4544af80f0076d1511f213003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4878863135
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame 0796
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=gsCglYhOqayW&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=gsCglYhOqayW&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=gsCglYhOqayW&ev=1&pid=558355
content-language
no-NO
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6bdd85b5c9-lgqw9
expires
-1
usersync
usersync.gumgum.com/ Frame 0796
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=7257882633351935861
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=7257882633351935861
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=7257882633351935861
date
Mon, 17 Oct 2022 07:19:35 GMT
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0796 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_5f02736b-84f1-4d1a-98e5-26b5034ea202
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8J4EXR2W1Q617DPPT0YR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame FB7E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=15ef634d-0208-4900-81d7-51cff97ccef3&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=15ef634d-0208-4900-81d7-51cff97ccef3&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 17 Oct 2022 07:19:36 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 17 Oct 2022 07:19:36 GMT
Expires
Mon, 17 Oct 2022 07:19:35 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4539 98cc2da master nrt-pixel-x21 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=15ef634d-0208-4900-81d7-51cff97ccef3&gdpr=&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 6AA1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=Y00CBwAAALFipQAW
  • https://usersync.gumgum.com/usersync?b=atm&i=Y00CBwAAALFipQAW&gdpr=&gdpr_consent=&_test=Y00CBwAAALFipQAW
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y00CBwAAALFipQAW&gdpr=&gdpr_consent=&_test=Y00CBwAAALFipQAW
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 17 Oct 2022 07:19:36 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 17 Oct 2022 07:19:35 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y00CBwAAALFipQAW&gdpr=&gdpr_consent=&_test=Y00CBwAAALFipQAW
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-bma1620-BMA
x-timer
S1665991176.883236,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 45EF 		170 B
502 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81ZjAyNzM2Yi04NGYxLTRkMWEtOThlNS0yNmI1MDM0ZWEyMDI=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 17 Oct 2022 07:19:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 467D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=111604
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 17 Oct 2022 07:19:35 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 18 Oct 2022 14:19:39 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 6350 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 17 Oct 2022 07:19:35 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
um
cs.emxdgt.com/ Frame BB2F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-length
0
content-type
text/html
date
Mon, 17 Oct 2022 07:19:35 GMT
usersync
usersync.gumgum.com/ Frame 2D6B
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y00CCMCo5ukAAP.-eRIAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y00CCMCo5ukAAP.-eRIAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 17 Oct 2022 07:19:36 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 17 Oct 2022 07:19:36 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y00CCMCo5ukAAP.-eRIAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
28
X-SO-HostName
a-ad40202.dc2p.scaleout.jp
X-SO-IP
178.255.148.172
X-SO-Key
Y00CCMCo5ukAAP.-eRIAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":28,"gdpr":true,"ipv4":"0.0.0.0","key":"Y00CCMCo5ukAAP.-eRIAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40202"}
X-SO-LB-Hostname
a-tgng40018.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40202
usersync
usersync.gumgum.com/ Frame CA1F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y00CB57oA85I5ypaqBa9wwAA%264378
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y00CB57oA85I5ypaqBa9wwAA%264378
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 17 Oct 2022 07:19:35 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75b7444fadefb524-OSL
content-length
0
date
Mon, 17 Oct 2022 07:19:35 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y00CB57oA85I5ypaqBa9wwAA%264378
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=td3khvF%2Bo6IA%2FGxVlkVXZ4OoQPrzER1FU6E4LXpc7y7t6Huk1ZSmsh0SX222He3Loau1jtV%2BwUzMJFJeY%2BSUUchK5KzloBd%2FOcc6F2zo7XzP3eJaUOuPHnx0I7gfyG7y22%2BPB6TVtfRFOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 4FDA
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=Rxv13bX84CQbZMPwfucR&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=Rxv13bX84CQbZMPwfucR&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 17 Oct 2022 07:19:36 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 17 Oct 2022 07:19:35 GMT Mon, 17 Oct 2022 07:19:35 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=Rxv13bX84CQbZMPwfucR&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame BA1D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Oct 2022 07:19:35 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 17 Oct 2022 07:19:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 88D6 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=ym.com&id=gd82111b01bd0c5cc36e
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3QR60ATYAJT9KD2BPH9V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
current
yieldmo-match.dotomi.com/match/bounce/ Frame 88D6 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.207.16.201 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams04-usadmm.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sync
ads.yieldmo.com/v000/ Frame 88D6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__
  • https://ads.yieldmo.com/v000/sync?pn_id=z&userid=
43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=z&userid=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.170.205.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-205-64.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/v000/sync?pn_id=z&userid=
Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
76
Content-Type
text/html; charset=utf-8
sync
ads.yieldmo.com/v000/ Frame 88D6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=6707861486997632952&pn_id=an
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=6707861486997632952&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.170.205.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-205-64.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:35 GMT
AN-X-Request-Uuid
11cb32de-b5d5-45a3-9c54-bfa57156a707
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.yieldmo.com/v000/sync?userid=6707861486997632952&pn_id=an
Connection
keep-alive
X-Proxy-Origin
178.255.148.172; 178.255.148.172; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 88D6
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=16187c8e-675a-42ea-9ea1-b23851e32350&gdpr=&gdpr_pd=&gdpr_consent=
43 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=16187c8e-675a-42ea-9ea1-b23851e32350&gdpr=&gdpr_pd=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.170.205.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-205-64.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/v000/sync?pn_id=mf&userid=16187c8e-675a-42ea-9ea1-b23851e32350&gdpr=&gdpr_pd=&gdpr_consent=
Date
Mon, 17 Oct 2022 07:19:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/ Frame 88D6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=6m46KvFESVp5zXQKTox9vrL_lKw&gdpr=&gdpr_consent=
43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=6m46KvFESVp5zXQKTox9vrL_lKw&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.170.205.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-205-64.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=6m46KvFESVp5zXQKTox9vrL_lKw&gdpr=&gdpr_consent=
Date
Mon, 17 Oct 2022 07:19:36 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
dcm
s.amazon-adsystem.com/ Frame 755E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y00CB57oA85I5ypaqBa9wwAAERoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E1C7N9K0RANWFWZ2S4PN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 755E 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 755E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y00CB57oA85I5ypaqBa9wwAAERoAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOh4z323h_EYOSF97aVxvjY&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOh4z323h_EYOSF97aVxvjY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlL9VY0Tr5i1GiZE2n2wTwL7pvNUhzb65nZ8ZQECQ1c%2F1xlnHQxNGxrSlTRi9Kxg9N8wHK%2BG7Zeqeejkg%2FV00P7X4rjpxmTKDaITLM6vmUWt9RbjyR7c8LQyJcgkBe4uRcYZoPKu9gDNHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75b744513801b524-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOh4z323h_EYOSF97aVxvjY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 755E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y00CB57oA85I5ypaqBa9wwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDSjWQjiaH10uoU8zpn6zk4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDSjWQjiaH10uoU8zpn6zk4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDSjWQjiaH10uoU8zpn6zk4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
r.casalemedia.com/ Frame 755E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=ba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=ba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=ba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=ba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=ba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=ba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=ba227bfe-5d39-4173-94e1-dd417e697074-634d0207-4e4f&gdpr=0&gdpr_consent=
date
Mon, 17 Oct 2022 07:19:36 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
rum
dsum.casalemedia.com/ Frame 755E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=index&bsw_custom_parameter=fd40c209-fe0b-47c3-874a-27d345d44587
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=index&expires=10&bsw_param=fd40c209-fe0b-47c3-874a-27d345d44587
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=fd40c209-fe0b-47c3-874a-27d345d44587
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=fd40c209-fe0b-47c3-874a-27d345d44587
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=fd40c209-fe0b-47c3-874a-27d345d44587
Date
Mon, 17 Oct 2022 07:19:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Y00CB57oA85I5ypaqBa9wwAAERoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 755E 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y00CB57oA85I5ypaqBa9wwAAERoAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.242.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-242-74.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
tp_out
d.adroll.com/cm/index/ Frame 755E 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.197.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-197-120.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 755E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=Y00CB57oA85I5ypaqBa9wwAAERoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B9BYM2QEFYV06TX4A7Y6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v2ijhppuHG1kyP8ckCVmactExGBYKnR60AgBtdPlscYf_OhJIsKb4EAZysztWrKnZ33uctvyT
superficialeyes.com/ 		191 B
336 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2ijhppuHG1kyP8ckCVmactExGBYKnR60AgBtdPlscYf_OhJIsKb4EAZysztWrKnZ33uctvyT
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.240.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.240.110.34.bc.googleusercontent.com
Software
/
Resource Hash
79e62d29fefb53795ce1a8d02e8cfb8d181991a72fedb60974f451680d1bc03a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 17 Oct 2022 07:19:36 GMT
via
1.1 google
x-buildnumber
661392823
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
x-hostname
fen-hoothoot-europe-west1-spot-lf0f
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Mon, 17 Oct 2022 07:19:34 GMT
usync.js
eus.rubiconproject.com/ Frame 4E0F 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:19:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27531
Connection
keep-alive
Content-Length
9421
Expires
Mon, 17 Oct 2022 14:58:26 GMT
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31302D31375F31307D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.172&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=634d020751aff&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
last-modified
Wed, 09 Feb 2022 07:06:30 GMT
server
nginx
x-amz-cf-pop
FRA2-C2
etag
W/"620367f6-465a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
77a-MOsnV29yJiK3f7FR7e1ALm25oUvZfjswJxNtf2J0pnFsN1SNSA==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 2978 		176 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31302D31375F31307D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.172&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=634d020751aff&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e23aa41677b6c7479e9f2a46fb0e8a85c5ece6c088bb9fa8938fe970fc8493ab

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:05:44 GMT
content-encoding
gzip
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 22:15:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
832
x-amz-server-side-encryption
AES256
etag
W/"4c87a00941c1aa3dcbab77fc8dc08ec0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
WIkVvl6z6P634fTb2bp3DFc2fW_SwMxH_HoOwoRbT1tRQV3cYwkarQ==
css
fonts.googleapis.com/ Frame AA85 		2 KB
648 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Oct 2022 07:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 06:02:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Oct 2022 07:19:36 GMT
css
fonts.googleapis.com/ 		1 KB
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31302D31375F31307D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.172&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=634d020751aff&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Oct 2022 07:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 06:40:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Oct 2022 07:19:36 GMT
analytics.js
s.srvmath.com/2/697322/ Frame 2978 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/697322/analytics.js?dt=6973221530105335325000&di=wegotthiscovered.com&gt=NO&c1=chrome&c2=desktop&c5=&si=29569&pc=108034&_page=https%3A%2F%2Fwegotthiscovered.com%2F&r1=178.255.148.172&pp=wegotthiscovered.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31302D31375F31307D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.172&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=634d020751aff&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d3ef5a5d8f3acdc11f245e42e76c96efecc31d90b4c69e4c8d5556f2692fd591
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
2788
Expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B782 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31302D31375F31307D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.172&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=634d020751aff&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=111604
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 17 Oct 2022 07:19:35 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 18 Oct 2022 14:19:39 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame C6C9
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=634d020751aff&pixel=&advId=94&advUuid=0cd0eb1c-4dec-11ed-a8d0-1dbc55590006
0
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=634d020751aff&pixel=&advId=94&advUuid=0cd0eb1c-4dec-11ed-a8d0-1dbc55590006
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31302D31375F31307D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.172&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=634d020751aff&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

age
0
cache-control
no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 17 Oct 2022 07:19:35 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
vary
Accept-Encoding
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
x-amz-cf-id
5jT6X0udiEbceUNnQtkfDSj9TEfn-2_gDevpp2c69_fPwNhoy2R2Zw==
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 17 Oct 2022 07:19:35 GMT
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=634d020751aff&pixel=&advId=94&advUuid=0cd0eb1c-4dec-11ed-a8d0-1dbc55590006
Server
nginx
X-fe
23
cm
u.openx.net/w/1.0/ Frame A266 		43 B
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31302D31375F31307D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.172&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=634d020751aff&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Mon, 17 Oct 2022 07:19:35 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
liveView.php
live.primis.tech/live/ Frame 2978 		35 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTMyMxZ2nWRyolUlRaVmZXJmJTJGo3JcZ2yhJTJGMmA5NTQyMxZ2nWRyo182MWFwZTZvMwxlYwp3Mwp5Nmp5Nwt5JTJGqzyxNwMlY2ZvNTU4YTVxMmMjOTM4NTQlNv5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrxjmWaBnR1Z2TDNWrycYSacMMwy5YVqxpGJcOHcNRGfkTxM5MzFXUzkvMTtlTVqGnycUWzyNnzg5WWcwM01dYmVOrzM1TzcaNUjmWaBnRFy6TW1OoVydVTFPR0UkWxRNrx1En3cPRFUjTWcZqWJYQTBJnXqLSUNBZ0yDSaVZoVycT2yBrE5dWTFPRFxmTzcBq0kBo2qJQ0FaSW1WNGNDSTZJREUlTzcZq05dVXyOREFLZyEhqmJOT3ZnoDBdQmBuqx9bOEYkOTyIoGuKSXxlYWNFZUcNRXBEQ3qeomyuQSZ2nWRsY29hqGVhqF9cZD0lNTM0MTplJaZcZF9wo250ZW50X2Ryp2M9U21uoGjeRGV0YWyfplgZo3UeTWymp2VxK0yhK0FhZG9lK0VjnXNiZGVmKmEgMlZ2nWRsY29hqGVhqF90nXRfZT1ToWFfoCgEZXRunWkmK1yiqSgNnXNmZWQeSW4eQW5xo3IeRXBcp29xZXMeMS0mJaZcZF9wo250ZW50X2R1pzF0nW9hPTQ0NSZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTYjMCZ5PTQjMCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3ZWqiqHRbnXNwo3ZypzVxLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMTMjMxQmMTM3NUYmMTMjN0Q3QwpmMmEmNwM2MmUmNDM0MmImODqEN0I0MmMlMmEmNmqEN0I1MmY0MmI1NwZFNwImMmUlMmA2MTQ3NxM3QTU5MmImOTMlNUE1ODRBNxM1QTQmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTM0MmAmMDqEN0I2NwMkN0Q3QwRDMmEmMTMjMmMmNDqERxVGRSZcp0FjpD0jJaNxn3Y9Jzqyo0kuqGx9NTxhNmYjNlZaZW9Mo25aPTEjLwx1NwMzqXNypxyjQWRxpw0kNmthMwU1LwE0OC4kNmIzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjNv4jLwUlNDxhMTE5K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYmNGQjMwA3NTFuZzYzY2J1p3Rypw0kNwY1OTxkMTp1NmU4JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31302D31375F31307D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.172&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=634d020751aff&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
bc92c2167eb936b5d5231d4d81429b5aa66c67505b0803555f594aa724cb1d16

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wegotthiscovered.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
6042
x-amz-cf-id
4fxne7dGzwoPuF6eR_7baWLGU-RWuDC42-_4346xOIUnr9eZ0sJN-Q==
liveView.php
live.primis.tech/live/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY2NTx5MTE3NSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4MDM0JaN0YT0jJat9NwAjJax9NDAjJaZcZF9jYXNmRG9gYWyhPXqyZ290qGucp2NiqzVlZWQhY29gJaN1YxyxPXqyZ290qGucp2NiqzVlZWQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmEmMDJEMmEmNmVGMmEmMDqEN0I3MmMkMmYmNwM1MmQmNDMlMmt3RDqCNDMmMwMkMmp3RDqCNTM2NDMlNTY2RTYlMmM1MwMjNwE0NmZDN0E1OTMlMmxmMwVBNTt0QTZDNUE0MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwMjMmA3RDqCNTxmNDMjMmA3RDqCNwYmMTqEN0I0QmMkMmEmMDMmMmQ3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9MTp4LwI1NS4kNDthMTplJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjNv4jLwUlNDxhMTE5JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MmRxMDIjNmUkYWZzJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NwU5OTEkNmU3NDxzqWyxPVNyn2yhZG9TUGkurWVlNwM0ZDAlMDp2ZDImNvZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3ZWqiqHRbnXNwo3ZypzVxLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
XDzaYP90fH_7gOVsNqoxyXqFt6QCC3OgoNGqr2Z1IsBfkveyFl7Z8Q==
sync
x.bidswitch.net/ Frame 2978 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.157.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-157-114.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:19:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
csync.loopme.me/ Frame 2978 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.173.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75b744532ed8b511-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
liveCS.php
live.primis.tech/live/ Frame 2978
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=634d020751aff&pixel=&advId=99&advUuid=Y00CB57oA85I5ypaqBa9wwAAERoAAAIB
0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=634d020751aff&pixel=&advId=99&advUuid=Y00CB57oA85I5ypaqBa9wwAAERoAAAIB
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
NKebWV_4VrInOHdFiRJAZURKxNs4U_f-uqM45mlIqTwZA8Ga6CcfDg==

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2%2FUMmBtQHvYblRw7fOaJr3iIXpFq7ZkZPhcPOAriVrNdL9rBIhMGEJ9MiPOAzUNxs8KzSFTbEnS5AKliPQfWcXvt1qcLnjLTmqIZGXP8Ie5s%2BVCcq3NTYIFl8pvey6%2BJOMo%2FZ72r6F7Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=634d020751aff&pixel=&advId=99&advUuid=Y00CB57oA85I5ypaqBa9wwAAERoAAAIB
cache-control
no-cache
cf-ray
75b74450df8eb524-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
getuid
eb2.3lift.com/ Frame 2978 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ Frame 2978 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
liveCS.php
live.primis.tech/live/ Frame 2978
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58627/occ
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-BN9y7QBE2u...
0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-BN9y7QBE2uFdJuyPogQ5TE0GoKsaU.DmY2EBR34-~A&advUuid=y-BN9y7QBE2uFdJuyPogQ5TE0GoKsaU.DmY2EBR34-~A
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
_b50Y9qsyxnFE2UHrpeDz6UPc5RUh3PV9bFsmkCbnSTJZMWYw7II7w==

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-BN9y7QBE2uFdJuyPogQ5TE0GoKsaU.DmY2EBR34-~A&advUuid=y-BN9y7QBE2uFdJuyPogQ5TE0GoKsaU.DmY2EBR34-~A
date
Mon, 17 Oct 2022 07:19:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
1
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
liveCS.php
live.primis.tech/live/ Frame 2978
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=634d020751aff&pixel=&advId=105&advUuid=6707861486997632952
0
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=634d020751aff&pixel=&advId=105&advUuid=6707861486997632952
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
v2sM1Q5RBDcR0tYJjNPd33vSxhVwjY5ITfmWumwYuAWmrqeKlMd3Tw==

Redirect headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:35 GMT
AN-X-Request-Uuid
11884251-4342-4f6b-a531-852253c90780
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=634d020751aff&pixel=&advId=105&advUuid=6707861486997632952
Connection
keep-alive
X-Proxy-Origin
178.255.148.172; 178.255.148.172; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
verify
mb9eo.publishers.tremorhub.com/pubsync/ Frame 2978
Redirect Chain
  • https://mb9eo.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%...
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3Dhttps%253A%252F%252Fsync.intent...
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
54.81.173.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-173-34.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Mon, 17 Oct 2022 07:19:36 GMT
server
Apache-Coyote/1.1
content-type
image/gif

Redirect headers

location
pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
date
Mon, 17 Oct 2022 07:19:36 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
liveCS.php
live.primis.tech/live/ Frame 2978
Redirect Chain
  • https://cs.media.net/cksync?cs=34&type=pri&ovsid=634d020751aff&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3Dhttps%253A%252F%252...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=634d020751aff&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%...
0
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=634d020751aff&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
xP8ajFeO_kLZ11OQ1gMiD4F1l0F2RTUB-p1KyEHPlUf2nuvp8c5qgg==

Redirect headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:35 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=634d020751aff&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Mon, 17 Oct 2022 07:19:35 GMT
pixel
ap.lijit.com/ Frame 2978 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D634d020751aff%26pixel%3D%26advId%3D130%26advUuid%3D%24UID
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 17 Oct 2022 07:19:35 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap5ams1
access-control-allow-methods
GET, POST, DELETE, PUT
liveCS.php
live.primis.tech/live/ Frame 2978
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=1&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%2...
0
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%263rdpcid%3D14ee1d767274c6f439a51aab8aa60b2&advId=134&advUuid=14ee1d767274c6f439a51aab8aa60b2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
w5z8aYHlMi6Q8eMCeWtWaMCgWN5Y7BtSQttTixSKxBhhxtlKA9FZAA==

Redirect headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%263rdpcid%3D14ee1d767274c6f439a51aab8aa60b2&advId=134&advUuid=14ee1d767274c6f439a51aab8aa60b2
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1665991176034019-510
Expires
Mon, 17 Oct 2022 07:19:36 GMT
liveCS.php
live.primis.tech/live/ Frame 2978
Redirect Chain
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofi...
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D2136778551%...
0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D2136778551%263rdpcid%3D3ecec759-cbc4-45f2-b4a6-da9db333e415&advId=138&advUuid=3ecec759-cbc4-45f2-b4a6-da9db333e415
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
AiPnZpFKfEsKsC2kbCSl7QawPFDMKHWrzK1Ev1YFDGUm41SCySQLJA==

Redirect headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY
Location
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D2136778551%263rdpcid%3D3ecec759-cbc4-45f2-b4a6-da9db333e415&advId=138&advUuid=3ecec759-cbc4-45f2-b4a6-da9db333e415
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
sync
ssbsync.smartadserver.com/api/ Frame 2978 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=21&gdpr=1&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:36 GMT
content-length
0
vid632cfb558a5d3309385426.jpg
video.primis.tech/uploads/cn13/video/users/converted/30954/video_61ace6b292b77279779689/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn13/video/users/converted/30954/video_61ace6b292b77279779689/vid632cfb558a5d3309385426.jpg?cbuster=1663893923
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-39.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
b6722b1b54d5fcfc1d98924d899a5274c100985fe20e098ef8b3f1459e42d082

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 14:21:07 GMT
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront), 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4, AMS1-C1
age
61108
x-cache
Hit from cloudfront
content-length
13504
last-modified
Fri, 23 Sep 2022 00:46:54 GMT
server
nginx
etag
"d70fe0ac4e78b834c425f3275dcb910d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
uNoLXYuwbElbK8QEktyb02RdeEFA89mWXn6SkhU_j1fHKtQhc9AWJA==
expires
Mon, 17 Oct 2022 14:21:07 GMT
liveView.php
live.primis.tech/live/ Frame 2978 		65 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTMyMxZ2nWRyolUlRaVmZXJmJTJGo3JcZ2yhJTJGMmA5NTQyMxZ2nWRyo182MWFwZTZvMwxlYwp3Mwp5Nmp5Nwt5JTJGqzyxNwMlY2ZvNTU4YTVxMmMjOTM4NTQlNv5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrxjmWaBnR1Z2TDNWrycYSacMMwy5YVqxpGJcOHcNRGfkTxM5MzFXUzkvMTtlTVqGnycUWzyNnzg5WWcwM01dYmVOrzM1TzcaNUjmWaBnRFy6TW1OoVydVTFPR0UkWxRNrx1En3cPRFUjTWcZqWJYQTBJnXqLSUNBZ0yDSaVZoVycT2yBrE5dWTFPRFxmTzcBq0kBo2qJQ0FaSW1WNGNDSTZJREUlTzcZq05dVXyOREFLZyEhqmJOT3ZnoDBdQmBuqx9bOEYkOTyIoGuKSXxlYWNFZUcNRXBEQ3qeomyuQSZ2nWRsY29hqGVhqF9cZD0lNTM0MTplJaZcZF9wo250ZW50X2Ryp2M9U21uoGjeRGV0YWyfplgZo3UeTWymp2VxK0yhK0FhZG9lK0VjnXNiZGVmKmEgMlZ2nWRsY29hqGVhqF90nXRfZT1ToWFfoCgEZXRunWkmK1yiqSgNnXNmZWQeSW4eQW5xo3IeRXBcp29xZXMeMS0mJaZcZF9wo250ZW50X2R1pzF0nW9hPTQ0NSZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTp3NlZ5PTQmNlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3ZWqiqHRbnXNwo3ZypzVxLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMTMjMxQmMTM3NUYmMTMjN0Q3QwpmMmEmNwM2MmUmNDM0MmImODqEN0I0MmMlMmEmNmqEN0I1MmY0MmI1NwZFNwImMmUlMmA2MTQ3NxM3QTU5MmImOTMlNUE1ODRBNxM1QTQmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTM0MmAmMDqEN0I2NwMkN0Q3QwRDMmEmMTMjMmMmNDqERxVGRSZcp0FjpD0jJaNxn3Y9Jzqyo0kuqGx9NTxhNmYjNlZaZW9Mo25aPTEjLwx1NwMzqXNypxyjQWRxpw0kNmthMwU1LwE0OC4kNmIzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjNv4jLwUlNDxhMTE5K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYmNGQjMwA3NTFuZzYzY2J1p3Rypw0kNwY1OTxkMTp1ODEkJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31302D31375F31307D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.172&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=634d020751aff&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
054a04406983d8a175156ba094ed8e14d48c53cc79a9092459517bb0c3bd8212

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wegotthiscovered.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
7684
x-amz-cf-id
hGvQqyaGR56rkgHj_V2ZFripsrf74h1henBSStXanvLSOCXfyDZtoQ==
liveView.php
live.primis.tech/live/ Frame 2978 		65 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTMyMxZ2nWRyolUlRaVmZXJmJTJGo3JcZ2yhJTJGMmA5NTQyMxZ2nWRyo182MWFwZTZvMwxlYwp3Mwp5Nmp5Nwt5JTJGqzyxNwMlY2ZvNTU4YTVxMmMjOTM4NTQlNv5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrxjmWaBnR1Z2TDNWrycYSacMMwy5YVqxpGJcOHcNRGfkTxM5MzFXUzkvMTtlTVqGnycUWzyNnzg5WWcwM01dYmVOrzM1TzcaNUjmWaBnRFy6TW1OoVydVTFPR0UkWxRNrx1En3cPRFUjTWcZqWJYQTBJnXqLSUNBZ0yDSaVZoVycT2yBrE5dWTFPRFxmTzcBq0kBo2qJQ0FaSW1WNGNDSTZJREUlTzcZq05dVXyOREFLZyEhqmJOT3ZnoDBdQmBuqx9bOEYkOTyIoGuKSXxlYWNFZUcNRXBEQ3qeomyuQSZ2nWRsY29hqGVhqF9cZD0lNTM0MTplJaZcZF9wo250ZW50X2Ryp2M9U21uoGjeRGV0YWyfplgZo3UeTWymp2VxK0yhK0FhZG9lK0VjnXNiZGVmKmEgMlZ2nWRsY29hqGVhqF90nXRfZT1ToWFfoCgEZXRunWkmK1yiqSgNnXNmZWQeSW4eQW5xo3IeRXBcp29xZXMeMS0mJaZcZF9wo250ZW50X2R1pzF0nW9hPTQ0NSZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTM0MCZ5PTE5MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3ZWqiqHRbnXNwo3ZypzVxLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMTMjMxQmMTM3NUYmMTMjN0Q3QwpmMmEmNwM2MmUmNDM0MmImODqEN0I0MmMlMmEmNmqEN0I1MmY0MmI1NwZFNwImMmUlMmA2MTQ3NxM3QTU5MmImOTMlNUE1ODRBNxM1QTQmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTM0MmAmMDqEN0I2NwMkN0Q3QwRDMmEmMTMjMmMmNDqERxVGRSZcp0FjpD0jJaNxn3Y9Jzqyo0kuqGx9NTxhNmYjNlZaZW9Mo25aPTEjLwx1NwMzqXNypxyjQWRxpw0kNmthMwU1LwE0OC4kNmIzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjNv4jLwUlNDxhMTE5K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYmNGQjMwA3NTFuZzYzY2J1p3Rypw0kNwY1OTxkMTp1ODElJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31302D31375F31307D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.172&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=634d020751aff&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
5ff260fd162a9f0e75c20af800fae143c081f3c0e5a25c461fea3efa5c3aece5

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wegotthiscovered.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
7673
x-amz-cf-id
G2uEMJD38NzCVBUhGl2xvTSm2Laks8xUhReRSkkGdgJ1szL0c0O4-A==
liveView.php
live.primis.tech/live/ Frame 2978 		41 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTMyMxZ2nWRyolUlRaVmZXJmJTJGo3JcZ2yhJTJGMmA5NTQyMxZ2nWRyo182MWFwZTZvMwxlYwp3Mwp5Nmp5Nwt5JTJGqzyxNwMlY2ZvNTU4YTVxMmMjOTM4NTQlNv5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrxjmWaBnR1Z2TDNWrycYSacMMwy5YVqxpGJcOHcNRGfkTxM5MzFXUzkvMTtlTVqGnycUWzyNnzg5WWcwM01dYmVOrzM1TzcaNUjmWaBnRFy6TW1OoVydVTFPR0UkWxRNrx1En3cPRFUjTWcZqWJYQTBJnXqLSUNBZ0yDSaVZoVycT2yBrE5dWTFPRFxmTzcBq0kBo2qJQ0FaSW1WNGNDSTZJREUlTzcZq05dVXyOREFLZyEhqmJOT3ZnoDBdQmBuqx9bOEYkOTyIoGuKSXxlYWNFZUcNRXBEQ3qeomyuQSZ2nWRsY29hqGVhqF9cZD0lNTM0MTplJaZcZF9wo250ZW50X2Ryp2M9U21uoGjeRGV0YWyfplgZo3UeTWymp2VxK0yhK0FhZG9lK0VjnXNiZGVmKmEgMlZ2nWRsY29hqGVhqF90nXRfZT1ToWFfoCgEZXRunWkmK1yiqSgNnXNmZWQeSW4eQW5xo3IeRXBcp29xZXMeMS0mJaZcZF9wo250ZW50X2R1pzF0nW9hPTQ0NSZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTp3NlZ5PTQmNlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3ZWqiqHRbnXNwo3ZypzVxLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMTMjMxQmMTM3NUYmMTMjN0Q3QwpmMmEmNwM2MmUmNDM0MmImODqEN0I0MmMlMmEmNmqEN0I1MmY0MmI1NwZFNwImMmUlMmA2MTQ3NxM3QTU5MmImOTMlNUE1ODRBNxM1QTQmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTM0MmAmMDqEN0I2NwMkN0Q3QwRDMmEmMTMjMmMmNDqERxVGRSZcp0FjpD0jJaNxn3Y9Jzqyo0kuqGx9NTxhNmYjNlZaZW9Mo25aPTEjLwx1NwMzqXNypxyjQWRxpw0kNmthMwU1LwE0OC4kNmIzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjNv4jLwUlNDxhMTE5K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYmNGQjMwA3NTFuZzYzY2J1p3Rypw0kNwY1OTxkMTp1ODEmJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31302D31375F31307D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.172&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=634d020751aff&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
403241b852418ca0a269ff09fc5591368857b0e6a0d53db60fdfe11d6f803b58

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wegotthiscovered.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
5915
x-amz-cf-id
IW8KdmyPgmUxCu6QaUKAMwAZDzh8Eld4nk9EUO-ASr8DqFntLP430Q==
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 18 Oct 2022 07:19:36 GMT
usync.js
eus.rubiconproject.com/ Frame BA1D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:19:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27531
Connection
keep-alive
Content-Length
9421
Expires
Mon, 17 Oct 2022 14:58:26 GMT
vid632cfb558a5d3309385426_thumb.jpg
video.primis.tech/uploads/cn13/video/users/converted/30954/video_61ace6b292b77279779689/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn13/video/users/converted/30954/video_61ace6b292b77279779689/vid632cfb558a5d3309385426_thumb.jpg?cbuster=1663893923
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-39.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
facb80d5d3c350600cb817e27f00b0035d63ed77c51eac3cb86dcd25e3fd1918

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 01:17:57 GMT
via
1.1 80826ca6c4fd6005aeacf5a03c8d42e8.cloudfront.net (CloudFront), 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
last-modified
Fri, 23 Sep 2022 00:46:55 GMT
server
nginx
x-amz-cf-pop
AMS54-C1, AMS1-C1
age
21699
etag
"84abe07c3785452991f061b9b6977a3a"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
1900
x-amz-cf-id
LPsHYDtCVFddUf0vNvwKSqqRqXDq5iMIXEn91R18wFEdnsYlW7arGQ==
expires
Tue, 18 Oct 2022 01:17:57 GMT
vid634a12bbe0065572373832_thumb.jpg
video.primis.tech/uploads/cn10/video/users/converted/28243/video_5d5169d0c672c928090769/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn10/video/users/converted/28243/video_5d5169d0c672c928090769/vid634a12bbe0065572373832_thumb.jpg?cbuster=1665799929
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-39.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
01e06e58ea6abd3e14ae73dfe90f4a02101ce5095069b34b5cd2f2e67a49d62a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 03:50:12 GMT
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront), 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4, AMS1-C1
age
12564
x-cache
Hit from cloudfront
content-length
2933
last-modified
Sat, 15 Oct 2022 02:29:52 GMT
server
nginx
etag
"63dd8aae8fdd9c85f80e3999ecbfd657"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
g_-zTPklt4CYQeQueVK1R56BpabHqrQKRlwqTzJvw98pnKyLN1XNFg==
expires
Tue, 18 Oct 2022 03:50:12 GMT
vid5e299118ea2af228525364_thumb.jpg
video.primis.tech/uploads/cn12/video/users/converted/25037/video_5e298475b0520840771277/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn12/video/users/converted/25037/video_5e298475b0520840771277/vid5e299118ea2af228525364_thumb.jpg?cbuster=1579784167
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-39.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
9c3e558715da41b6c370c4135fc060f94b54168c714d276ebcc962501a1c1d35

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 03:29:12 GMT
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront), 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4, AMS1-C1
age
13824
x-cache
Hit from cloudfront
content-length
3623
last-modified
Wed, 18 Aug 2021 17:41:58 GMT
server
nginx
etag
"7b77a8604c09ab36e0838cb05540579d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
hchyzfnG54W3UcSrc2t3LV_z_qMzEd8OcIWqPGvMZVZjgG3KxidS-g==
expires
Tue, 18 Oct 2022 03:29:12 GMT
vid62bc13a4d25c4452824484_thumb.jpg
video.primis.tech/uploads/cn2/video/users/converted/27808/video_62a1b7d66de36243528596/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn2/video/users/converted/27808/video_62a1b7d66de36243528596/vid62bc13a4d25c4452824484_thumb.jpg?cbuster=1656843075
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-39.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
ef2438a41c21a5b9dc27ad88d9a8da6ff8c781c946597c66c5001e146dfe38e9

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 07:27:26 GMT
via
1.1 5e95d2e6aebe43cabd9dcdad89ad0a42.cloudfront.net (CloudFront), 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1, AMS1-C1
age
85930
x-cache
Hit from cloudfront
content-length
1570
last-modified
Sun, 03 Jul 2022 10:11:16 GMT
server
nginx
etag
"b425e251e14716848c7696648a965b85"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
M_lHCH05oURPrUFfBK3tgLQ2m10CBD8he7A0CBO7oViGEAUW-HWS1A==
expires
Mon, 17 Oct 2022 07:27:26 GMT
vid6348d115027c2994835655_thumb.jpg
video.primis.tech/uploads/cn9/video/users/converted/25037/video_5b435e74b8e31660401154/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn9/video/users/converted/25037/video_5b435e74b8e31660401154/vid6348d115027c2994835655_thumb.jpg?cbuster=1665720530
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-39.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
509d215626c5e7b12302dc36b9f381defd270fb58818257b050c827bc7da37f3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 03:45:32 GMT
via
1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront), 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4, AMS1-C1
age
12843
x-cache
Hit from cloudfront
content-length
3755
last-modified
Fri, 14 Oct 2022 04:11:30 GMT
server
nginx
etag
"d5febb3e4daf2b2104c12aac88e368b6"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
5T8TQ7fj069sRhXnx2xrWOrHa20NQIKjGDzUW1vHczrePer0uwdx9Q==
expires
Tue, 18 Oct 2022 03:45:32 GMT
vid634b20416567d439188010_thumb.jpg
video.primis.tech/uploads/cn11/video/users/converted/28243/video_5d5169d0c672c928090769/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn11/video/users/converted/28243/video_5d5169d0c672c928090769/vid634b20416567d439188010_thumb.jpg?cbuster=1665869001
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-39.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
ddb7f0433654edf2cc706e875202f2c5702c0a28d9771887bf515b675e3b2a94

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 23:22:21 GMT
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront), 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4, AMS1-C1
age
28634
x-cache
Hit from cloudfront
content-length
3935
last-modified
Sat, 15 Oct 2022 21:24:42 GMT
server
nginx
etag
"d86f77d1d22ec4e066eed70143da87dd"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
lOuCDWegu3hymLh57rN8LdAkdMYcFiaTxeSuJ4DkyLWNabvjXSyJfQ==
expires
Mon, 17 Oct 2022 23:22:21 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2978 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
YousslGi_alc9N7i1PBVBMNtdY1LkTzi
content-encoding
gzip
via
1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
date
Mon, 17 Oct 2022 02:41:26 GMT
x-amz-cf-pop
FRA56-P6
age
16878
x-cache
Hit from cloudfront
last-modified
Thu, 06 Oct 2022 01:32:47 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
kGaYb3cHA7St8wv3CVSlHMuTELPpR7X1bziKDxjkfLOPtbrg7DxFLA==
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 4E0F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=L9CG4P8O-3-HITT
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Mon, 17 Oct 2022 07:19:36 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 2978 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221017
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbbb9e40b685c8fe25d229b1f9b95bff8805f9f0e94c9f68a847bd19f7eda291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Oct 2022 07:19:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15515
x-jsd-version
1.0.1495
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-yyz4527-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"65e-aNIgZNEXwGpNMtfi9S2V59U1Aq0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufaUrCDueLToOOxRHbvdwhZl22f61FP2mnEJ0RaXKR2tyBx70wZpNdR%2FwKcLBtOXPtH6pN85s0Y%2B%2BPIDxZ1RJRnyaLz3mhYZIOaCTRIQpP9ES0TdXfxT1C3P0v99SbA%2FZS0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
75b744543d32b4fa-OSL
tag
mb9eo-7w62j.ads.tremorhub.com/ad/ Frame 2978 		55 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mb9eo-7w62j.ads.tremorhub.com/ad/tag?adCode=mb9eo-1uemv&playerWidth=777&playerHeight=437&srcPageUrl=https://wegotthiscovered.com/&supplyCode=mb9eo-7w62j&floor=USD:2&categories=IAB1-5&schain=1.0,1!primis.tech,29569,1,,,&transactionId=77b8c582-71be-47e1-b7f1-dfafbb8e6d10&gdpr=1&referrer=https%3A%2F%2Fwegotthiscovered.com%2F&hb=1&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.2.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-2-133.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
59ceddc895e647ebb72da6bc39d772438f78c09352a36220436d6276ab608bb7

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://wegotthiscovered.com
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
translator
hbopenbid.pubmatic.com/ Frame 2978 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ Frame 2978 		0
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 2978 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_15.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:35 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
container.html
c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 71AB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Oct 2022 07:19:35 GMT
expires
Tue, 17 Oct 2023 07:19:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8F4F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Oct 2022 07:19:35 GMT
expires
Tue, 17 Oct 2023 07:19:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tap.php
pixel.rubiconproject.com/ Frame 4E0F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/13FcErHhrPfOfs2XxbdDUA?csrc=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1727161173976041085
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1727161173976041085
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 17 Oct 2022 07:19:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1727161173976041085
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 4E0F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=q4H_saB7SB2ulAbywdMz2g&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=q4H_saB7SB2ulAbywdMz2g&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=q4H_saB7SB2ulAbywdMz2g&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MHXX7ZYP4PF225AEYFH7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=q4H_saB7SB2ulAbywdMz2g&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 4E0F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 4E0F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=w2T0c8tPRACKocYqJCSM0g&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=w2T0c8tPRACKocYqJCSM0g&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=w2T0c8tPRACKocYqJCSM0g&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SRG01N70BDX5KEQPX6H2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=w2T0c8tPRACKocYqJCSM0g&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 4E0F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjZmNjZkNjYzZWFiYzUzZDY4NzllZmQxYzAzNzNiNmZkNTQwNjkwNw&gdpr=0&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjZmNjZkNjYzZWFiYzUzZDY4NzllZmQxYzAzNzNiNmZkNTQwNjkwNw&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjZmNjZkNjYzZWFiYzUzZDY4NzllZmQxYzAzNzNiNmZkNTQwNjkwNw&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 4E0F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9CG4P8O-3-HITT&gdpr=0&us_privacy=1---
0
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9CG4P8O-3-HITT&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H2
Server
13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:36 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B6D61D93B57B43C7BB1422F3BA61521D Ref B: HEL01EDGE0915 Ref C: 2022-10-17T07:19:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXrNcxLTp3LGz3tCDZqYQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9CG4P8O-3-HITT&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 4E0F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlDRzRQOE8tMy1ISVRU&gdpr=0&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlDRzRQOE8tMy1ISVRU&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlDRzRQOE8tMy1ISVRU&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4E0F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHUlKqJSK4oxraqtcq027Vw&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHUlKqJSK4oxraqtcq027Vw&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHUlKqJSK4oxraqtcq027Vw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame BA1D 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=L9CG4P8O-3-HITT
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame 8CA0 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86954472&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:36 GMT
content-length
0
v2eeasyetzhQ7eFGQV87T1rjctRUJ7A76y_rwQ8oN3no7T07BAwNaQHtw1GcQuSASL0TwWMj9
superficialeyes.com/ 		3 B
73 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2eeasyetzhQ7eFGQV87T1rjctRUJ7A76y_rwQ8oN3no7T07BAwNaQHtw1GcQuSASL0TwWMj9
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.240.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.240.110.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 17 Oct 2022 07:19:36 GMT
via
1.1 google
x-buildnumber
661392823
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
x-hostname
fen-hoothoot-europe-west1-spot-lf0f
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
postback
s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/ Frame 2978 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/postback?oz_pl=1&ci=697322&dt=6973221530105335325000&c5=&_page=https%3A%2F%2Fwegotthiscovered.com%2F&r1=178.255.148.172&pp=wegotthiscovered.com&pc=108034&di=wegotthiscovered.com&gt=NO&c1=chrome&c2=desktop&si=29569&_x=1
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/697322/analytics.js?dt=6973221530105335325000&di=wegotthiscovered.com&gt=NO&c1=chrome&c2=desktop&c5=&si=29569&pc=108034&_page=https%3A%2F%2Fwegotthiscovered.com%2F&r1=178.255.148.172&pp=wegotthiscovered.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Oct 2022 07:19:35 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.srvmath.com/2/2.72.0/ Frame 2978 		162 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.72.0/main.js
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/697322/analytics.js?dt=6973221530105335325000&di=wegotthiscovered.com&gt=NO&c1=chrome&c2=desktop&c5=&si=29569&pc=108034&_page=https%3A%2F%2Fwegotthiscovered.com%2F&r1=178.255.148.172&pp=wegotthiscovered.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ae969c6eea068030b5470aa722e36fddd5ef6c03e776737e18d850477c914c82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:19:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
51608
Expires
Thu, 25 Jun 2054 06:55:40 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:24:53 GMT
x-content-type-options
nosniff
age
388483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 19:24:53 GMT
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.176.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-176-167.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Oct 2022 07:19:36 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
pixel
googleads.g.doubleclick.net/xbbe/ Frame AEC4 		645 B
458 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCKoAEQ2c2gARia2-u0ATAB&v=APEucNWQVHDSxzz10Dy-HTbboDeWpDJkanhFc1C-axMbD90fCGIeg7lyqWjPRrj2Zu0OD-xzPM0Znz5Q7tQwFezEUECADEGPAYS2yr2i1mK095J9qaThH2s
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
285
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Oct 2022 07:19:36 GMT
expires
Mon, 17 Oct 2022 07:19:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 71AB 		28 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ds1cNxhg2lBWJLNWiPqSy_BI7iIUKwrWxLpgMChH7_Xn3EYPwm2OhLJVJFyhehSZxbLvlAGEFA2CL8buo2R9UFTkS9Hdm-sFvoMJllwXf3_NvDosBc_hicJggqOlD6rmTDkcVXGCzY_JHHDrxNkVwCAL0fiipHmWW_oE62OJF0FfTAxqM&cry=1&dbm_d=AKAmf-DrIQbHomDHnnFwQ7bg-lmBwx64GNLnSbZE48hmDdUtzSrwUX9KR4I-FQzW6I6HKLD9HG5mDfv8eoU-wVBVgpnk0j_EUGOJoE2O3vF-166x5WCjgEhvWJg_aDoV8K6xBrAZP6HWxh3tZM-_xG5KuTxKFXW9zKaT4AMMcbbtxxrm8js49FnJ96dWH98BKEjRYl7z1Pl3WfGrt5hF2sXDZvr6q0LNGzX9Zc1ka_yYcKpyEoVPJ4jcAVohLMW3R7HdVWaENwqRRIwwHmxLxgNwvI6qrrnhey8RIAncc416hA446trDeICEt2QqhwD9ajN4YuQ3kG57DYZzGh28JUxlnDLOZvAp5gY_Tqh2J2nrStaaPW-xsxoOX46pBBtHvNZ-1o_VlkdoDRBYQ5tuP9sIb2yKCpwX5RcSurLe6iomqDJfNYnEjKu44TZOZqIE81XOhKInkKBx8tcBDgvPE-lI3bwj2G8c1OJkBnTQagGqBRdGCrmLD__eugmSAuk4iS9PuSqbn2mVvZKKrJGHrOSyoZRGohbD5W2wDXvRPqeFV6gx6ch6KQvTQiYJpsr7GA-XMjrXPEO3cWVb2vuMe9bua6sGoBpF_8s8noVZMF7UZJGCynldcr_QeSlzpaBe9YyI-coBlVrmpnGh1N9bmFGa5mNvID68gGASALWNd0zg-VwxZnRHfLB6P-aADjDuMGl2dJTgFwEY5VdhNcqnKyn2vKNWl1HIidFmlHe7GEPLTTEq4xSH4O8i2bxuWufqj__mO4v7xxHbn_swCBukA8qdMLlDLZfjqLLvATtfvcgdNBorNcZQ5o_F2B-fE8NDBIUK9A2HHNA8BIdswDRvOeipsNQdXIYCFCB_tYLq9SOvJCI7zgEp_xmVtj_OBS8Y4rkpWIMdUhys8RTSsr7BrclNjhnLeV8kKCVloxkdgUyYeuU6NOCqcIltNQbEDZ9ezMePPFNjx7ZJSGw51NgsADuH0kbg92TRXIopXJCuyrQM__mgfCovdLm9UX320nr5AOb6BcGi6ux1P_Jm48Cc-5Xykt8nypAT4kNwogqSYdPjDHs5KmCw05UIrRh2rLRCqoY82pxpHl4VsHP_GDsFuQvQET7X5NPRzmzNpkNwGftJKUeQ1jR1qElt5RW3azop-hOOJKcrv0myjiD-0CFycaRIOg_yXzzoL0eR6MBe2Ib3GuNiN7KvInWWRIXJF_TsbjGjgg2uGBpzjcPJpyBL90uKWxT6IdyA71te88MZcDgjO3nH_hLTQGIQ_D3tDk0LdELZ8_JaBBn3vljtltByO6pggFEbpXkIf_xcsQlN6iSTvXTUT-_KIcEdg9TKoimHTEPdqmbc3vKvLLKnxUSySBFweffE7Jnc3jQUlyzgajAIA-KO8c2n5k4e1byf46sByT_bd2jqHcvBNFiIDmr2tvm6YdlhNrNveOxyMEiUtiQ4PHS_3_Afg_U7dNk3hpZm9gQZpdQOjGeT6YYS2wAprPCa8d12AxztvzV-ndCmko6xdAbVDRajZKsYUTNVstSpUQYsfQzdMpT-fPAy_qghCBQ_UQdSbW7k8t5abrSHdRu1vEYz0N-XV7cDvCLJtb5nUaoKyVTe5pDR9PYJrj7RU_dfbFJyzK8Q8SRoDaewunMyq3Aywk_kiwp3O0HWODJkmql6tHp-MICMf8UnacU3pghTVfZSy34FZqzNaABJZOmso0NGb7JzN_GsBx-odBIRzpCioVgbLAI2NP_XYWEPyiWtoBO46VqZ7-Hnwr_OGAEqu9bmYWFTUT_JkG5-ddkuLB2WsycgytT5wwbEDo-vwerJLuSmK-3y0UmrEvMi3D7vwmfxlyaCwdWQn6MK12o_KIQekK9N1cDI9cH_JIiHkqDUQyfcC5VahthHgXytCgB77yaLgpE8UYnvwKZEGBVd73TaiOO8-DDrYqQRpga0V1u-KJuWQ078auz6Yybzf6AZctQH55NvRcmHNc0HNxaaRmwhAJxXd9vltsMo8FPv3_ggy61A4hoVR_A5Y1nDgafUiQjnjrfPoL-zHAeAnUCBmRBzyLgtHPNO7EM114UAcQibES174KXoPwONxzSqENUAUWWWBcicHTQ9-AZOYYf9ifp0gjGvjZcj4u82WQ_HnegNkLpPHchwDo3vFrryyrnAaLekrrsZJjxn02A3oRWNP3CFG-fj-iR0gjmEEaXbP7byO-8ZkE1mosSiEPNDhgHt1692HZe6Fh_4UJMVIWJ_6C0-2-RMIs2wrOJvfpcIz7Ht746WDrWCI549MK5ZagEwe4bVlmPGiiMaTnNF-i5RA5qRYpbZSx5ATGss4TtvT2BLVeI9I8jFBCrnVsdu6IR__Oui0wDJuocTn54LsOaWN_PgLMTJfOCGW7nJ8Jw2yj0PNdz_r_boU1CoHgvB9XVBfyF76Dp1tJidXCnnVoV6bBiJKCgZWk8tUG_aFrbkKCBE-Ojjt98jNGFMBJrMt1VikeY6b63pGPQnWzNMmGw2Cxtf_s9nPtCKSDa60ffpIrMH_mNuZBcnnoo8RV67m4r5fn3ECKo7WiXNIgJzQv972EvsUKu-vKvNMvoSe5NA0fiRzGQu9B7k1phftJ3xALfYUXYKr2LMk-T8_CZaqzcab3AsLEcjIhoLC3d2oal5SoxcCIuAgqmzrTfGjeGGOyHupviBBNM6maaozRCBvLFpqFrVYQcv3jweLYtPPLGqOqA9VPD1_0Ev_eG-BM-LepPpNbp5WC2nfhRiHm6JN0RYLwo-NXg5Oue2icp_mF4ShD4zr-nbNY70Cm25jLWKEZCrQcmEHeTP6dw-U3h_MpcoDNNGCgpcaOiH2kCoWa_-ypXt12rFJSBUmDknUKqL_e-Pg4Ffe9yyuEWh1fq-Sx-lTj9NhOOjoBDalXjp_x3ME2xVpGjWEPuqRz226awHgI87LAF6UrABwSrKCccD1R-K6OGgDBzsSdczq0d4m3p8xiR3b2YQCrBL5ul9_6-eFb00GJQl5DfHd4uSZ2Sqz1R0i_GhLm6Fw1cD7F2f6I-9N9HEdEm_gUEZJrbQNBqz9XUr2Kcj6QRnWJALHoN1zrer5OLzmi9AiAiz0FEjA11bK0DHDrCDzoZ9YZLtmftg1fwvOvEHw7TD_w-uann47WrSyx5obX9vfnHtQuGbctyVUCj5KDYepbbxRTPbX-0Q74T6JrygpcoZu3qqMYfCTIek3-W1X7Hh5D3e12GlYotkuRnmgDXDzUN1Z5OZ60H6sbSFG9xpvgzQXQHGqLk7v637sLBRbbr34gEpbJoWpDguxT93ZAKKdTAusvn7mcWtwS8I7AaRV4iyEGJ0PcHzK7tftHxUmU8g6kSbJNMrJpntb9Mo0nW2mxOfp7_x26cTB4AZk8ApAOjItzKp4KDG46LZLm_o6eqXLT1qTscglVkRHmG7SXyJ9DcTpYdHyLGPDvKTYI-lA8XoQ1zDYoV2h3c2o3MaNCB5sVF7BZqI9kaNInbajecgHA4_wBDlVk7nC17yXsAnMIMbLdI5vyv-uK0SoOHLgQ6XPAHW-4YaI4xoGTDqmBdWnZt_l4dudXb3G2_OPlt9DrPnsduzjAKuoSRf4fOGlrj_6qjs0jQ8G66ly7vklqG5thpxdr19XpDPy-ZlByXd2bdkVRC0TfbcrSI6Jhu8PS4mrly2l8jJW-NBYq7mPg-rUzBhqFjNywPCOa75DTcZ3smkZ_uz2Ou4P7CRyCtah8LMKGYGBQ3ktErM-mLb8NrE4Z230KrsBaiknLO5l7A-kIr1apvIHkBLqhrL5xMBN8yTr2_F7Ivsh-Nrx2ldlXPy7fwJsA&cid=CAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
911716587002e7918a9bbc3307d19b3d5aea3e3ba505556ae53efb865ac5eb02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17041
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 71AB 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AAtSIQX2F9WtJ2Pdwv2LUobRWcMnSUBkojoTfosodCKylW_Vt1RUjxb-hRSEkc3_J1xIXYZbFEryOkzU5UVVIKTqdO_LhaSxiPC3ENpaclRO7514M
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 71AB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 05:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6722
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Oct 2022 05:27:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 71AB 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 18:55:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44665
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7570
x-xss-protection
0
server
cafe
etag
17992891929817281641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Oct 2022 18:55:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 71AB 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:19:36 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E80F 		668 B
454 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQ6NnSARiCpqPSATAB&v=APEucNW-ZcDWB4f-qLg0W4_9FzmREzPquuGvUz5bUnWw6wbJla42mTmpI6PtC02w3AM1bXYKLoRHRvMmyFc_10wbwyyqVz58mcjn_P80Jt8x6xrQaS7CKj8
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
304
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Oct 2022 07:19:36 GMT
expires
Mon, 17 Oct 2022 07:19:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 8F4F 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJKXovHDBVCg8zh1pzuwCxHyga7oMClsua-VY2DGCZUwGW4zx4pSX9sRxIFJI8Cx44bUnlXmc7qJyc2eOpR4CHU2NV0h_cB8PldncuDmAd5ynEn0hAjklk5VLnHbJdyC3ntqxYXlIcxkHmKQ1AQ0eztMfdwyclfe1qXGYF7G3MLG4K3Dc&cry=1&dbm_d=AKAmf-DGn9s9EaT0TMuwRrCxJPw1RwTPfbS4jvG-8iNxKE8NXRbXpGHhsfsgjXwc-baSCaEj488nOgvr-97RVorO9NknoDHAJ8DNLBMGcosMDWostedENOhqTpk6B1ZgsS5XhrWaX8WYY_o3bdIuRgOBWWIPnRVm7GE8wgU5J_H6Xu-7kZ9ktmkcpvZe_Xv0ETUhuDA3yHKKwoR67a0gOsZXyKhxkm5Ay3Zn4oi8Me_hW4yRXYiddJvf4rlBOPCOm8O3LndLUUfn_2OufX7iEVZdMhBQ2J7XWm7mwHHUfu81K_w_Hqx1rMeXdJwBXeLa0NQU_fFviWZH_NOeK6QuvizwH7bprb-H5AhGd6Oz9Zu1vde8AXwJQ-9jr82YoAullGo4KbzWLKuQq6yh3AgFOEVwhjhXfaQ4EkKg9K547SHGK2fLHwmOMhMwXuRLmOnL2Wk26GgoUWG7-wWLT_vvaBBOdOh9MOe8ZtCLLi8NxzDYeJW-zMygdOtIvjK6dHqFOeyKTmnjWrwcRbQSlKc5spV7RYwUbPtNLC_kIabU51LL-jJ87i7q-ge0-kjjih7iE2Aa9bmTHGdod00SUx7496GC02T3Axr6R4pTJ9_VUON9zExlwwuV_091SQtLKeCmSE7SyQzm_tNHwxOEJZn7AZFslAL8zsSc9nkmSiujzggi1ZmlLc8OYiqhuVms09IWwle1U1Kq7V3oaSnDveGY3MdCa8t2dPQxzVcQzr-weDmokrgCFFLt-n98Z3sCPb_IPCCJqi4p_uz7MfMb3-DzBCVXFZXMyOtkKAvaG34Qe7sHmttSRqOywYxprqE4AhSQboUAC-PsDYqfnLz73usMhBDpEorJItbGPBIx7pum3iuO7Z1V2HtYyjfpvOpeML3fII5hwtfhDLO7u7bmw2lccPcpoXq4MLzTLdokdTiDRta2Qs680DXI9OgYTSu08ZLzER55-jOGqFIQqHtTamK9ugV9hz66JH8kOQrtlHOYxkh94Nk1vdiqf8GuYijgj8MLuR93vivZRhkV12da9TTh5sua7y4ZWFOKRnLSe7tPbc0wu2pWaiKaTyq6qE2lV2oSdt3SOWTR_UHby-Q6sbm4BakXuG9Su1gA7lexjB6NI8LO5bA6ZptMNNfJUmfXhOqISaMF8nreLqSZcjIu1reigtvLXvmYi7BNKPjGugP57BhBYagRCAh_9u5zoX29RimQ7X9CQw0znljYg1MvNVABQrlkjIfvY2ciAlUzB65tNQbXgFcJ-JfCnAoEwDgihFwwuI73Mpcf_FwMXs-CmqE0BFHcYqUs45VgDcOaD164PxnYsOY2Tx2xcIF8TMKLWZP8OgtUv79jnXuOy7UFD1-RfkFF10Jwje437okntr4lnq8eENRtbKDJhULwneVk0mybsm-NWfuImKFBc3Oi3EsmgnTzhza-GqxcQM2GNNYLorX1zaAGsJ3iztBTfYew9K6R4oRJl76x5UmG6zzWB2FcpbUpGj8XCR9BLDTC0PQ5lEnR_1D788PYFiTWobx4h0Jd-q3DM28pXZMoHuUwH28EmL-Sd5t1PQbxzUen-ypsfq0wftIPo-h0VMvxaNaYhynhFLc4ZJxawKdnO8ZBUstG328beBA8qEvkpX3JOiKiTuIGoSsiTihVJaaVgg0sPn01LVDYid_M6KfW1xClhG0jnLVAN84l19c1oCMD6YrWojYApyW64I-vSqk6PcLHouDN3UtuYEHVPpZhVefiKKFj3iu898jfPvVkfk310255118N9Jo4jUi3wSU6NpyVvPZG9o4fYZGwm4L5eCs2P0UuL4506MqbIgz3pP7aaIY3F5THSWaEwdQtw5c07MT1TEJvw0vHZJRQcbE1lq5Zqt8dA6Kx9QQnxl6HEbPgHVW14keDkn_fG7rksHzHC1hP9_9QkqAj3F34XmVJYkLd3NhPUM8oOcHVhT7rErXabIsKqTqmUEQKuQNq9ZaYsoCyYhOFasL7qWzcPocn0j7VsjeUIbGl5iCWpVh5NtbErGbZREB7-W9BB0SECPRrx587cbvLcT2yTnudAFqHqJWjI5Zn3pFQGFPXHurWc41qlsrO3Tkfs4RjeT89QNENLtCw3Rn0yq_-Vi4u6RJrc7zX_KZ51GkTZloqcDhXBlGGR8GybTQaZAqFxkp2sGdUdWh47-9lG_yCza3Ts8SMhndv_0RYHpQvx7aP1KabO9EemfxUkWee0ROaMqEZDfMOYjsfRWIgwj2yD6c9vaXhTRURxgzL-XCgShbNcODxKbDsF7pV9AYCbihADX0hmeA134b8Sm7aaAw0CIXWBMOmgsvrwxMQq1EdJmlBXo2Dt4JmzYytG2UDAf95kMBg3SxXJf7Og9J_uIER7H0uuY0GR5ADNzz72DIaOjIxhQLGk5Il2e3xZQa5T8nf1XKS1FcxL7mHdG-LwozwPacz44ISPmxWVcXtQ99rFHXR70F4FPeOvoZrODZNDRlQ5zSza9WTWoxGwVpCj260coo4EXj9bq3QG5wH1l8dKRqjdXrGlIqgq2_zyWBOE2Q0DXz-6hAOxruaciagaMXyMaO2rcNmJUEdXIomHgkgNICMkbs-g8W172lM2WBNlYaQnnDiAgK-b5Nt22i2Xf8eYj5mA8Q8VA4QmFNJjbiCkX68FwF9KGQt-QEQlWToxfKZVzCrRWfGyRS6BEBDFZYhxHLeFceD4HerW-z1kcdyWvWlKo9-Alezh07rRUiMYpDYnP8Jpmx_XJgB7-X2tPBzqs7hIc0LA82ia99T2EeiB2WTEhTSWpXqz9Xc0fVVSP2oJ53-_hjGubRoptlwSLAQu_kPm5ffC0jyNdXgOgnj8w7olSrdyLqEwxh7_aRI1OVkDhbFC7bGwmYywXeZVAt3xBJ9s_ofFIGK_3BgYLWfcqqUJHuntWC5NTnAGvwiu7NEBWUy4pi9DoeTfMisCxtC470bcwEKXnu8B1yIWon6ZfCN-A4gnaE9FgTukQ5TNIUWhkpClth16Mm_ivSZkE593zyc3SuH&cid=CAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
25c13860d3414f69bb7b576932bb34f8546abaf5c02003d5ad9e0436225d9541
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F4F 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DXxgY0A10JuPT1fUiy3gfzmk8P4oSv0BuKPhrsq-Dv242N4dSuV5MBj2MxBiefSvhaoSTMfLWNtGVUlpeQwyehwXkXIgXZjJDCRpIpidkXuZRiNiE
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1187894/65962642/xbbe/creative/ Frame 8F4F 		244 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1187894/65962642/xbbe/creative/adj?p=APEucNUJq12RY64ys5UrhkeuX4F_EnRQwts9Az3I5_PvoM8WlY28ovY&d=CokBAKAmf-C8d-1Q1h8qUAutMYJ0PQkStKNxTNVTmfB6EgOvwVqplUujGvBLnlkpFcNR66BWx0f8ZNhZ9hU8UfSxdXPNBf50cihqvz9dNY7TNhSAwDLDkUQWLfiZySe32P0_TgUCpCCsncGgkznKcNAEYwC1aGHwUUm7ob4ntj7lR5Qh8GNHClcuTyMSqRQAoCZ_4PRkKbMKfzNHp6_h_IlvnpYYfdnA7XoPG4id3Rx_R_-Xd8JI4ZGDERajGJ2Y7ZijvJnjT_C-fFaPsVV8e7lULBf5Y3JCqnAWu2CIU-uqmLCiCrdhvuS-avlgv-7wZsKvEZXHelDeNLM5r95VQtqDUDZr_N9qLzPteaAXGBBGoWBP_93QiGcJhF-ZKaIzo_SOeLm3ARZzkOiNm5PfuRBAIA_d_ngAN7UV8v3qBCOBwuq5Js1-NCTAnSde3_qAvQN7A0bKnPl_qwZCapHNzaOzcXHKU5i5r1CkXtWYYakRpiAJ5PTkvxKyxeTuaHGcNYvWukSwpSQ-B9F3KZNl3Sx43bQxyXH5BSIbz2wyJLnKWYBlg4t-IrS16dH7sP8xAfr7bTSIbe9KDsqKMfScgVc0_jt5m5KSO7UpoNtf_Bfqlnw5rCAJIu7sC7cCe1lNvNe0gnMZzI5rdkIMT3e8sNW8GlxDOeoN3Dr9Sa62Wrd2HJzuL3IDfKBk_L0x7VmJv56PJDqVeUBQxCzU6dvDYwqXh-F8pfMmcfhAPz_pl3Mxtqk8hCpqtWcUPhT-ZG58W7WthZM1Njc7jQH6lwQEwQwH4Iy44cexQxEFddhdAtvAQ9l2NomNcug91E7odcmAMedeolagFnRnJn7txsRqhMWXa7qdaTZQwgLtLhq7OBWTxC6DrRt31zypG7LNaq8_JzQ8WTG4FNq8dKnS8I7rSpIr0Vy0W0BQ4nZNLmi6TqETv3sZfcGNS5z1q-V3xhJcF_p32-5xEvU5KaDVDkWpaUNjFp6sglRj9kmW3RglDoqOFpDiy9DyRqB_8uKjDypc64jCA059LVk-FwIZ1RApzdfhK-Jezx-gLgdQaiMfVxsn-7AxLroiKxqbKCh4Jn5N6JKanUd81xb_zj5fe3EKq8Bm2p1tCF4CpaUbvRXisZAwdedLwOyp6-ZQkHoBVWru4jfW2br6SPfnJfpDHtpDWm2J6lgMptLkvU9jBABq7_zLzKgf9I-o2E77oJXbz4KuL20TKBz8jPdd6symPODs-p1L1lii42m6YBj7_mP89k5haQI3YCRVPPv4ynrxTMGws-FaECETVvYYi4Xq_cqySuMbnK7sJISbtbTzLtBGATh9ogRPawyMK2ju2h98CqTwcHjBk0PMXx-9vRYhRjUdnTd7eh6qo-f0EfynzuEMniHPmR9nqvxVzkz5cZohZKtHdUbEsnmr2zQ_Y_snx3zI9RBumJTo_pgFTVKSZ6vp1920HpqPKKc41E9pS-JgJzVGGX_ag97uvCM0xqjkYDKEDy-g5rAybkH5xIGzR6T2q2kqQEBOMBCrTBskBdp6T_NvepIUapRRRYA8dr6qy43IzGd3_9aGIETEqWMYrUqoHqDJilopkef07tN4ko6WhWfrDXHdme0P0jPktr1oZuFjIDK-1MjhkCFnHgC7B3MM0sST4_ybdoIdY3V8luugfJLGoFg3HrEoOhA6BUto6uGj-_Z7Hn417g7A2zEWchImoEd1KvMPMfHQ46vKWN6nuqG8Tmzu4OPjIoofRTZdh3eA9mKfM49dUNhpdlYROk3n3CaOsMercbyQK-hREjc_pd_tY1ziGU5I1PYRBTh5TY17MMtq1-Z8v8s-Pz6164-dhg2yB6VcdwDx840t6v7j8rOlytbDz4exQBhPbKjeodl1-KVV3GgPCSdcHrS-YATYIuH6TxV2o0Fa3xPH-bigmK-hzYDzQm-4vh1borv-A3AuF7URb2PK4PBTCqQjmm0JHnHsWpEs4HTyYEuCJ2MBR6iiOdGcS3H-FteN9j5HPis3DjQTmZBTI1IqE8dA8jg0Rm1yrlhOIrHBBg-WcV2vPLsf6HUqRTm2cDBfa_2sC2mSLmDNImtpI9asUVQ2BwQoQqTsowfpZipVPRRrqZ4kuMNPJLF5GMpzPbmqxpwIKpoF3lHwxjQvZMJn7jNoTPDMZKupVJ5phSe7EL09Hbx15yJomPW6XhHIiavTDVaueFvz4-9toeg5j3jDJae2RfNWkpylU-FeVEM7nXt08womw5rYx7wKTyVlYJwCvHN6-rhbH_Uo8G8CRkmHQGBdCI87FMQlaSBhehVO2UEHttsBG5aQzZPjgRjRClZsUqhnWBlZiDq7j3kSR4IiV1FcoHFnGXn68T3CxF81IT2cmog1EKh6pEspeEKZNFid8anXwouvSFQun2exawqV-9ZwZuO6mVvF1ctnLgUOSNml_SvgJ908zFfC1Fl83x6c4E2gghRanc_Ku5gA7mgsdG8jSyaSrZ5W3xOENwBLi5j_zVhHCYniMEPD1OWuXjGLylhHzrDyx4XaaE2MCLf4DYuwBEU5IE1TzkLMRWbrkxUTpFAQKgXjL6mESkvVsMhjz1VTP8Gu5Y57hKYMDgRol5OzbhHs6NHR_lCh2mWqajLSiqrjvnBOONak6SDEUjQqCi-0Lc4yR_GVu57GNa89AbVP5CmpZI6kj2DnCC1J4-qPm-GkaURg-0exV7FJkr3wYyWx-73b6GqBef22nqaURrnme61kDp0Ik70t-YjO41Gd1ZDLhbDHXfVewpYmg3M7NkBGpTcxc1r_ObclmZB-aPtkSJ3kirpApP7ebGQuFpwNZDpkA3j65UDrL84AEIneX4dIYyiTI-NJQ9LHiC1jiukm48tpWbY8z_ltBfz1HC3mOXDmF1Edhu92l1mpIX6XR7Ru7WI2_FT8qSIWnZGwpbPSmeBt6Pm94drv1rE0smE8jNu3WxkSR0DcbisA2d9UzFTRRKxpJ5c6hPLroCJredsGAwEZX-cqLPNqDUhlWtu3tk2V1PzMbRkwxWFYV2DFoBmgB6zN3AhdBZ8NvmF71f4LiiZ1o7HZ7vj7CBGwj9zWaTcEgUcATVWwN-6z9g3Q3GPEbLYHuibOIifBYdhMwR37wSw458Iie7E9QUYfIHso7cGPkePSUxnhQoAElrm0xlZIQq5VijEOcGhmpRAfYT-AyUKPeGmAKSzdTSHFtJffp5OULK2549hMv2MY7oyqFA4GaQgoqR34pz-W1AKvESheGgwhqEcVIlmeWhEkFCx4gcINEeqrMTptWcSXq6hrPP-O2I-hPGRIliPRYl7C35XlsSXjAFPGFSXR4U6y_u0_kjBLbN_wmlSis-p4iDhfgf5Q9nWf6Yh31xTLSgNVwFPI31ibbFluOLunON_1zkagJFVsKY3WalPr9dpIWgYUKzSso5p6rDVxRlHY6ShjAfsOngQ0nt7isWVhKYq_r2W6ukjSW6-QePEgZfhYznGZ6XbiIbzL55MDfg2wr41v87onsg9Bbmm5BOfKFvRFYcNU-wxAU-npihEZ9cAOmRH_742hjYyxohMY1qS45vKy0O_C3FSXqHLXj0VOHbtKNvyD0z5x1lnx3gADzpZcDHuJZpuLfiJlvWC9TbrAMuD48PW7KMDNC8IPmlfoFIgeQ9u_Zba8INr6V77uN4HQADoaRggEEj4A6tujfT3uQpXVgow27E-OwyXQEazWtRT8Z5cBHsRG6-7xRr3vIuPwPQpwCVu7XifL5hAzi7AB1gEoPkKs9BgBIA5gAQ&ias_dspID=3&ias_campId=1008940221&ias_pubId=pub-6897902191714833&ias_chanId=1&ias_placementId=18267969278&bidurl=https://wegotthiscovered.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hvaL4OoYTPP1dI34g2SKpH
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b935fe4ed1144f31185d68dc69b462ee2dd28ec1b57cd580bfb4765ff0dcfc53

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 8F4F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 05:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6722
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Oct 2022 05:27:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 8F4F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 18:55:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44665
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7570
x-xss-protection
0
server
cafe
etag
17992891929817281641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Oct 2022 18:55:11 GMT
l
www.google.com/ads/measurement/ Frame 8F4F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIHYaVKKn2QnDiVCZ61P9aIec7t3uEWl-cr8mo33SLH5L3is73nBn1wmctkO-U_Pb95XU8WlqKy-vMVJ5KubVO0S0G4g
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8F4F 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:19:36 GMT
postback
s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/ Frame 2978 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/postback?oz_pl=1&ci=697322&dt=6973221530105335325000&c5=&_page=https%3A%2F%2Fwegotthiscovered.com%2F&r1=178.255.148.172&pp=wegotthiscovered.com&pc=108034&di=wegotthiscovered.com&gt=NO&c1=chrome&c2=desktop&si=29569&_x=1
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/697322/analytics.js?dt=6973221530105335325000&di=wegotthiscovered.com&gt=NO&c1=chrome&c2=desktop&c5=&si=29569&pc=108034&_page=https%3A%2F%2Fwegotthiscovered.com%2F&r1=178.255.148.172&pp=wegotthiscovered.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Oct 2022 07:19:35 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/ Frame 2978 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/postback?ci=697322&dt=6973221530105335325000&c5=&_page=https%3A%2F%2Fwegotthiscovered.com%2F&r1=178.255.148.172&pp=wegotthiscovered.com&pc=108034&di=wegotthiscovered.com&gt=NO&c1=chrome&c2=desktop&si=29569&sid=AZPnnyMGEeY6jt_3&oz_sc=af68997ad0670b45c40479d7&oz_df=1665991176457&oz_l=163&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.72.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Oct 2022 07:19:35 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
7f579643-bf8c-480f-bcfe-c5c4b4aa92a7
https://wegotthiscovered.com/ Frame 95D7 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://wegotthiscovered.com/7f579643-bf8c-480f-bcfe-c5c4b4aa92a7
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
postback
s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/ Frame 2978 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/postback?ci=697322&dt=6973221530105335325000&c5=&_page=https%3A%2F%2Fwegotthiscovered.com%2F&r1=178.255.148.172&pp=wegotthiscovered.com&pc=108034&di=wegotthiscovered.com&gt=NO&c1=chrome&c2=desktop&si=29569&sid=AZPnnyMGEeY6jt_3&oz_sc=af68997ad0670b45c40479d7&oz_df=1665991176631&oz_l=4711&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.72.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Oct 2022 07:19:36 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
rum
dsum-sec.casalemedia.com/ Frame AEC4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDSjWQjiaH10uoU8zpn6zk4&google_cver=1&gdpr=0
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDSjWQjiaH10uoU8zpn6zk4&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCKoAEQ2c2gARia2-u0ATAB&v=APEucNWQVHDSxzz10Dy-HTbboDeWpDJkanhFc1C-axMbD90fCGIeg7lyqWjPRrj2Zu0OD-xzPM0Znz5Q7tQwFezEUECADEGPAYS2yr2i1mK095J9qaThH2s
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDSjWQjiaH10uoU8zpn6zk4&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AEC4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y00CB57oA85I5ypaqBa9wwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDSjWQjiaH10uoU8zpn6zk4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDSjWQjiaH10uoU8zpn6zk4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCKoAEQ2c2gARia2-u0ATAB&v=APEucNWQVHDSxzz10Dy-HTbboDeWpDJkanhFc1C-axMbD90fCGIeg7lyqWjPRrj2Zu0OD-xzPM0Znz5Q7tQwFezEUECADEGPAYS2yr2i1mK095J9qaThH2s
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDSjWQjiaH10uoU8zpn6zk4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame AEC4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEJmhlk5XdRqCQuu1GkoKmB4&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEJmhlk5XdRqCQuu1GkoKmB4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCKoAEQ2c2gARia2-u0ATAB&v=APEucNWQVHDSxzz10Dy-HTbboDeWpDJkanhFc1C-axMbD90fCGIeg7lyqWjPRrj2Zu0OD-xzPM0Znz5Q7tQwFezEUECADEGPAYS2yr2i1mK095J9qaThH2s
Protocol
HTTP/1.1
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
AN-X-Request-Uuid
ca6f86a7-c564-4e0d-8698-87a1e16725f3
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.255.148.172; 178.255.148.172; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEJmhlk5XdRqCQuu1GkoKmB4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AEC4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcwNzg2MTQ4Njk5NzYzMjk1Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcwNzg2MTQ4Njk5NzYzMjk1Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCKoAEQ2c2gARia2-u0ATAB&v=APEucNWQVHDSxzz10Dy-HTbboDeWpDJkanhFc1C-axMbD90fCGIeg7lyqWjPRrj2Zu0OD-xzPM0Znz5Q7tQwFezEUECADEGPAYS2yr2i1mK095J9qaThH2s
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
AN-X-Request-Uuid
e7525953-35bb-4b28-89dc-ada7dfbb679d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcwNzg2MTQ4Njk5NzYzMjk1Mg%3D%3D
Connection
keep-alive
X-Proxy-Origin
178.255.148.172; 178.255.148.172; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E80F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECSzFZo75hbxC6aQFdIpNTA&google_cver=1&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESECSzFZo75hbxC6aQFdIpNTA&google_cver=1&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESECSzFZo75hbxC6aQFdIpNTA&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQ6NnSARiCpqPSATAB&v=APEucNW-ZcDWB4f-qLg0W4_9FzmREzPquuGvUz5bUnWw6wbJla42mTmpI6PtC02w3AM1bXYKLoRHRvMmyFc_10wbwyyqVz58mcjn_P80Jt8x6xrQaS7CKj8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESECSzFZo75hbxC6aQFdIpNTA&google_cver=1&gdpr=0
date
Mon, 17 Oct 2022 07:19:36 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame E80F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDI1NGI4YzYtNDhiMS0yZmE0LWZjZjQtNmQ1MzFiNWRiYTM1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDI1NGI4YzYtNDhiMS0yZmE0LWZjZjQtNmQ1MzFiNWRiYTM1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQ6NnSARiCpqPSATAB&v=APEucNW-ZcDWB4f-qLg0W4_9FzmREzPquuGvUz5bUnWw6wbJla42mTmpI6PtC02w3AM1bXYKLoRHRvMmyFc_10wbwyyqVz58mcjn_P80Jt8x6xrQaS7CKj8
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 17 Oct 2022 07:19:36 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDI1NGI4YzYtNDhiMS0yZmE0LWZjZjQtNmQ1MzFiNWRiYTM1
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame E80F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.teads.tv/um?eid=3&uid=CAESEBc4QDwd-USkc2iHGLWS-nE&google_cver=1&gdpr=0
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEBc4QDwd-USkc2iHGLWS-nE&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQ6NnSARiCpqPSATAB&v=APEucNW-ZcDWB4f-qLg0W4_9FzmREzPquuGvUz5bUnWw6wbJla42mTmpI6PtC02w3AM1bXYKLoRHRvMmyFc_10wbwyyqVz58mcjn_P80Jt8x6xrQaS7CKj8
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Mon, 17 Oct 2022 07:19:37 GMT
pragma
no-cache
date
Mon, 17 Oct 2022 07:19:37 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEBc4QDwd-USkc2iHGLWS-nE&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame E80F 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQ6NnSARiCpqPSATAB&v=APEucNW-ZcDWB4f-qLg0W4_9FzmREzPquuGvUz5bUnWw6wbJla42mTmpI6PtC02w3AM1bXYKLoRHRvMmyFc_10wbwyyqVz58mcjn_P80Jt8x6xrQaS7CKj8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Mon, 17 Oct 2022 07:19:37 GMT
pragma
no-cache
date
Mon, 17 Oct 2022 07:19:37 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 71AB 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ds1cNxhg2lBWJLNWiPqSy_BI7iIUKwrWxLpgMChH7_Xn3EYPwm2OhLJVJFyhehSZxbLvlAGEFA2CL8buo2R9UFTkS9Hdm-sFvoMJllwXf3_NvDosBc_hicJggqOlD6rmTDkcVXGCzY_JHHDrxNkVwCAL0fiipHmWW_oE62OJF0FfTAxqM&cry=1&dbm_d=AKAmf-DrIQbHomDHnnFwQ7bg-lmBwx64GNLnSbZE48hmDdUtzSrwUX9KR4I-FQzW6I6HKLD9HG5mDfv8eoU-wVBVgpnk0j_EUGOJoE2O3vF-166x5WCjgEhvWJg_aDoV8K6xBrAZP6HWxh3tZM-_xG5KuTxKFXW9zKaT4AMMcbbtxxrm8js49FnJ96dWH98BKEjRYl7z1Pl3WfGrt5hF2sXDZvr6q0LNGzX9Zc1ka_yYcKpyEoVPJ4jcAVohLMW3R7HdVWaENwqRRIwwHmxLxgNwvI6qrrnhey8RIAncc416hA446trDeICEt2QqhwD9ajN4YuQ3kG57DYZzGh28JUxlnDLOZvAp5gY_Tqh2J2nrStaaPW-xsxoOX46pBBtHvNZ-1o_VlkdoDRBYQ5tuP9sIb2yKCpwX5RcSurLe6iomqDJfNYnEjKu44TZOZqIE81XOhKInkKBx8tcBDgvPE-lI3bwj2G8c1OJkBnTQagGqBRdGCrmLD__eugmSAuk4iS9PuSqbn2mVvZKKrJGHrOSyoZRGohbD5W2wDXvRPqeFV6gx6ch6KQvTQiYJpsr7GA-XMjrXPEO3cWVb2vuMe9bua6sGoBpF_8s8noVZMF7UZJGCynldcr_QeSlzpaBe9YyI-coBlVrmpnGh1N9bmFGa5mNvID68gGASALWNd0zg-VwxZnRHfLB6P-aADjDuMGl2dJTgFwEY5VdhNcqnKyn2vKNWl1HIidFmlHe7GEPLTTEq4xSH4O8i2bxuWufqj__mO4v7xxHbn_swCBukA8qdMLlDLZfjqLLvATtfvcgdNBorNcZQ5o_F2B-fE8NDBIUK9A2HHNA8BIdswDRvOeipsNQdXIYCFCB_tYLq9SOvJCI7zgEp_xmVtj_OBS8Y4rkpWIMdUhys8RTSsr7BrclNjhnLeV8kKCVloxkdgUyYeuU6NOCqcIltNQbEDZ9ezMePPFNjx7ZJSGw51NgsADuH0kbg92TRXIopXJCuyrQM__mgfCovdLm9UX320nr5AOb6BcGi6ux1P_Jm48Cc-5Xykt8nypAT4kNwogqSYdPjDHs5KmCw05UIrRh2rLRCqoY82pxpHl4VsHP_GDsFuQvQET7X5NPRzmzNpkNwGftJKUeQ1jR1qElt5RW3azop-hOOJKcrv0myjiD-0CFycaRIOg_yXzzoL0eR6MBe2Ib3GuNiN7KvInWWRIXJF_TsbjGjgg2uGBpzjcPJpyBL90uKWxT6IdyA71te88MZcDgjO3nH_hLTQGIQ_D3tDk0LdELZ8_JaBBn3vljtltByO6pggFEbpXkIf_xcsQlN6iSTvXTUT-_KIcEdg9TKoimHTEPdqmbc3vKvLLKnxUSySBFweffE7Jnc3jQUlyzgajAIA-KO8c2n5k4e1byf46sByT_bd2jqHcvBNFiIDmr2tvm6YdlhNrNveOxyMEiUtiQ4PHS_3_Afg_U7dNk3hpZm9gQZpdQOjGeT6YYS2wAprPCa8d12AxztvzV-ndCmko6xdAbVDRajZKsYUTNVstSpUQYsfQzdMpT-fPAy_qghCBQ_UQdSbW7k8t5abrSHdRu1vEYz0N-XV7cDvCLJtb5nUaoKyVTe5pDR9PYJrj7RU_dfbFJyzK8Q8SRoDaewunMyq3Aywk_kiwp3O0HWODJkmql6tHp-MICMf8UnacU3pghTVfZSy34FZqzNaABJZOmso0NGb7JzN_GsBx-odBIRzpCioVgbLAI2NP_XYWEPyiWtoBO46VqZ7-Hnwr_OGAEqu9bmYWFTUT_JkG5-ddkuLB2WsycgytT5wwbEDo-vwerJLuSmK-3y0UmrEvMi3D7vwmfxlyaCwdWQn6MK12o_KIQekK9N1cDI9cH_JIiHkqDUQyfcC5VahthHgXytCgB77yaLgpE8UYnvwKZEGBVd73TaiOO8-DDrYqQRpga0V1u-KJuWQ078auz6Yybzf6AZctQH55NvRcmHNc0HNxaaRmwhAJxXd9vltsMo8FPv3_ggy61A4hoVR_A5Y1nDgafUiQjnjrfPoL-zHAeAnUCBmRBzyLgtHPNO7EM114UAcQibES174KXoPwONxzSqENUAUWWWBcicHTQ9-AZOYYf9ifp0gjGvjZcj4u82WQ_HnegNkLpPHchwDo3vFrryyrnAaLekrrsZJjxn02A3oRWNP3CFG-fj-iR0gjmEEaXbP7byO-8ZkE1mosSiEPNDhgHt1692HZe6Fh_4UJMVIWJ_6C0-2-RMIs2wrOJvfpcIz7Ht746WDrWCI549MK5ZagEwe4bVlmPGiiMaTnNF-i5RA5qRYpbZSx5ATGss4TtvT2BLVeI9I8jFBCrnVsdu6IR__Oui0wDJuocTn54LsOaWN_PgLMTJfOCGW7nJ8Jw2yj0PNdz_r_boU1CoHgvB9XVBfyF76Dp1tJidXCnnVoV6bBiJKCgZWk8tUG_aFrbkKCBE-Ojjt98jNGFMBJrMt1VikeY6b63pGPQnWzNMmGw2Cxtf_s9nPtCKSDa60ffpIrMH_mNuZBcnnoo8RV67m4r5fn3ECKo7WiXNIgJzQv972EvsUKu-vKvNMvoSe5NA0fiRzGQu9B7k1phftJ3xALfYUXYKr2LMk-T8_CZaqzcab3AsLEcjIhoLC3d2oal5SoxcCIuAgqmzrTfGjeGGOyHupviBBNM6maaozRCBvLFpqFrVYQcv3jweLYtPPLGqOqA9VPD1_0Ev_eG-BM-LepPpNbp5WC2nfhRiHm6JN0RYLwo-NXg5Oue2icp_mF4ShD4zr-nbNY70Cm25jLWKEZCrQcmEHeTP6dw-U3h_MpcoDNNGCgpcaOiH2kCoWa_-ypXt12rFJSBUmDknUKqL_e-Pg4Ffe9yyuEWh1fq-Sx-lTj9NhOOjoBDalXjp_x3ME2xVpGjWEPuqRz226awHgI87LAF6UrABwSrKCccD1R-K6OGgDBzsSdczq0d4m3p8xiR3b2YQCrBL5ul9_6-eFb00GJQl5DfHd4uSZ2Sqz1R0i_GhLm6Fw1cD7F2f6I-9N9HEdEm_gUEZJrbQNBqz9XUr2Kcj6QRnWJALHoN1zrer5OLzmi9AiAiz0FEjA11bK0DHDrCDzoZ9YZLtmftg1fwvOvEHw7TD_w-uann47WrSyx5obX9vfnHtQuGbctyVUCj5KDYepbbxRTPbX-0Q74T6JrygpcoZu3qqMYfCTIek3-W1X7Hh5D3e12GlYotkuRnmgDXDzUN1Z5OZ60H6sbSFG9xpvgzQXQHGqLk7v637sLBRbbr34gEpbJoWpDguxT93ZAKKdTAusvn7mcWtwS8I7AaRV4iyEGJ0PcHzK7tftHxUmU8g6kSbJNMrJpntb9Mo0nW2mxOfp7_x26cTB4AZk8ApAOjItzKp4KDG46LZLm_o6eqXLT1qTscglVkRHmG7SXyJ9DcTpYdHyLGPDvKTYI-lA8XoQ1zDYoV2h3c2o3MaNCB5sVF7BZqI9kaNInbajecgHA4_wBDlVk7nC17yXsAnMIMbLdI5vyv-uK0SoOHLgQ6XPAHW-4YaI4xoGTDqmBdWnZt_l4dudXb3G2_OPlt9DrPnsduzjAKuoSRf4fOGlrj_6qjs0jQ8G66ly7vklqG5thpxdr19XpDPy-ZlByXd2bdkVRC0TfbcrSI6Jhu8PS4mrly2l8jJW-NBYq7mPg-rUzBhqFjNywPCOa75DTcZ3smkZ_uz2Ou4P7CRyCtah8LMKGYGBQ3ktErM-mLb8NrE4Z230KrsBaiknLO5l7A-kIr1apvIHkBLqhrL5xMBN8yTr2_F7Ivsh-Nrx2ldlXPy7fwJsA&cid=CAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 18:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44783
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11730
x-xss-protection
0
server
cafe
etag
9319256901541695429
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Oct 2022 18:53:14 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 71AB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ds1cNxhg2lBWJLNWiPqSy_BI7iIUKwrWxLpgMChH7_Xn3EYPwm2OhLJVJFyhehSZxbLvlAGEFA2CL8buo2R9UFTkS9Hdm-sFvoMJllwXf3_NvDosBc_hicJggqOlD6rmTDkcVXGCzY_JHHDrxNkVwCAL0fiipHmWW_oE62OJF0FfTAxqM&cry=1&dbm_d=AKAmf-DrIQbHomDHnnFwQ7bg-lmBwx64GNLnSbZE48hmDdUtzSrwUX9KR4I-FQzW6I6HKLD9HG5mDfv8eoU-wVBVgpnk0j_EUGOJoE2O3vF-166x5WCjgEhvWJg_aDoV8K6xBrAZP6HWxh3tZM-_xG5KuTxKFXW9zKaT4AMMcbbtxxrm8js49FnJ96dWH98BKEjRYl7z1Pl3WfGrt5hF2sXDZvr6q0LNGzX9Zc1ka_yYcKpyEoVPJ4jcAVohLMW3R7HdVWaENwqRRIwwHmxLxgNwvI6qrrnhey8RIAncc416hA446trDeICEt2QqhwD9ajN4YuQ3kG57DYZzGh28JUxlnDLOZvAp5gY_Tqh2J2nrStaaPW-xsxoOX46pBBtHvNZ-1o_VlkdoDRBYQ5tuP9sIb2yKCpwX5RcSurLe6iomqDJfNYnEjKu44TZOZqIE81XOhKInkKBx8tcBDgvPE-lI3bwj2G8c1OJkBnTQagGqBRdGCrmLD__eugmSAuk4iS9PuSqbn2mVvZKKrJGHrOSyoZRGohbD5W2wDXvRPqeFV6gx6ch6KQvTQiYJpsr7GA-XMjrXPEO3cWVb2vuMe9bua6sGoBpF_8s8noVZMF7UZJGCynldcr_QeSlzpaBe9YyI-coBlVrmpnGh1N9bmFGa5mNvID68gGASALWNd0zg-VwxZnRHfLB6P-aADjDuMGl2dJTgFwEY5VdhNcqnKyn2vKNWl1HIidFmlHe7GEPLTTEq4xSH4O8i2bxuWufqj__mO4v7xxHbn_swCBukA8qdMLlDLZfjqLLvATtfvcgdNBorNcZQ5o_F2B-fE8NDBIUK9A2HHNA8BIdswDRvOeipsNQdXIYCFCB_tYLq9SOvJCI7zgEp_xmVtj_OBS8Y4rkpWIMdUhys8RTSsr7BrclNjhnLeV8kKCVloxkdgUyYeuU6NOCqcIltNQbEDZ9ezMePPFNjx7ZJSGw51NgsADuH0kbg92TRXIopXJCuyrQM__mgfCovdLm9UX320nr5AOb6BcGi6ux1P_Jm48Cc-5Xykt8nypAT4kNwogqSYdPjDHs5KmCw05UIrRh2rLRCqoY82pxpHl4VsHP_GDsFuQvQET7X5NPRzmzNpkNwGftJKUeQ1jR1qElt5RW3azop-hOOJKcrv0myjiD-0CFycaRIOg_yXzzoL0eR6MBe2Ib3GuNiN7KvInWWRIXJF_TsbjGjgg2uGBpzjcPJpyBL90uKWxT6IdyA71te88MZcDgjO3nH_hLTQGIQ_D3tDk0LdELZ8_JaBBn3vljtltByO6pggFEbpXkIf_xcsQlN6iSTvXTUT-_KIcEdg9TKoimHTEPdqmbc3vKvLLKnxUSySBFweffE7Jnc3jQUlyzgajAIA-KO8c2n5k4e1byf46sByT_bd2jqHcvBNFiIDmr2tvm6YdlhNrNveOxyMEiUtiQ4PHS_3_Afg_U7dNk3hpZm9gQZpdQOjGeT6YYS2wAprPCa8d12AxztvzV-ndCmko6xdAbVDRajZKsYUTNVstSpUQYsfQzdMpT-fPAy_qghCBQ_UQdSbW7k8t5abrSHdRu1vEYz0N-XV7cDvCLJtb5nUaoKyVTe5pDR9PYJrj7RU_dfbFJyzK8Q8SRoDaewunMyq3Aywk_kiwp3O0HWODJkmql6tHp-MICMf8UnacU3pghTVfZSy34FZqzNaABJZOmso0NGb7JzN_GsBx-odBIRzpCioVgbLAI2NP_XYWEPyiWtoBO46VqZ7-Hnwr_OGAEqu9bmYWFTUT_JkG5-ddkuLB2WsycgytT5wwbEDo-vwerJLuSmK-3y0UmrEvMi3D7vwmfxlyaCwdWQn6MK12o_KIQekK9N1cDI9cH_JIiHkqDUQyfcC5VahthHgXytCgB77yaLgpE8UYnvwKZEGBVd73TaiOO8-DDrYqQRpga0V1u-KJuWQ078auz6Yybzf6AZctQH55NvRcmHNc0HNxaaRmwhAJxXd9vltsMo8FPv3_ggy61A4hoVR_A5Y1nDgafUiQjnjrfPoL-zHAeAnUCBmRBzyLgtHPNO7EM114UAcQibES174KXoPwONxzSqENUAUWWWBcicHTQ9-AZOYYf9ifp0gjGvjZcj4u82WQ_HnegNkLpPHchwDo3vFrryyrnAaLekrrsZJjxn02A3oRWNP3CFG-fj-iR0gjmEEaXbP7byO-8ZkE1mosSiEPNDhgHt1692HZe6Fh_4UJMVIWJ_6C0-2-RMIs2wrOJvfpcIz7Ht746WDrWCI549MK5ZagEwe4bVlmPGiiMaTnNF-i5RA5qRYpbZSx5ATGss4TtvT2BLVeI9I8jFBCrnVsdu6IR__Oui0wDJuocTn54LsOaWN_PgLMTJfOCGW7nJ8Jw2yj0PNdz_r_boU1CoHgvB9XVBfyF76Dp1tJidXCnnVoV6bBiJKCgZWk8tUG_aFrbkKCBE-Ojjt98jNGFMBJrMt1VikeY6b63pGPQnWzNMmGw2Cxtf_s9nPtCKSDa60ffpIrMH_mNuZBcnnoo8RV67m4r5fn3ECKo7WiXNIgJzQv972EvsUKu-vKvNMvoSe5NA0fiRzGQu9B7k1phftJ3xALfYUXYKr2LMk-T8_CZaqzcab3AsLEcjIhoLC3d2oal5SoxcCIuAgqmzrTfGjeGGOyHupviBBNM6maaozRCBvLFpqFrVYQcv3jweLYtPPLGqOqA9VPD1_0Ev_eG-BM-LepPpNbp5WC2nfhRiHm6JN0RYLwo-NXg5Oue2icp_mF4ShD4zr-nbNY70Cm25jLWKEZCrQcmEHeTP6dw-U3h_MpcoDNNGCgpcaOiH2kCoWa_-ypXt12rFJSBUmDknUKqL_e-Pg4Ffe9yyuEWh1fq-Sx-lTj9NhOOjoBDalXjp_x3ME2xVpGjWEPuqRz226awHgI87LAF6UrABwSrKCccD1R-K6OGgDBzsSdczq0d4m3p8xiR3b2YQCrBL5ul9_6-eFb00GJQl5DfHd4uSZ2Sqz1R0i_GhLm6Fw1cD7F2f6I-9N9HEdEm_gUEZJrbQNBqz9XUr2Kcj6QRnWJALHoN1zrer5OLzmi9AiAiz0FEjA11bK0DHDrCDzoZ9YZLtmftg1fwvOvEHw7TD_w-uann47WrSyx5obX9vfnHtQuGbctyVUCj5KDYepbbxRTPbX-0Q74T6JrygpcoZu3qqMYfCTIek3-W1X7Hh5D3e12GlYotkuRnmgDXDzUN1Z5OZ60H6sbSFG9xpvgzQXQHGqLk7v637sLBRbbr34gEpbJoWpDguxT93ZAKKdTAusvn7mcWtwS8I7AaRV4iyEGJ0PcHzK7tftHxUmU8g6kSbJNMrJpntb9Mo0nW2mxOfp7_x26cTB4AZk8ApAOjItzKp4KDG46LZLm_o6eqXLT1qTscglVkRHmG7SXyJ9DcTpYdHyLGPDvKTYI-lA8XoQ1zDYoV2h3c2o3MaNCB5sVF7BZqI9kaNInbajecgHA4_wBDlVk7nC17yXsAnMIMbLdI5vyv-uK0SoOHLgQ6XPAHW-4YaI4xoGTDqmBdWnZt_l4dudXb3G2_OPlt9DrPnsduzjAKuoSRf4fOGlrj_6qjs0jQ8G66ly7vklqG5thpxdr19XpDPy-ZlByXd2bdkVRC0TfbcrSI6Jhu8PS4mrly2l8jJW-NBYq7mPg-rUzBhqFjNywPCOa75DTcZ3smkZ_uz2Ou4P7CRyCtah8LMKGYGBQ3ktErM-mLb8NrE4Z230KrsBaiknLO5l7A-kIr1apvIHkBLqhrL5xMBN8yTr2_F7Ivsh-Nrx2ldlXPy7fwJsA&cid=CAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:22:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334628
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 10:22:29 GMT
postback
s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/ Frame 2978 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/postback?ci=697322&dt=6973221530105335325000&c5=&_page=https%3A%2F%2Fwegotthiscovered.com%2F&r1=178.255.148.172&pp=wegotthiscovered.com&pc=108034&di=wegotthiscovered.com&gt=NO&c1=chrome&c2=desktop&si=29569&sid=AZPnnyMGEeY6jt_3&oz_sc=af68997ad0670b45c40479d7&oz_df=1665991176813&oz_l=3243&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.72.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Oct 2022 07:19:36 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 2978 		380 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31302D31375F31307D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.172&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=634d020751aff&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
sffe /
Resource Hash
ab76c8f3c21530b36d51b97e8107597d45ce1e645213592cd5b1319924ef8391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129648
x-xss-protection
0
expires
Mon, 17 Oct 2022 07:19:37 GMT
liveView.php
live.primis.tech/live/ 		43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwY1OTxkMTp1JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTY2MDMkMwYzrD03NmpzrT00MmpzoXN0YT0kNwY1NDQlOCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXqyZ290qGucp2NiqzVlZWQhY29gJaN1YxyxPXqyZ290qGucp2NiqzVlZWQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqzyxX2F0nT1HYW11paMhZ3JiqXAzqXNypxyjQWRxpw0kNmthMwU1LwE0OC4kNmIzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTA2LwAhNTI0OS4kMTxyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYmNGQjMwA3NTFuZzYzpaZhPTMmNTIhNDtzYXR0ZW1jqE11oHRcpGkcZXI9MwAzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY2NTx5MTE3NwtmMCZ1nWQ9U2VenW5xo1NQoGF5ZXI2MmRxMDIjNmZxMwM2JaB1YyVloD1bqHRjplUmQSUlRvUlRaqyZ290qGucp2NiqzVlZWQhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
age
0
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
x-amz-cf-id
CS9CXjfRZiYGRWLrhHeB7ugmAFBINBk_9_TvPjpzGigRz55Eip3IdQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8F4F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJKXovHDBVCg8zh1pzuwCxHyga7oMClsua-VY2DGCZUwGW4zx4pSX9sRxIFJI8Cx44bUnlXmc7qJyc2eOpR4CHU2NV0h_cB8PldncuDmAd5ynEn0hAjklk5VLnHbJdyC3ntqxYXlIcxkHmKQ1AQ0eztMfdwyclfe1qXGYF7G3MLG4K3Dc&cry=1&dbm_d=AKAmf-DGn9s9EaT0TMuwRrCxJPw1RwTPfbS4jvG-8iNxKE8NXRbXpGHhsfsgjXwc-baSCaEj488nOgvr-97RVorO9NknoDHAJ8DNLBMGcosMDWostedENOhqTpk6B1ZgsS5XhrWaX8WYY_o3bdIuRgOBWWIPnRVm7GE8wgU5J_H6Xu-7kZ9ktmkcpvZe_Xv0ETUhuDA3yHKKwoR67a0gOsZXyKhxkm5Ay3Zn4oi8Me_hW4yRXYiddJvf4rlBOPCOm8O3LndLUUfn_2OufX7iEVZdMhBQ2J7XWm7mwHHUfu81K_w_Hqx1rMeXdJwBXeLa0NQU_fFviWZH_NOeK6QuvizwH7bprb-H5AhGd6Oz9Zu1vde8AXwJQ-9jr82YoAullGo4KbzWLKuQq6yh3AgFOEVwhjhXfaQ4EkKg9K547SHGK2fLHwmOMhMwXuRLmOnL2Wk26GgoUWG7-wWLT_vvaBBOdOh9MOe8ZtCLLi8NxzDYeJW-zMygdOtIvjK6dHqFOeyKTmnjWrwcRbQSlKc5spV7RYwUbPtNLC_kIabU51LL-jJ87i7q-ge0-kjjih7iE2Aa9bmTHGdod00SUx7496GC02T3Axr6R4pTJ9_VUON9zExlwwuV_091SQtLKeCmSE7SyQzm_tNHwxOEJZn7AZFslAL8zsSc9nkmSiujzggi1ZmlLc8OYiqhuVms09IWwle1U1Kq7V3oaSnDveGY3MdCa8t2dPQxzVcQzr-weDmokrgCFFLt-n98Z3sCPb_IPCCJqi4p_uz7MfMb3-DzBCVXFZXMyOtkKAvaG34Qe7sHmttSRqOywYxprqE4AhSQboUAC-PsDYqfnLz73usMhBDpEorJItbGPBIx7pum3iuO7Z1V2HtYyjfpvOpeML3fII5hwtfhDLO7u7bmw2lccPcpoXq4MLzTLdokdTiDRta2Qs680DXI9OgYTSu08ZLzER55-jOGqFIQqHtTamK9ugV9hz66JH8kOQrtlHOYxkh94Nk1vdiqf8GuYijgj8MLuR93vivZRhkV12da9TTh5sua7y4ZWFOKRnLSe7tPbc0wu2pWaiKaTyq6qE2lV2oSdt3SOWTR_UHby-Q6sbm4BakXuG9Su1gA7lexjB6NI8LO5bA6ZptMNNfJUmfXhOqISaMF8nreLqSZcjIu1reigtvLXvmYi7BNKPjGugP57BhBYagRCAh_9u5zoX29RimQ7X9CQw0znljYg1MvNVABQrlkjIfvY2ciAlUzB65tNQbXgFcJ-JfCnAoEwDgihFwwuI73Mpcf_FwMXs-CmqE0BFHcYqUs45VgDcOaD164PxnYsOY2Tx2xcIF8TMKLWZP8OgtUv79jnXuOy7UFD1-RfkFF10Jwje437okntr4lnq8eENRtbKDJhULwneVk0mybsm-NWfuImKFBc3Oi3EsmgnTzhza-GqxcQM2GNNYLorX1zaAGsJ3iztBTfYew9K6R4oRJl76x5UmG6zzWB2FcpbUpGj8XCR9BLDTC0PQ5lEnR_1D788PYFiTWobx4h0Jd-q3DM28pXZMoHuUwH28EmL-Sd5t1PQbxzUen-ypsfq0wftIPo-h0VMvxaNaYhynhFLc4ZJxawKdnO8ZBUstG328beBA8qEvkpX3JOiKiTuIGoSsiTihVJaaVgg0sPn01LVDYid_M6KfW1xClhG0jnLVAN84l19c1oCMD6YrWojYApyW64I-vSqk6PcLHouDN3UtuYEHVPpZhVefiKKFj3iu898jfPvVkfk310255118N9Jo4jUi3wSU6NpyVvPZG9o4fYZGwm4L5eCs2P0UuL4506MqbIgz3pP7aaIY3F5THSWaEwdQtw5c07MT1TEJvw0vHZJRQcbE1lq5Zqt8dA6Kx9QQnxl6HEbPgHVW14keDkn_fG7rksHzHC1hP9_9QkqAj3F34XmVJYkLd3NhPUM8oOcHVhT7rErXabIsKqTqmUEQKuQNq9ZaYsoCyYhOFasL7qWzcPocn0j7VsjeUIbGl5iCWpVh5NtbErGbZREB7-W9BB0SECPRrx587cbvLcT2yTnudAFqHqJWjI5Zn3pFQGFPXHurWc41qlsrO3Tkfs4RjeT89QNENLtCw3Rn0yq_-Vi4u6RJrc7zX_KZ51GkTZloqcDhXBlGGR8GybTQaZAqFxkp2sGdUdWh47-9lG_yCza3Ts8SMhndv_0RYHpQvx7aP1KabO9EemfxUkWee0ROaMqEZDfMOYjsfRWIgwj2yD6c9vaXhTRURxgzL-XCgShbNcODxKbDsF7pV9AYCbihADX0hmeA134b8Sm7aaAw0CIXWBMOmgsvrwxMQq1EdJmlBXo2Dt4JmzYytG2UDAf95kMBg3SxXJf7Og9J_uIER7H0uuY0GR5ADNzz72DIaOjIxhQLGk5Il2e3xZQa5T8nf1XKS1FcxL7mHdG-LwozwPacz44ISPmxWVcXtQ99rFHXR70F4FPeOvoZrODZNDRlQ5zSza9WTWoxGwVpCj260coo4EXj9bq3QG5wH1l8dKRqjdXrGlIqgq2_zyWBOE2Q0DXz-6hAOxruaciagaMXyMaO2rcNmJUEdXIomHgkgNICMkbs-g8W172lM2WBNlYaQnnDiAgK-b5Nt22i2Xf8eYj5mA8Q8VA4QmFNJjbiCkX68FwF9KGQt-QEQlWToxfKZVzCrRWfGyRS6BEBDFZYhxHLeFceD4HerW-z1kcdyWvWlKo9-Alezh07rRUiMYpDYnP8Jpmx_XJgB7-X2tPBzqs7hIc0LA82ia99T2EeiB2WTEhTSWpXqz9Xc0fVVSP2oJ53-_hjGubRoptlwSLAQu_kPm5ffC0jyNdXgOgnj8w7olSrdyLqEwxh7_aRI1OVkDhbFC7bGwmYywXeZVAt3xBJ9s_ofFIGK_3BgYLWfcqqUJHuntWC5NTnAGvwiu7NEBWUy4pi9DoeTfMisCxtC470bcwEKXnu8B1yIWon6ZfCN-A4gnaE9FgTukQ5TNIUWhkpClth16Mm_ivSZkE593zyc3SuH&cid=CAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:22:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334628
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 10:22:29 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame 8F4F
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1187894/65962642/xbbe/creative/adj?p=APEucNUJq12RY64ys5UrhkeuX4F_EnRQwts9Az3I5_PvoM8WlY28ovY&d=CokBAKAmf-C8d-1Q1h8qUAutMYJ0PQkStKNxTNVTmfB6EgOvwVqplUujGvBLnlk...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUJq12RY64ys5UrhkeuX4F_EnRQwts9Az3I5_PvoM8WlY28ovY&d=CokBAKAmf-C8d-1Q1h8qUAutMYJ0PQkStKNxTNVTmfB6EgOvwVqplUujGvBLnlkpFcNR66BWx0f8ZNhZ9hU8UfSxd...
47 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUJq12RY64ys5UrhkeuX4F_EnRQwts9Az3I5_PvoM8WlY28ovY&d=CokBAKAmf-C8d-1Q1h8qUAutMYJ0PQkStKNxTNVTmfB6EgOvwVqplUujGvBLnlkpFcNR66BWx0f8ZNhZ9hU8UfSxdXPNBf50cihqvz9dNY7TNhSAwDLDkUQWLfiZySe32P0_TgUCpCCsncGgkznKcNAEYwC1aGHwUUm7ob4ntj7lR5Qh8GNHClcuTyMSqRQAoCZ_4PRkKbMKfzNHp6_h_IlvnpYYfdnA7XoPG4id3Rx_R_-Xd8JI4ZGDERajGJ2Y7ZijvJnjT_C-fFaPsVV8e7lULBf5Y3JCqnAWu2CIU-uqmLCiCrdhvuS-avlgv-7wZsKvEZXHelDeNLM5r95VQtqDUDZr_N9qLzPteaAXGBBGoWBP_93QiGcJhF-ZKaIzo_SOeLm3ARZzkOiNm5PfuRBAIA_d_ngAN7UV8v3qBCOBwuq5Js1-NCTAnSde3_qAvQN7A0bKnPl_qwZCapHNzaOzcXHKU5i5r1CkXtWYYakRpiAJ5PTkvxKyxeTuaHGcNYvWukSwpSQ-B9F3KZNl3Sx43bQxyXH5BSIbz2wyJLnKWYBlg4t-IrS16dH7sP8xAfr7bTSIbe9KDsqKMfScgVc0_jt5m5KSO7UpoNtf_Bfqlnw5rCAJIu7sC7cCe1lNvNe0gnMZzI5rdkIMT3e8sNW8GlxDOeoN3Dr9Sa62Wrd2HJzuL3IDfKBk_L0x7VmJv56PJDqVeUBQxCzU6dvDYwqXh-F8pfMmcfhAPz_pl3Mxtqk8hCpqtWcUPhT-ZG58W7WthZM1Njc7jQH6lwQEwQwH4Iy44cexQxEFddhdAtvAQ9l2NomNcug91E7odcmAMedeolagFnRnJn7txsRqhMWXa7qdaTZQwgLtLhq7OBWTxC6DrRt31zypG7LNaq8_JzQ8WTG4FNq8dKnS8I7rSpIr0Vy0W0BQ4nZNLmi6TqETv3sZfcGNS5z1q-V3xhJcF_p32-5xEvU5KaDVDkWpaUNjFp6sglRj9kmW3RglDoqOFpDiy9DyRqB_8uKjDypc64jCA059LVk-FwIZ1RApzdfhK-Jezx-gLgdQaiMfVxsn-7AxLroiKxqbKCh4Jn5N6JKanUd81xb_zj5fe3EKq8Bm2p1tCF4CpaUbvRXisZAwdedLwOyp6-ZQkHoBVWru4jfW2br6SPfnJfpDHtpDWm2J6lgMptLkvU9jBABq7_zLzKgf9I-o2E77oJXbz4KuL20TKBz8jPdd6symPODs-p1L1lii42m6YBj7_mP89k5haQI3YCRVPPv4ynrxTMGws-FaECETVvYYi4Xq_cqySuMbnK7sJISbtbTzLtBGATh9ogRPawyMK2ju2h98CqTwcHjBk0PMXx-9vRYhRjUdnTd7eh6qo-f0EfynzuEMniHPmR9nqvxVzkz5cZohZKtHdUbEsnmr2zQ_Y_snx3zI9RBumJTo_pgFTVKSZ6vp1920HpqPKKc41E9pS-JgJzVGGX_ag97uvCM0xqjkYDKEDy-g5rAybkH5xIGzR6T2q2kqQEBOMBCrTBskBdp6T_NvepIUapRRRYA8dr6qy43IzGd3_9aGIETEqWMYrUqoHqDJilopkef07tN4ko6WhWfrDXHdme0P0jPktr1oZuFjIDK-1MjhkCFnHgC7B3MM0sST4_ybdoIdY3V8luugfJLGoFg3HrEoOhA6BUto6uGj-_Z7Hn417g7A2zEWchImoEd1KvMPMfHQ46vKWN6nuqG8Tmzu4OPjIoofRTZdh3eA9mKfM49dUNhpdlYROk3n3CaOsMercbyQK-hREjc_pd_tY1ziGU5I1PYRBTh5TY17MMtq1-Z8v8s-Pz6164-dhg2yB6VcdwDx840t6v7j8rOlytbDz4exQBhPbKjeodl1-KVV3GgPCSdcHrS-YATYIuH6TxV2o0Fa3xPH-bigmK-hzYDzQm-4vh1borv-A3AuF7URb2PK4PBTCqQjmm0JHnHsWpEs4HTyYEuCJ2MBR6iiOdGcS3H-FteN9j5HPis3DjQTmZBTI1IqE8dA8jg0Rm1yrlhOIrHBBg-WcV2vPLsf6HUqRTm2cDBfa_2sC2mSLmDNImtpI9asUVQ2BwQoQqTsowfpZipVPRRrqZ4kuMNPJLF5GMpzPbmqxpwIKpoF3lHwxjQvZMJn7jNoTPDMZKupVJ5phSe7EL09Hbx15yJomPW6XhHIiavTDVaueFvz4-9toeg5j3jDJae2RfNWkpylU-FeVEM7nXt08womw5rYx7wKTyVlYJwCvHN6-rhbH_Uo8G8CRkmHQGBdCI87FMQlaSBhehVO2UEHttsBG5aQzZPjgRjRClZsUqhnWBlZiDq7j3kSR4IiV1FcoHFnGXn68T3CxF81IT2cmog1EKh6pEspeEKZNFid8anXwouvSFQun2exawqV-9ZwZuO6mVvF1ctnLgUOSNml_SvgJ908zFfC1Fl83x6c4E2gghRanc_Ku5gA7mgsdG8jSyaSrZ5W3xOENwBLi5j_zVhHCYniMEPD1OWuXjGLylhHzrDyx4XaaE2MCLf4DYuwBEU5IE1TzkLMRWbrkxUTpFAQKgXjL6mESkvVsMhjz1VTP8Gu5Y57hKYMDgRol5OzbhHs6NHR_lCh2mWqajLSiqrjvnBOONak6SDEUjQqCi-0Lc4yR_GVu57GNa89AbVP5CmpZI6kj2DnCC1J4-qPm-GkaURg-0exV7FJkr3wYyWx-73b6GqBef22nqaURrnme61kDp0Ik70t-YjO41Gd1ZDLhbDHXfVewpYmg3M7NkBGpTcxc1r_ObclmZB-aPtkSJ3kirpApP7ebGQuFpwNZDpkA3j65UDrL84AEIneX4dIYyiTI-NJQ9LHiC1jiukm48tpWbY8z_ltBfz1HC3mOXDmF1Edhu92l1mpIX6XR7Ru7WI2_FT8qSIWnZGwpbPSmeBt6Pm94drv1rE0smE8jNu3WxkSR0DcbisA2d9UzFTRRKxpJ5c6hPLroCJredsGAwEZX-cqLPNqDUhlWtu3tk2V1PzMbRkwxWFYV2DFoBmgB6zN3AhdBZ8NvmF71f4LiiZ1o7HZ7vj7CBGwj9zWaTcEgUcATVWwN-6z9g3Q3GPEbLYHuibOIifBYdhMwR37wSw458Iie7E9QUYfIHso7cGPkePSUxnhQoAElrm0xlZIQq5VijEOcGhmpRAfYT-AyUKPeGmAKSzdTSHFtJffp5OULK2549hMv2MY7oyqFA4GaQgoqR34pz-W1AKvESheGgwhqEcVIlmeWhEkFCx4gcINEeqrMTptWcSXq6hrPP-O2I-hPGRIliPRYl7C35XlsSXjAFPGFSXR4U6y_u0_kjBLbN_wmlSis-p4iDhfgf5Q9nWf6Yh31xTLSgNVwFPI31ibbFluOLunON_1zkagJFVsKY3WalPr9dpIWgYUKzSso5p6rDVxRlHY6ShjAfsOngQ0nt7isWVhKYq_r2W6ukjSW6-QePEgZfhYznGZ6XbiIbzL55MDfg2wr41v87onsg9Bbmm5BOfKFvRFYcNU-wxAU-npihEZ9cAOmRH_742hjYyxohMY1qS45vKy0O_C3FSXqHLXj0VOHbtKNvyD0z5x1lnx3gADzpZcDHuJZpuLfiJlvWC9TbrAMuD48PW7KMDNC8IPmlfoFIgeQ9u_Zba8INr6V77uN4HQADoaRggEEj4A6tujfT3uQpXVgow27E-OwyXQEazWtRT8Z5cBHsRG6-7xRr3vIuPwPQpwCVu7XifL5hAzi7AB1gEoPkKs9BgBIA5gAQ
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
74.125.133.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f157.1e100.net
Software
cafe /
Resource Hash
ba7ad249431970601e976ddf2361e9c49b535d586421f6256643a4295a1b5aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19521
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:36 GMT
server
nginx
x-server-name
app15.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUJq12RY64ys5UrhkeuX4F_EnRQwts9Az3I5_PvoM8WlY28ovY&d=CokBAKAmf-C8d-1Q1h8qUAutMYJ0PQkStKNxTNVTmfB6EgOvwVqplUujGvBLnlkpFcNR66BWx0f8ZNhZ9hU8UfSxdXPNBf50cihqvz9dNY7TNhSAwDLDkUQWLfiZySe32P0_TgUCpCCsncGgkznKcNAEYwC1aGHwUUm7ob4ntj7lR5Qh8GNHClcuTyMSqRQAoCZ_4PRkKbMKfzNHp6_h_IlvnpYYfdnA7XoPG4id3Rx_R_-Xd8JI4ZGDERajGJ2Y7ZijvJnjT_C-fFaPsVV8e7lULBf5Y3JCqnAWu2CIU-uqmLCiCrdhvuS-avlgv-7wZsKvEZXHelDeNLM5r95VQtqDUDZr_N9qLzPteaAXGBBGoWBP_93QiGcJhF-ZKaIzo_SOeLm3ARZzkOiNm5PfuRBAIA_d_ngAN7UV8v3qBCOBwuq5Js1-NCTAnSde3_qAvQN7A0bKnPl_qwZCapHNzaOzcXHKU5i5r1CkXtWYYakRpiAJ5PTkvxKyxeTuaHGcNYvWukSwpSQ-B9F3KZNl3Sx43bQxyXH5BSIbz2wyJLnKWYBlg4t-IrS16dH7sP8xAfr7bTSIbe9KDsqKMfScgVc0_jt5m5KSO7UpoNtf_Bfqlnw5rCAJIu7sC7cCe1lNvNe0gnMZzI5rdkIMT3e8sNW8GlxDOeoN3Dr9Sa62Wrd2HJzuL3IDfKBk_L0x7VmJv56PJDqVeUBQxCzU6dvDYwqXh-F8pfMmcfhAPz_pl3Mxtqk8hCpqtWcUPhT-ZG58W7WthZM1Njc7jQH6lwQEwQwH4Iy44cexQxEFddhdAtvAQ9l2NomNcug91E7odcmAMedeolagFnRnJn7txsRqhMWXa7qdaTZQwgLtLhq7OBWTxC6DrRt31zypG7LNaq8_JzQ8WTG4FNq8dKnS8I7rSpIr0Vy0W0BQ4nZNLmi6TqETv3sZfcGNS5z1q-V3xhJcF_p32-5xEvU5KaDVDkWpaUNjFp6sglRj9kmW3RglDoqOFpDiy9DyRqB_8uKjDypc64jCA059LVk-FwIZ1RApzdfhK-Jezx-gLgdQaiMfVxsn-7AxLroiKxqbKCh4Jn5N6JKanUd81xb_zj5fe3EKq8Bm2p1tCF4CpaUbvRXisZAwdedLwOyp6-ZQkHoBVWru4jfW2br6SPfnJfpDHtpDWm2J6lgMptLkvU9jBABq7_zLzKgf9I-o2E77oJXbz4KuL20TKBz8jPdd6symPODs-p1L1lii42m6YBj7_mP89k5haQI3YCRVPPv4ynrxTMGws-FaECETVvYYi4Xq_cqySuMbnK7sJISbtbTzLtBGATh9ogRPawyMK2ju2h98CqTwcHjBk0PMXx-9vRYhRjUdnTd7eh6qo-f0EfynzuEMniHPmR9nqvxVzkz5cZohZKtHdUbEsnmr2zQ_Y_snx3zI9RBumJTo_pgFTVKSZ6vp1920HpqPKKc41E9pS-JgJzVGGX_ag97uvCM0xqjkYDKEDy-g5rAybkH5xIGzR6T2q2kqQEBOMBCrTBskBdp6T_NvepIUapRRRYA8dr6qy43IzGd3_9aGIETEqWMYrUqoHqDJilopkef07tN4ko6WhWfrDXHdme0P0jPktr1oZuFjIDK-1MjhkCFnHgC7B3MM0sST4_ybdoIdY3V8luugfJLGoFg3HrEoOhA6BUto6uGj-_Z7Hn417g7A2zEWchImoEd1KvMPMfHQ46vKWN6nuqG8Tmzu4OPjIoofRTZdh3eA9mKfM49dUNhpdlYROk3n3CaOsMercbyQK-hREjc_pd_tY1ziGU5I1PYRBTh5TY17MMtq1-Z8v8s-Pz6164-dhg2yB6VcdwDx840t6v7j8rOlytbDz4exQBhPbKjeodl1-KVV3GgPCSdcHrS-YATYIuH6TxV2o0Fa3xPH-bigmK-hzYDzQm-4vh1borv-A3AuF7URb2PK4PBTCqQjmm0JHnHsWpEs4HTyYEuCJ2MBR6iiOdGcS3H-FteN9j5HPis3DjQTmZBTI1IqE8dA8jg0Rm1yrlhOIrHBBg-WcV2vPLsf6HUqRTm2cDBfa_2sC2mSLmDNImtpI9asUVQ2BwQoQqTsowfpZipVPRRrqZ4kuMNPJLF5GMpzPbmqxpwIKpoF3lHwxjQvZMJn7jNoTPDMZKupVJ5phSe7EL09Hbx15yJomPW6XhHIiavTDVaueFvz4-9toeg5j3jDJae2RfNWkpylU-FeVEM7nXt08womw5rYx7wKTyVlYJwCvHN6-rhbH_Uo8G8CRkmHQGBdCI87FMQlaSBhehVO2UEHttsBG5aQzZPjgRjRClZsUqhnWBlZiDq7j3kSR4IiV1FcoHFnGXn68T3CxF81IT2cmog1EKh6pEspeEKZNFid8anXwouvSFQun2exawqV-9ZwZuO6mVvF1ctnLgUOSNml_SvgJ908zFfC1Fl83x6c4E2gghRanc_Ku5gA7mgsdG8jSyaSrZ5W3xOENwBLi5j_zVhHCYniMEPD1OWuXjGLylhHzrDyx4XaaE2MCLf4DYuwBEU5IE1TzkLMRWbrkxUTpFAQKgXjL6mESkvVsMhjz1VTP8Gu5Y57hKYMDgRol5OzbhHs6NHR_lCh2mWqajLSiqrjvnBOONak6SDEUjQqCi-0Lc4yR_GVu57GNa89AbVP5CmpZI6kj2DnCC1J4-qPm-GkaURg-0exV7FJkr3wYyWx-73b6GqBef22nqaURrnme61kDp0Ik70t-YjO41Gd1ZDLhbDHXfVewpYmg3M7NkBGpTcxc1r_ObclmZB-aPtkSJ3kirpApP7ebGQuFpwNZDpkA3j65UDrL84AEIneX4dIYyiTI-NJQ9LHiC1jiukm48tpWbY8z_ltBfz1HC3mOXDmF1Edhu92l1mpIX6XR7Ru7WI2_FT8qSIWnZGwpbPSmeBt6Pm94drv1rE0smE8jNu3WxkSR0DcbisA2d9UzFTRRKxpJ5c6hPLroCJredsGAwEZX-cqLPNqDUhlWtu3tk2V1PzMbRkwxWFYV2DFoBmgB6zN3AhdBZ8NvmF71f4LiiZ1o7HZ7vj7CBGwj9zWaTcEgUcATVWwN-6z9g3Q3GPEbLYHuibOIifBYdhMwR37wSw458Iie7E9QUYfIHso7cGPkePSUxnhQoAElrm0xlZIQq5VijEOcGhmpRAfYT-AyUKPeGmAKSzdTSHFtJffp5OULK2549hMv2MY7oyqFA4GaQgoqR34pz-W1AKvESheGgwhqEcVIlmeWhEkFCx4gcINEeqrMTptWcSXq6hrPP-O2I-hPGRIliPRYl7C35XlsSXjAFPGFSXR4U6y_u0_kjBLbN_wmlSis-p4iDhfgf5Q9nWf6Yh31xTLSgNVwFPI31ibbFluOLunON_1zkagJFVsKY3WalPr9dpIWgYUKzSso5p6rDVxRlHY6ShjAfsOngQ0nt7isWVhKYq_r2W6ukjSW6-QePEgZfhYznGZ6XbiIbzL55MDfg2wr41v87onsg9Bbmm5BOfKFvRFYcNU-wxAU-npihEZ9cAOmRH_742hjYyxohMY1qS45vKy0O_C3FSXqHLXj0VOHbtKNvyD0z5x1lnx3gADzpZcDHuJZpuLfiJlvWC9TbrAMuD48PW7KMDNC8IPmlfoFIgeQ9u_Zba8INr6V77uN4HQADoaRggEEj4A6tujfT3uQpXVgow27E-OwyXQEazWtRT8Z5cBHsRG6-7xRr3vIuPwPQpwCVu7XifL5hAzi7AB1gEoPkKs9BgBIA5gAQ
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 0032 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
2216600
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
H-A-IKIe3xyVb4S2WxwdjgXaXZCZYKXLTlDdQZA2k2pbBbX6xDFJhw==
dt
dt.adsafeprotected.com/ Frame 8F4F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1187894&asId=1f4abc1e-fad9-55bc-6ec7-e8018ce40ae1&tv=%7Bc:rhCzrK,pingTime:0,time:50,type:c,env:%7Bnr_rHRbA1:0%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tkvfcd4+11%7C12%7C13%7C14%7C15111%7C15112%7C15113%7C15114%7C15115%7C15116%7C15117%7C15118%7C15119%7C1511a%7C1512%7C1513%7C1514%7C1515%7C1516%7C1517%7C1518%7C1519%7C16%7C17%7C181%7C1821%7C183%7C184%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e*.1187894-65962642%7C1e1,idMap:1e*,rmeas:1,rend:0,renddet:IMG.us,siq:24,metricId:rHRbA1,cmr:t%7D&br=c
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.118.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-118-155.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:37 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 8F4F 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1187894&asId=1f4abc1e-fad9-55bc-6ec7-e8018ce40ae1&tv=%7Bc:rhCzrL,pingTime:-3,time:51,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:52,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tkvfcd4+11%7C12%7C13%7C14%7C15111%7C15112%7C15113%7C15114%7C15115%7C15116%7C15117%7C15118%7C15119%7C1511a%7C1512%7C1513%7C1514%7C1515%7C1516%7C1517%7C1518%7C1519%7C16%7C17%7C181%7C1821%7C183%7C184%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e*.1187894-65962642%7C1e1,idMap:1e*,rmeas:1,rend:0,renddet:IMG.us,siq:24%7D&br=c
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.118.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-118-155.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:37 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 8F4F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1187894&asId=1f4abc1e-fad9-55bc-6ec7-e8018ce40ae1&tv=%7Bc:rhCzrN,pingTime:-6,time:53,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:53,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tkvfcd4+11%7C12%7C13%7C14%7C15111%7C15112%7C15113%7C15114%7C15115%7C15116%7C15117%7C15118%7C15119%7C1511a%7C1512%7C1513%7C1514%7C1515%7C1516%7C1517%7C1518%7C1519%7C16%7C17%7C181%7C1821%7C183%7C184%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e*.1187894-65962642%7C1e1,idMap:1e*,rmeas:1,rend:0,renddet:IMG.us,siq:24%7D&tpiLookup=ao:wegotthiscovered.com*&br=c
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.118.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-118-155.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:37 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 8F4F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1187894&asId=1f4abc1e-fad9-55bc-6ec7-e8018ce40ae1&tv=%7Bc:rhCzrX,pingTime:-2,time:63,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:832,beZ:833,mfA:835,cmA:836,inA:837,inZ:840,prA:840,prZ:850,si:855,poA:857,poZ:877,cmZ:877,mfZ:877,loA:885,loZ:888,ltA:895,ltZ:895%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:true,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:63,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tkvfcd4+11%7C12%7C13%7C14%7C15111%7C15112%7C15113%7C15114%7C15115%7C15116%7C15117%7C15118%7C15119%7C1511a%7C1512%7C1513%7C1514%7C1515%7C1516%7C1517%7C1518%7C1519%7C16%7C17%7C181%7C1821%7C183%7C184%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e*.1187894-65962642%7C1e1,idMap:1e*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:24,sinceFw:38,readyFired:false%7D&br=c
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.118.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-118-155.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:37 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 8F4F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1187894&asId=1f4abc1e-fad9-55bc-6ec7-e8018ce40ae1&tv=%7Bc:rhCzso,time:90,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D,gcd2:%7Bappl:0,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:90,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B84~0%5D,as:%5B84~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tkvfcd4+11%7C12%7C13%7C14%7C15111%7C15112%7C15113%7C15114%7C15115%7C15116%7C15117%7C15118%7C15119%7C1511a%7C1512%7C1513%7C1514%7C1515%7C1516%7C1517%7C1518%7C1519%7C16%7C17%7C181%7C1821%7C183%7C184%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e*.1187894-65962642%7C1e1,idMap:1e*,rmeas:1,rend:0,renddet:IMG.us,siq:24%7D&br=c
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.118.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-118-155.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:37 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
postback
s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/ Frame 2978 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/postback?ci=697322&dt=6973221530105335325000&c5=&_page=https%3A%2F%2Fwegotthiscovered.com%2F&r1=178.255.148.172&pp=wegotthiscovered.com&pc=108034&di=wegotthiscovered.com&gt=NO&c1=chrome&c2=desktop&si=29569&sid=AZPnnyMGEeY6jt_3&oz_sc=af68997ad0670b45c40479d7&oz_df=1665991176971&oz_l=230&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.72.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Oct 2022 07:19:36 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 8F4F 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1187894/65962642/xbbe/creative/adj?p=APEucNUJq12RY64ys5UrhkeuX4F_EnRQwts9Az3I5_PvoM8WlY28ovY&d=CokBAKAmf-C8d-1Q1h8qUAutMYJ0PQkStKNxTNVTmfB6EgOvwVqplUujGvBLnlkpFcNR66BWx0f8ZNhZ9hU8UfSxdXPNBf50cihqvz9dNY7TNhSAwDLDkUQWLfiZySe32P0_TgUCpCCsncGgkznKcNAEYwC1aGHwUUm7ob4ntj7lR5Qh8GNHClcuTyMSqRQAoCZ_4PRkKbMKfzNHp6_h_IlvnpYYfdnA7XoPG4id3Rx_R_-Xd8JI4ZGDERajGJ2Y7ZijvJnjT_C-fFaPsVV8e7lULBf5Y3JCqnAWu2CIU-uqmLCiCrdhvuS-avlgv-7wZsKvEZXHelDeNLM5r95VQtqDUDZr_N9qLzPteaAXGBBGoWBP_93QiGcJhF-ZKaIzo_SOeLm3ARZzkOiNm5PfuRBAIA_d_ngAN7UV8v3qBCOBwuq5Js1-NCTAnSde3_qAvQN7A0bKnPl_qwZCapHNzaOzcXHKU5i5r1CkXtWYYakRpiAJ5PTkvxKyxeTuaHGcNYvWukSwpSQ-B9F3KZNl3Sx43bQxyXH5BSIbz2wyJLnKWYBlg4t-IrS16dH7sP8xAfr7bTSIbe9KDsqKMfScgVc0_jt5m5KSO7UpoNtf_Bfqlnw5rCAJIu7sC7cCe1lNvNe0gnMZzI5rdkIMT3e8sNW8GlxDOeoN3Dr9Sa62Wrd2HJzuL3IDfKBk_L0x7VmJv56PJDqVeUBQxCzU6dvDYwqXh-F8pfMmcfhAPz_pl3Mxtqk8hCpqtWcUPhT-ZG58W7WthZM1Njc7jQH6lwQEwQwH4Iy44cexQxEFddhdAtvAQ9l2NomNcug91E7odcmAMedeolagFnRnJn7txsRqhMWXa7qdaTZQwgLtLhq7OBWTxC6DrRt31zypG7LNaq8_JzQ8WTG4FNq8dKnS8I7rSpIr0Vy0W0BQ4nZNLmi6TqETv3sZfcGNS5z1q-V3xhJcF_p32-5xEvU5KaDVDkWpaUNjFp6sglRj9kmW3RglDoqOFpDiy9DyRqB_8uKjDypc64jCA059LVk-FwIZ1RApzdfhK-Jezx-gLgdQaiMfVxsn-7AxLroiKxqbKCh4Jn5N6JKanUd81xb_zj5fe3EKq8Bm2p1tCF4CpaUbvRXisZAwdedLwOyp6-ZQkHoBVWru4jfW2br6SPfnJfpDHtpDWm2J6lgMptLkvU9jBABq7_zLzKgf9I-o2E77oJXbz4KuL20TKBz8jPdd6symPODs-p1L1lii42m6YBj7_mP89k5haQI3YCRVPPv4ynrxTMGws-FaECETVvYYi4Xq_cqySuMbnK7sJISbtbTzLtBGATh9ogRPawyMK2ju2h98CqTwcHjBk0PMXx-9vRYhRjUdnTd7eh6qo-f0EfynzuEMniHPmR9nqvxVzkz5cZohZKtHdUbEsnmr2zQ_Y_snx3zI9RBumJTo_pgFTVKSZ6vp1920HpqPKKc41E9pS-JgJzVGGX_ag97uvCM0xqjkYDKEDy-g5rAybkH5xIGzR6T2q2kqQEBOMBCrTBskBdp6T_NvepIUapRRRYA8dr6qy43IzGd3_9aGIETEqWMYrUqoHqDJilopkef07tN4ko6WhWfrDXHdme0P0jPktr1oZuFjIDK-1MjhkCFnHgC7B3MM0sST4_ybdoIdY3V8luugfJLGoFg3HrEoOhA6BUto6uGj-_Z7Hn417g7A2zEWchImoEd1KvMPMfHQ46vKWN6nuqG8Tmzu4OPjIoofRTZdh3eA9mKfM49dUNhpdlYROk3n3CaOsMercbyQK-hREjc_pd_tY1ziGU5I1PYRBTh5TY17MMtq1-Z8v8s-Pz6164-dhg2yB6VcdwDx840t6v7j8rOlytbDz4exQBhPbKjeodl1-KVV3GgPCSdcHrS-YATYIuH6TxV2o0Fa3xPH-bigmK-hzYDzQm-4vh1borv-A3AuF7URb2PK4PBTCqQjmm0JHnHsWpEs4HTyYEuCJ2MBR6iiOdGcS3H-FteN9j5HPis3DjQTmZBTI1IqE8dA8jg0Rm1yrlhOIrHBBg-WcV2vPLsf6HUqRTm2cDBfa_2sC2mSLmDNImtpI9asUVQ2BwQoQqTsowfpZipVPRRrqZ4kuMNPJLF5GMpzPbmqxpwIKpoF3lHwxjQvZMJn7jNoTPDMZKupVJ5phSe7EL09Hbx15yJomPW6XhHIiavTDVaueFvz4-9toeg5j3jDJae2RfNWkpylU-FeVEM7nXt08womw5rYx7wKTyVlYJwCvHN6-rhbH_Uo8G8CRkmHQGBdCI87FMQlaSBhehVO2UEHttsBG5aQzZPjgRjRClZsUqhnWBlZiDq7j3kSR4IiV1FcoHFnGXn68T3CxF81IT2cmog1EKh6pEspeEKZNFid8anXwouvSFQun2exawqV-9ZwZuO6mVvF1ctnLgUOSNml_SvgJ908zFfC1Fl83x6c4E2gghRanc_Ku5gA7mgsdG8jSyaSrZ5W3xOENwBLi5j_zVhHCYniMEPD1OWuXjGLylhHzrDyx4XaaE2MCLf4DYuwBEU5IE1TzkLMRWbrkxUTpFAQKgXjL6mESkvVsMhjz1VTP8Gu5Y57hKYMDgRol5OzbhHs6NHR_lCh2mWqajLSiqrjvnBOONak6SDEUjQqCi-0Lc4yR_GVu57GNa89AbVP5CmpZI6kj2DnCC1J4-qPm-GkaURg-0exV7FJkr3wYyWx-73b6GqBef22nqaURrnme61kDp0Ik70t-YjO41Gd1ZDLhbDHXfVewpYmg3M7NkBGpTcxc1r_ObclmZB-aPtkSJ3kirpApP7ebGQuFpwNZDpkA3j65UDrL84AEIneX4dIYyiTI-NJQ9LHiC1jiukm48tpWbY8z_ltBfz1HC3mOXDmF1Edhu92l1mpIX6XR7Ru7WI2_FT8qSIWnZGwpbPSmeBt6Pm94drv1rE0smE8jNu3WxkSR0DcbisA2d9UzFTRRKxpJ5c6hPLroCJredsGAwEZX-cqLPNqDUhlWtu3tk2V1PzMbRkwxWFYV2DFoBmgB6zN3AhdBZ8NvmF71f4LiiZ1o7HZ7vj7CBGwj9zWaTcEgUcATVWwN-6z9g3Q3GPEbLYHuibOIifBYdhMwR37wSw458Iie7E9QUYfIHso7cGPkePSUxnhQoAElrm0xlZIQq5VijEOcGhmpRAfYT-AyUKPeGmAKSzdTSHFtJffp5OULK2549hMv2MY7oyqFA4GaQgoqR34pz-W1AKvESheGgwhqEcVIlmeWhEkFCx4gcINEeqrMTptWcSXq6hrPP-O2I-hPGRIliPRYl7C35XlsSXjAFPGFSXR4U6y_u0_kjBLbN_wmlSis-p4iDhfgf5Q9nWf6Yh31xTLSgNVwFPI31ibbFluOLunON_1zkagJFVsKY3WalPr9dpIWgYUKzSso5p6rDVxRlHY6ShjAfsOngQ0nt7isWVhKYq_r2W6ukjSW6-QePEgZfhYznGZ6XbiIbzL55MDfg2wr41v87onsg9Bbmm5BOfKFvRFYcNU-wxAU-npihEZ9cAOmRH_742hjYyxohMY1qS45vKy0O_C3FSXqHLXj0VOHbtKNvyD0z5x1lnx3gADzpZcDHuJZpuLfiJlvWC9TbrAMuD48PW7KMDNC8IPmlfoFIgeQ9u_Zba8INr6V77uN4HQADoaRggEEj4A6tujfT3uQpXVgow27E-OwyXQEazWtRT8Z5cBHsRG6-7xRr3vIuPwPQpwCVu7XifL5hAzi7AB1gEoPkKs9BgBIA5gAQ&ias_dspID=3&ias_campId=1008940221&ias_pubId=pub-6897902191714833&ias_chanId=1&ias_placementId=18267969278&bidurl=https://wegotthiscovered.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hvaL4OoYTPP1dI34g2SKpH&adsafe_url=https%3A%2F%2Fwegotthiscovered.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:1f4abc1e-fad9-55bc-6ec7-e8018ce40ae1,c:rhCzri,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765f644cdf-f7v26,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:rHRbA1,mtim:3,mot:0,app:0,maw:0,fm:tkvfcd4+11%7C12%7C13%7C14%7C15111%7C15112%7C15113%7C15114%7C15115%7C15116%7C15117%7C15118%7C15119%7C1511a%7C1512%7C1513%7C1514%7C1515%7C1516%7C1517%7C1518%7C1519%7C16%7C17%7C181%7C1821%7C183%7C184%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e*.1187894-65962642%7C1e1,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:23,oid:0e505734-4dec-11ed-853c-26350697d102,v:19.8.355,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 18:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44783
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11730
x-xss-protection
0
server
cafe
etag
9319256901541695429
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Oct 2022 18:53:14 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame 8F4F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1187894/65962642/xbbe/creative/adj?p=APEucNUJq12RY64ys5UrhkeuX4F_EnRQwts9Az3I5_PvoM8WlY28ovY&d=CokBAKAmf-C8d-1Q1h8qUAutMYJ0PQkStKNxTNVTmfB6EgOvwVqplUujGvBLnlkpFcNR66BWx0f8ZNhZ9hU8UfSxdXPNBf50cihqvz9dNY7TNhSAwDLDkUQWLfiZySe32P0_TgUCpCCsncGgkznKcNAEYwC1aGHwUUm7ob4ntj7lR5Qh8GNHClcuTyMSqRQAoCZ_4PRkKbMKfzNHp6_h_IlvnpYYfdnA7XoPG4id3Rx_R_-Xd8JI4ZGDERajGJ2Y7ZijvJnjT_C-fFaPsVV8e7lULBf5Y3JCqnAWu2CIU-uqmLCiCrdhvuS-avlgv-7wZsKvEZXHelDeNLM5r95VQtqDUDZr_N9qLzPteaAXGBBGoWBP_93QiGcJhF-ZKaIzo_SOeLm3ARZzkOiNm5PfuRBAIA_d_ngAN7UV8v3qBCOBwuq5Js1-NCTAnSde3_qAvQN7A0bKnPl_qwZCapHNzaOzcXHKU5i5r1CkXtWYYakRpiAJ5PTkvxKyxeTuaHGcNYvWukSwpSQ-B9F3KZNl3Sx43bQxyXH5BSIbz2wyJLnKWYBlg4t-IrS16dH7sP8xAfr7bTSIbe9KDsqKMfScgVc0_jt5m5KSO7UpoNtf_Bfqlnw5rCAJIu7sC7cCe1lNvNe0gnMZzI5rdkIMT3e8sNW8GlxDOeoN3Dr9Sa62Wrd2HJzuL3IDfKBk_L0x7VmJv56PJDqVeUBQxCzU6dvDYwqXh-F8pfMmcfhAPz_pl3Mxtqk8hCpqtWcUPhT-ZG58W7WthZM1Njc7jQH6lwQEwQwH4Iy44cexQxEFddhdAtvAQ9l2NomNcug91E7odcmAMedeolagFnRnJn7txsRqhMWXa7qdaTZQwgLtLhq7OBWTxC6DrRt31zypG7LNaq8_JzQ8WTG4FNq8dKnS8I7rSpIr0Vy0W0BQ4nZNLmi6TqETv3sZfcGNS5z1q-V3xhJcF_p32-5xEvU5KaDVDkWpaUNjFp6sglRj9kmW3RglDoqOFpDiy9DyRqB_8uKjDypc64jCA059LVk-FwIZ1RApzdfhK-Jezx-gLgdQaiMfVxsn-7AxLroiKxqbKCh4Jn5N6JKanUd81xb_zj5fe3EKq8Bm2p1tCF4CpaUbvRXisZAwdedLwOyp6-ZQkHoBVWru4jfW2br6SPfnJfpDHtpDWm2J6lgMptLkvU9jBABq7_zLzKgf9I-o2E77oJXbz4KuL20TKBz8jPdd6symPODs-p1L1lii42m6YBj7_mP89k5haQI3YCRVPPv4ynrxTMGws-FaECETVvYYi4Xq_cqySuMbnK7sJISbtbTzLtBGATh9ogRPawyMK2ju2h98CqTwcHjBk0PMXx-9vRYhRjUdnTd7eh6qo-f0EfynzuEMniHPmR9nqvxVzkz5cZohZKtHdUbEsnmr2zQ_Y_snx3zI9RBumJTo_pgFTVKSZ6vp1920HpqPKKc41E9pS-JgJzVGGX_ag97uvCM0xqjkYDKEDy-g5rAybkH5xIGzR6T2q2kqQEBOMBCrTBskBdp6T_NvepIUapRRRYA8dr6qy43IzGd3_9aGIETEqWMYrUqoHqDJilopkef07tN4ko6WhWfrDXHdme0P0jPktr1oZuFjIDK-1MjhkCFnHgC7B3MM0sST4_ybdoIdY3V8luugfJLGoFg3HrEoOhA6BUto6uGj-_Z7Hn417g7A2zEWchImoEd1KvMPMfHQ46vKWN6nuqG8Tmzu4OPjIoofRTZdh3eA9mKfM49dUNhpdlYROk3n3CaOsMercbyQK-hREjc_pd_tY1ziGU5I1PYRBTh5TY17MMtq1-Z8v8s-Pz6164-dhg2yB6VcdwDx840t6v7j8rOlytbDz4exQBhPbKjeodl1-KVV3GgPCSdcHrS-YATYIuH6TxV2o0Fa3xPH-bigmK-hzYDzQm-4vh1borv-A3AuF7URb2PK4PBTCqQjmm0JHnHsWpEs4HTyYEuCJ2MBR6iiOdGcS3H-FteN9j5HPis3DjQTmZBTI1IqE8dA8jg0Rm1yrlhOIrHBBg-WcV2vPLsf6HUqRTm2cDBfa_2sC2mSLmDNImtpI9asUVQ2BwQoQqTsowfpZipVPRRrqZ4kuMNPJLF5GMpzPbmqxpwIKpoF3lHwxjQvZMJn7jNoTPDMZKupVJ5phSe7EL09Hbx15yJomPW6XhHIiavTDVaueFvz4-9toeg5j3jDJae2RfNWkpylU-FeVEM7nXt08womw5rYx7wKTyVlYJwCvHN6-rhbH_Uo8G8CRkmHQGBdCI87FMQlaSBhehVO2UEHttsBG5aQzZPjgRjRClZsUqhnWBlZiDq7j3kSR4IiV1FcoHFnGXn68T3CxF81IT2cmog1EKh6pEspeEKZNFid8anXwouvSFQun2exawqV-9ZwZuO6mVvF1ctnLgUOSNml_SvgJ908zFfC1Fl83x6c4E2gghRanc_Ku5gA7mgsdG8jSyaSrZ5W3xOENwBLi5j_zVhHCYniMEPD1OWuXjGLylhHzrDyx4XaaE2MCLf4DYuwBEU5IE1TzkLMRWbrkxUTpFAQKgXjL6mESkvVsMhjz1VTP8Gu5Y57hKYMDgRol5OzbhHs6NHR_lCh2mWqajLSiqrjvnBOONak6SDEUjQqCi-0Lc4yR_GVu57GNa89AbVP5CmpZI6kj2DnCC1J4-qPm-GkaURg-0exV7FJkr3wYyWx-73b6GqBef22nqaURrnme61kDp0Ik70t-YjO41Gd1ZDLhbDHXfVewpYmg3M7NkBGpTcxc1r_ObclmZB-aPtkSJ3kirpApP7ebGQuFpwNZDpkA3j65UDrL84AEIneX4dIYyiTI-NJQ9LHiC1jiukm48tpWbY8z_ltBfz1HC3mOXDmF1Edhu92l1mpIX6XR7Ru7WI2_FT8qSIWnZGwpbPSmeBt6Pm94drv1rE0smE8jNu3WxkSR0DcbisA2d9UzFTRRKxpJ5c6hPLroCJredsGAwEZX-cqLPNqDUhlWtu3tk2V1PzMbRkwxWFYV2DFoBmgB6zN3AhdBZ8NvmF71f4LiiZ1o7HZ7vj7CBGwj9zWaTcEgUcATVWwN-6z9g3Q3GPEbLYHuibOIifBYdhMwR37wSw458Iie7E9QUYfIHso7cGPkePSUxnhQoAElrm0xlZIQq5VijEOcGhmpRAfYT-AyUKPeGmAKSzdTSHFtJffp5OULK2549hMv2MY7oyqFA4GaQgoqR34pz-W1AKvESheGgwhqEcVIlmeWhEkFCx4gcINEeqrMTptWcSXq6hrPP-O2I-hPGRIliPRYl7C35XlsSXjAFPGFSXR4U6y_u0_kjBLbN_wmlSis-p4iDhfgf5Q9nWf6Yh31xTLSgNVwFPI31ibbFluOLunON_1zkagJFVsKY3WalPr9dpIWgYUKzSso5p6rDVxRlHY6ShjAfsOngQ0nt7isWVhKYq_r2W6ukjSW6-QePEgZfhYznGZ6XbiIbzL55MDfg2wr41v87onsg9Bbmm5BOfKFvRFYcNU-wxAU-npihEZ9cAOmRH_742hjYyxohMY1qS45vKy0O_C3FSXqHLXj0VOHbtKNvyD0z5x1lnx3gADzpZcDHuJZpuLfiJlvWC9TbrAMuD48PW7KMDNC8IPmlfoFIgeQ9u_Zba8INr6V77uN4HQADoaRggEEj4A6tujfT3uQpXVgow27E-OwyXQEazWtRT8Z5cBHsRG6-7xRr3vIuPwPQpwCVu7XifL5hAzi7AB1gEoPkKs9BgBIA5gAQ&ias_dspID=3&ias_campId=1008940221&ias_pubId=pub-6897902191714833&ias_chanId=1&ias_placementId=18267969278&bidurl=https://wegotthiscovered.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hvaL4OoYTPP1dI34g2SKpH&adsafe_url=https%3A%2F%2Fwegotthiscovered.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:1f4abc1e-fad9-55bc-6ec7-e8018ce40ae1,c:rhCzri,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765f644cdf-f7v26,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:rHRbA1,mtim:3,mot:0,app:0,maw:0,fm:tkvfcd4+11%7C12%7C13%7C14%7C15111%7C15112%7C15113%7C15114%7C15115%7C15116%7C15117%7C15118%7C15119%7C1511a%7C1512%7C1513%7C1514%7C1515%7C1516%7C1517%7C1518%7C1519%7C16%7C17%7C181%7C1821%7C183%7C184%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e*.1187894-65962642%7C1e1,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:23,oid:0e505734-4dec-11ed-853c-26350697d102,v:19.8.355,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 18:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44783
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 30 Oct 2022 18:53:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8F4F 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss7AmOa-N5ciN_Un51Dhe47LuZXtxjP7d66zvsQ0gi3Gh5rx3_ikUPjDBz405DMRyhfAP8rCcmG9Enp6zScAn9fSzb-V9-1yYY6ME1PdSS5syUJCY5CrAFUTNhEfKMeMno_b_ezKiUD316EQ2lW2g&sai=AMfl-YRXswWKlJ2zKyyTktGpPFt5Ke-MwqPPJzhZnXWbEz4W2I3nkQgrT2Idcq5F6maVt4_R1YGea-dzK46EZnFeYPUjntI12sPGdjAiRD_g9b4-pyxpSYMCkQFfNrJSbv50DFR1&sig=Cg0ArKJSzHlFo2E5QMBLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221012.13658&adurl=
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1187894/65962642/xbbe/creative/adj?p=APEucNUJq12RY64ys5UrhkeuX4F_EnRQwts9Az3I5_PvoM8WlY28ovY&d=CokBAKAmf-C8d-1Q1h8qUAutMYJ0PQkStKNxTNVTmfB6EgOvwVqplUujGvBLnlkpFcNR66BWx0f8ZNhZ9hU8UfSxdXPNBf50cihqvz9dNY7TNhSAwDLDkUQWLfiZySe32P0_TgUCpCCsncGgkznKcNAEYwC1aGHwUUm7ob4ntj7lR5Qh8GNHClcuTyMSqRQAoCZ_4PRkKbMKfzNHp6_h_IlvnpYYfdnA7XoPG4id3Rx_R_-Xd8JI4ZGDERajGJ2Y7ZijvJnjT_C-fFaPsVV8e7lULBf5Y3JCqnAWu2CIU-uqmLCiCrdhvuS-avlgv-7wZsKvEZXHelDeNLM5r95VQtqDUDZr_N9qLzPteaAXGBBGoWBP_93QiGcJhF-ZKaIzo_SOeLm3ARZzkOiNm5PfuRBAIA_d_ngAN7UV8v3qBCOBwuq5Js1-NCTAnSde3_qAvQN7A0bKnPl_qwZCapHNzaOzcXHKU5i5r1CkXtWYYakRpiAJ5PTkvxKyxeTuaHGcNYvWukSwpSQ-B9F3KZNl3Sx43bQxyXH5BSIbz2wyJLnKWYBlg4t-IrS16dH7sP8xAfr7bTSIbe9KDsqKMfScgVc0_jt5m5KSO7UpoNtf_Bfqlnw5rCAJIu7sC7cCe1lNvNe0gnMZzI5rdkIMT3e8sNW8GlxDOeoN3Dr9Sa62Wrd2HJzuL3IDfKBk_L0x7VmJv56PJDqVeUBQxCzU6dvDYwqXh-F8pfMmcfhAPz_pl3Mxtqk8hCpqtWcUPhT-ZG58W7WthZM1Njc7jQH6lwQEwQwH4Iy44cexQxEFddhdAtvAQ9l2NomNcug91E7odcmAMedeolagFnRnJn7txsRqhMWXa7qdaTZQwgLtLhq7OBWTxC6DrRt31zypG7LNaq8_JzQ8WTG4FNq8dKnS8I7rSpIr0Vy0W0BQ4nZNLmi6TqETv3sZfcGNS5z1q-V3xhJcF_p32-5xEvU5KaDVDkWpaUNjFp6sglRj9kmW3RglDoqOFpDiy9DyRqB_8uKjDypc64jCA059LVk-FwIZ1RApzdfhK-Jezx-gLgdQaiMfVxsn-7AxLroiKxqbKCh4Jn5N6JKanUd81xb_zj5fe3EKq8Bm2p1tCF4CpaUbvRXisZAwdedLwOyp6-ZQkHoBVWru4jfW2br6SPfnJfpDHtpDWm2J6lgMptLkvU9jBABq7_zLzKgf9I-o2E77oJXbz4KuL20TKBz8jPdd6symPODs-p1L1lii42m6YBj7_mP89k5haQI3YCRVPPv4ynrxTMGws-FaECETVvYYi4Xq_cqySuMbnK7sJISbtbTzLtBGATh9ogRPawyMK2ju2h98CqTwcHjBk0PMXx-9vRYhRjUdnTd7eh6qo-f0EfynzuEMniHPmR9nqvxVzkz5cZohZKtHdUbEsnmr2zQ_Y_snx3zI9RBumJTo_pgFTVKSZ6vp1920HpqPKKc41E9pS-JgJzVGGX_ag97uvCM0xqjkYDKEDy-g5rAybkH5xIGzR6T2q2kqQEBOMBCrTBskBdp6T_NvepIUapRRRYA8dr6qy43IzGd3_9aGIETEqWMYrUqoHqDJilopkef07tN4ko6WhWfrDXHdme0P0jPktr1oZuFjIDK-1MjhkCFnHgC7B3MM0sST4_ybdoIdY3V8luugfJLGoFg3HrEoOhA6BUto6uGj-_Z7Hn417g7A2zEWchImoEd1KvMPMfHQ46vKWN6nuqG8Tmzu4OPjIoofRTZdh3eA9mKfM49dUNhpdlYROk3n3CaOsMercbyQK-hREjc_pd_tY1ziGU5I1PYRBTh5TY17MMtq1-Z8v8s-Pz6164-dhg2yB6VcdwDx840t6v7j8rOlytbDz4exQBhPbKjeodl1-KVV3GgPCSdcHrS-YATYIuH6TxV2o0Fa3xPH-bigmK-hzYDzQm-4vh1borv-A3AuF7URb2PK4PBTCqQjmm0JHnHsWpEs4HTyYEuCJ2MBR6iiOdGcS3H-FteN9j5HPis3DjQTmZBTI1IqE8dA8jg0Rm1yrlhOIrHBBg-WcV2vPLsf6HUqRTm2cDBfa_2sC2mSLmDNImtpI9asUVQ2BwQoQqTsowfpZipVPRRrqZ4kuMNPJLF5GMpzPbmqxpwIKpoF3lHwxjQvZMJn7jNoTPDMZKupVJ5phSe7EL09Hbx15yJomPW6XhHIiavTDVaueFvz4-9toeg5j3jDJae2RfNWkpylU-FeVEM7nXt08womw5rYx7wKTyVlYJwCvHN6-rhbH_Uo8G8CRkmHQGBdCI87FMQlaSBhehVO2UEHttsBG5aQzZPjgRjRClZsUqhnWBlZiDq7j3kSR4IiV1FcoHFnGXn68T3CxF81IT2cmog1EKh6pEspeEKZNFid8anXwouvSFQun2exawqV-9ZwZuO6mVvF1ctnLgUOSNml_SvgJ908zFfC1Fl83x6c4E2gghRanc_Ku5gA7mgsdG8jSyaSrZ5W3xOENwBLi5j_zVhHCYniMEPD1OWuXjGLylhHzrDyx4XaaE2MCLf4DYuwBEU5IE1TzkLMRWbrkxUTpFAQKgXjL6mESkvVsMhjz1VTP8Gu5Y57hKYMDgRol5OzbhHs6NHR_lCh2mWqajLSiqrjvnBOONak6SDEUjQqCi-0Lc4yR_GVu57GNa89AbVP5CmpZI6kj2DnCC1J4-qPm-GkaURg-0exV7FJkr3wYyWx-73b6GqBef22nqaURrnme61kDp0Ik70t-YjO41Gd1ZDLhbDHXfVewpYmg3M7NkBGpTcxc1r_ObclmZB-aPtkSJ3kirpApP7ebGQuFpwNZDpkA3j65UDrL84AEIneX4dIYyiTI-NJQ9LHiC1jiukm48tpWbY8z_ltBfz1HC3mOXDmF1Edhu92l1mpIX6XR7Ru7WI2_FT8qSIWnZGwpbPSmeBt6Pm94drv1rE0smE8jNu3WxkSR0DcbisA2d9UzFTRRKxpJ5c6hPLroCJredsGAwEZX-cqLPNqDUhlWtu3tk2V1PzMbRkwxWFYV2DFoBmgB6zN3AhdBZ8NvmF71f4LiiZ1o7HZ7vj7CBGwj9zWaTcEgUcATVWwN-6z9g3Q3GPEbLYHuibOIifBYdhMwR37wSw458Iie7E9QUYfIHso7cGPkePSUxnhQoAElrm0xlZIQq5VijEOcGhmpRAfYT-AyUKPeGmAKSzdTSHFtJffp5OULK2549hMv2MY7oyqFA4GaQgoqR34pz-W1AKvESheGgwhqEcVIlmeWhEkFCx4gcINEeqrMTptWcSXq6hrPP-O2I-hPGRIliPRYl7C35XlsSXjAFPGFSXR4U6y_u0_kjBLbN_wmlSis-p4iDhfgf5Q9nWf6Yh31xTLSgNVwFPI31ibbFluOLunON_1zkagJFVsKY3WalPr9dpIWgYUKzSso5p6rDVxRlHY6ShjAfsOngQ0nt7isWVhKYq_r2W6ukjSW6-QePEgZfhYznGZ6XbiIbzL55MDfg2wr41v87onsg9Bbmm5BOfKFvRFYcNU-wxAU-npihEZ9cAOmRH_742hjYyxohMY1qS45vKy0O_C3FSXqHLXj0VOHbtKNvyD0z5x1lnx3gADzpZcDHuJZpuLfiJlvWC9TbrAMuD48PW7KMDNC8IPmlfoFIgeQ9u_Zba8INr6V77uN4HQADoaRggEEj4A6tujfT3uQpXVgow27E-OwyXQEazWtRT8Z5cBHsRG6-7xRr3vIuPwPQpwCVu7XifL5hAzi7AB1gEoPkKs9BgBIA5gAQ&ias_dspID=3&ias_campId=1008940221&ias_pubId=pub-6897902191714833&ias_chanId=1&ias_placementId=18267969278&bidurl=https://wegotthiscovered.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hvaL4OoYTPP1dI34g2SKpH&adsafe_url=https%3A%2F%2Fwegotthiscovered.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:1f4abc1e-fad9-55bc-6ec7-e8018ce40ae1,c:rhCzri,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765f644cdf-f7v26,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:rHRbA1,mtim:3,mot:0,app:0,maw:0,fm:tkvfcd4+11%7C12%7C13%7C14%7C15111%7C15112%7C15113%7C15114%7C15115%7C15116%7C15117%7C15118%7C15119%7C1511a%7C1512%7C1513%7C1514%7C1515%7C1516%7C1517%7C1518%7C1519%7C16%7C17%7C181%7C1821%7C183%7C184%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e*.1187894-65962642%7C1e1,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:23,oid:0e505734-4dec-11ed-853c-26350697d102,v:19.8.355,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
web.js
ads.celtra.com/e92f74ee/ Frame 8F4F 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.celtra.com/e92f74ee/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsunbaqstOtkeHd1lxrldgLoSwx6DbZrkInDgjK7pJ6EYCK2y3e22JWeGn3lalhn0Ks2tIwgQLDFBM2kUr24TbL4-g09zy7WriKMOCt34Og4g0Os-TUkD22fJo0l223rUMUwl5TmixrKHxGggYN4RtJQM95HoqNFDAx20PWbnd_RCzzHtKOTeEntQ_ozcUyfaFPz116jiZ1wU6b2bYzqynHBcLItOiAJRAYcQoohifTcjXE_ueeJ4khtfNFzgkyW8dr2TqKLlrC5tE2xZaSOpdQdS5T8-vmBLOSu0G_NWNyeawKgGmEwQi_4lG8e5RYh33uSYF5SA8BUIS1oCghe1M0PKxBElwLXR0-nzzFQDxsSM0g_6g9UXmUM1ZOTy15sbBOvy6ZvfUCVor-7Aq6idXABMZNl_868MOUaUh9pTd02iDqYARt1xaixTZzSSPc_fY0L5K0cp2hg7ATarxCS1bcZWA1_o-CW1Bvb59HUIDsmXtW7xhUsUFIU_R1HtOFVXyCf_V1CxOms8e6OTzbV-h47iYxUFn7-K8egTpd73UbgUu5kjQbcbPdQAiU5rg_AnJsRSGJgiDoBnalsIK2nPXfyVZE3r2wtmUX14y-Mj0jKQnOQA8ydgr94nNUwfXRZ1XkIl3M84qbxT7gOJKLfb1wylioSP4JAQpQAU_TKAqChWmAfQX45dJwiV9ofoV0OaHragWn0eeEB58NfhOtZrXts4mcFP0oXdzUjpx2gmXMwGb42yKzwXtrSGh7PYNB9CYBJKBQGW2oapZMaaD3-n-g-krLdrkXcbtZ7YwzDSTgXwFSAzcYriWPoOMuW-km895H6nDlHyNenIEBXfXdMGgX7uSCW_1yUKLgksV047HLYtbBdTPn4BXNEG-MRk2kjec83UQnplTWjVGlP8HKW8sv89ivEu0eTmDcXFpj9c-MJ-uXfqUAeGx8XGwqnjgfCUcflzz4UXekSWlfF8CvBIujFDY72Kpkw74Q_-hPB7gSJCCb0-fEZgbWxz2NRxXkoxjxh5ZOXNJkUBtKPrsiKsfnpHHugvO3N4BM622GVvYxKyI_V2QlQLwPYN5DLDnSvZbYSZN0JWW3mLFMDp0PLnNnVMo53qW1wElDjtJBEljGMGGi7C1NviUiiI2OTDS-lvR-qdPKQm7loRCbSVzklZAGwfFXNkvmyIad5D-sZnjRo3ZryS6NNPAbz8SrE7XmurliDGZbYbmsKGuSp6oFda29Z1f2Nzz5fRBQYtZaBEyC1lU1JFEU_VzIWUvce3RZUYHZVn9n5JBmwSZYDJHSh4a-qZCs%26sai%3DAMfl-YTJOkX0xhOrFzWLZt-3biJqGPRFAgmvoU8kC5Ot3b7X_7pEu-0pdZjPBs4PYonbdaPEiuuNz3L9astFHWNnLhvYw85pQuZ_2pQiFgqMxuOaEIy8Co1CFK4yTfzE4QfceaUiERz9F6UTcOm7z7jJa9vpERLM4r-hLsoie049WmHsSeo6hgw8iu2f6TaeRabMtacz_X2D8_8yUKCyjDh_ogmgWm4W4HzI6gknqs-Vvpu6zaa5NRFaoWph1kcq6ufqozfIr-sI7lLMMhW8OAn2JKfvHmGJWrM%26sig%3DCg0ArKJSzHTYlPTTBZ2yEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&externalAdServer=DCM&tagVersion=html-standard-7&eas.JWVjaWQh=178499258&externalCreativeId=178499258&externalPlacementId=344701385&externalSiteId=5081253&externalLineItemId=538551370&externalCampaignId=28397668&externalCreativeSize=728x90&externalUserId=0&externalDestinationUrl=https%3A%2F%2Fwww.adidas.no%2Fperformance%3Fcm_mmc%3DAdiDisplay_DV360-_-CrossCategory-_-OE-_-Banner-_-Banner-_-dv%3AeCOM-_-cn%3AAlwaysOn_MidFunnel-_-pc%3ACrossCategory%26cm_mmc1%3DNO%26cm_mmc2%3Dadidas-EMEA-eCOM-Display-CrossCategory-Prospecting-NO-AlwaysOn-2201-00052-NA-Programmatic-MidFunnel%26dclid%3D%25edclid!&scriptId=celtra-script-1&clientTimestamp=1665991177.093&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=09263681744822305
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.220.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-220-111.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b47c4fa5dc6b9452b6c85baa164141a54ecbb53d43f1e1317312f4eeab895a69

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:19:36 GMT
content-encoding
gzip
Connection
keep-alive
Content-Length
5245
Content-Type
application/javascript; charset=utf-8
view
googleads4.g.doubleclick.net/pcs/ Frame 8F4F 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss7AmOa-N5ciN_Un51Dhe47LuZXtxjP7d66zvsQ0gi3Gh5rx3_ikUPjDBz405DMRyhfAP8rCcmG9Enp6zScAn9fSzb-V9-1yYY6ME1PdSS5syUJCY5CrAFUTNhEfKMeMno_b_ezKiUD316EQ2lW2g&sai=AMfl-YRXswWKlJ2zKyyTktGpPFt5Ke-MwqPPJzhZnXWbEz4W2I3nkQgrT2Idcq5F6maVt4_R1YGea-dzK46EZnFeYPUjntI12sPGdjAiRD_g9b4-pyxpSYMCkQFfNrJSbv50DFR1&sig=Cg0ArKJSzHlFo2E5QMBLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=7&vt=11&dtpt=6&dett=2&cstd=0&cisv=r20221012.13658&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1187894/65962642/xbbe/creative/adj?p=APEucNUJq12RY64ys5UrhkeuX4F_EnRQwts9Az3I5_PvoM8WlY28ovY&d=CokBAKAmf-C8d-1Q1h8qUAutMYJ0PQkStKNxTNVTmfB6EgOvwVqplUujGvBLnlkpFcNR66BWx0f8ZNhZ9hU8UfSxdXPNBf50cihqvz9dNY7TNhSAwDLDkUQWLfiZySe32P0_TgUCpCCsncGgkznKcNAEYwC1aGHwUUm7ob4ntj7lR5Qh8GNHClcuTyMSqRQAoCZ_4PRkKbMKfzNHp6_h_IlvnpYYfdnA7XoPG4id3Rx_R_-Xd8JI4ZGDERajGJ2Y7ZijvJnjT_C-fFaPsVV8e7lULBf5Y3JCqnAWu2CIU-uqmLCiCrdhvuS-avlgv-7wZsKvEZXHelDeNLM5r95VQtqDUDZr_N9qLzPteaAXGBBGoWBP_93QiGcJhF-ZKaIzo_SOeLm3ARZzkOiNm5PfuRBAIA_d_ngAN7UV8v3qBCOBwuq5Js1-NCTAnSde3_qAvQN7A0bKnPl_qwZCapHNzaOzcXHKU5i5r1CkXtWYYakRpiAJ5PTkvxKyxeTuaHGcNYvWukSwpSQ-B9F3KZNl3Sx43bQxyXH5BSIbz2wyJLnKWYBlg4t-IrS16dH7sP8xAfr7bTSIbe9KDsqKMfScgVc0_jt5m5KSO7UpoNtf_Bfqlnw5rCAJIu7sC7cCe1lNvNe0gnMZzI5rdkIMT3e8sNW8GlxDOeoN3Dr9Sa62Wrd2HJzuL3IDfKBk_L0x7VmJv56PJDqVeUBQxCzU6dvDYwqXh-F8pfMmcfhAPz_pl3Mxtqk8hCpqtWcUPhT-ZG58W7WthZM1Njc7jQH6lwQEwQwH4Iy44cexQxEFddhdAtvAQ9l2NomNcug91E7odcmAMedeolagFnRnJn7txsRqhMWXa7qdaTZQwgLtLhq7OBWTxC6DrRt31zypG7LNaq8_JzQ8WTG4FNq8dKnS8I7rSpIr0Vy0W0BQ4nZNLmi6TqETv3sZfcGNS5z1q-V3xhJcF_p32-5xEvU5KaDVDkWpaUNjFp6sglRj9kmW3RglDoqOFpDiy9DyRqB_8uKjDypc64jCA059LVk-FwIZ1RApzdfhK-Jezx-gLgdQaiMfVxsn-7AxLroiKxqbKCh4Jn5N6JKanUd81xb_zj5fe3EKq8Bm2p1tCF4CpaUbvRXisZAwdedLwOyp6-ZQkHoBVWru4jfW2br6SPfnJfpDHtpDWm2J6lgMptLkvU9jBABq7_zLzKgf9I-o2E77oJXbz4KuL20TKBz8jPdd6symPODs-p1L1lii42m6YBj7_mP89k5haQI3YCRVPPv4ynrxTMGws-FaECETVvYYi4Xq_cqySuMbnK7sJISbtbTzLtBGATh9ogRPawyMK2ju2h98CqTwcHjBk0PMXx-9vRYhRjUdnTd7eh6qo-f0EfynzuEMniHPmR9nqvxVzkz5cZohZKtHdUbEsnmr2zQ_Y_snx3zI9RBumJTo_pgFTVKSZ6vp1920HpqPKKc41E9pS-JgJzVGGX_ag97uvCM0xqjkYDKEDy-g5rAybkH5xIGzR6T2q2kqQEBOMBCrTBskBdp6T_NvepIUapRRRYA8dr6qy43IzGd3_9aGIETEqWMYrUqoHqDJilopkef07tN4ko6WhWfrDXHdme0P0jPktr1oZuFjIDK-1MjhkCFnHgC7B3MM0sST4_ybdoIdY3V8luugfJLGoFg3HrEoOhA6BUto6uGj-_Z7Hn417g7A2zEWchImoEd1KvMPMfHQ46vKWN6nuqG8Tmzu4OPjIoofRTZdh3eA9mKfM49dUNhpdlYROk3n3CaOsMercbyQK-hREjc_pd_tY1ziGU5I1PYRBTh5TY17MMtq1-Z8v8s-Pz6164-dhg2yB6VcdwDx840t6v7j8rOlytbDz4exQBhPbKjeodl1-KVV3GgPCSdcHrS-YATYIuH6TxV2o0Fa3xPH-bigmK-hzYDzQm-4vh1borv-A3AuF7URb2PK4PBTCqQjmm0JHnHsWpEs4HTyYEuCJ2MBR6iiOdGcS3H-FteN9j5HPis3DjQTmZBTI1IqE8dA8jg0Rm1yrlhOIrHBBg-WcV2vPLsf6HUqRTm2cDBfa_2sC2mSLmDNImtpI9asUVQ2BwQoQqTsowfpZipVPRRrqZ4kuMNPJLF5GMpzPbmqxpwIKpoF3lHwxjQvZMJn7jNoTPDMZKupVJ5phSe7EL09Hbx15yJomPW6XhHIiavTDVaueFvz4-9toeg5j3jDJae2RfNWkpylU-FeVEM7nXt08womw5rYx7wKTyVlYJwCvHN6-rhbH_Uo8G8CRkmHQGBdCI87FMQlaSBhehVO2UEHttsBG5aQzZPjgRjRClZsUqhnWBlZiDq7j3kSR4IiV1FcoHFnGXn68T3CxF81IT2cmog1EKh6pEspeEKZNFid8anXwouvSFQun2exawqV-9ZwZuO6mVvF1ctnLgUOSNml_SvgJ908zFfC1Fl83x6c4E2gghRanc_Ku5gA7mgsdG8jSyaSrZ5W3xOENwBLi5j_zVhHCYniMEPD1OWuXjGLylhHzrDyx4XaaE2MCLf4DYuwBEU5IE1TzkLMRWbrkxUTpFAQKgXjL6mESkvVsMhjz1VTP8Gu5Y57hKYMDgRol5OzbhHs6NHR_lCh2mWqajLSiqrjvnBOONak6SDEUjQqCi-0Lc4yR_GVu57GNa89AbVP5CmpZI6kj2DnCC1J4-qPm-GkaURg-0exV7FJkr3wYyWx-73b6GqBef22nqaURrnme61kDp0Ik70t-YjO41Gd1ZDLhbDHXfVewpYmg3M7NkBGpTcxc1r_ObclmZB-aPtkSJ3kirpApP7ebGQuFpwNZDpkA3j65UDrL84AEIneX4dIYyiTI-NJQ9LHiC1jiukm48tpWbY8z_ltBfz1HC3mOXDmF1Edhu92l1mpIX6XR7Ru7WI2_FT8qSIWnZGwpbPSmeBt6Pm94drv1rE0smE8jNu3WxkSR0DcbisA2d9UzFTRRKxpJ5c6hPLroCJredsGAwEZX-cqLPNqDUhlWtu3tk2V1PzMbRkwxWFYV2DFoBmgB6zN3AhdBZ8NvmF71f4LiiZ1o7HZ7vj7CBGwj9zWaTcEgUcATVWwN-6z9g3Q3GPEbLYHuibOIifBYdhMwR37wSw458Iie7E9QUYfIHso7cGPkePSUxnhQoAElrm0xlZIQq5VijEOcGhmpRAfYT-AyUKPeGmAKSzdTSHFtJffp5OULK2549hMv2MY7oyqFA4GaQgoqR34pz-W1AKvESheGgwhqEcVIlmeWhEkFCx4gcINEeqrMTptWcSXq6hrPP-O2I-hPGRIliPRYl7C35XlsSXjAFPGFSXR4U6y_u0_kjBLbN_wmlSis-p4iDhfgf5Q9nWf6Yh31xTLSgNVwFPI31ibbFluOLunON_1zkagJFVsKY3WalPr9dpIWgYUKzSso5p6rDVxRlHY6ShjAfsOngQ0nt7isWVhKYq_r2W6ukjSW6-QePEgZfhYznGZ6XbiIbzL55MDfg2wr41v87onsg9Bbmm5BOfKFvRFYcNU-wxAU-npihEZ9cAOmRH_742hjYyxohMY1qS45vKy0O_C3FSXqHLXj0VOHbtKNvyD0z5x1lnx3gADzpZcDHuJZpuLfiJlvWC9TbrAMuD48PW7KMDNC8IPmlfoFIgeQ9u_Zba8INr6V77uN4HQADoaRggEEj4A6tujfT3uQpXVgow27E-OwyXQEazWtRT8Z5cBHsRG6-7xRr3vIuPwPQpwCVu7XifL5hAzi7AB1gEoPkKs9BgBIA5gAQ&ias_dspID=3&ias_campId=1008940221&ias_pubId=pub-6897902191714833&ias_chanId=1&ias_placementId=18267969278&bidurl=https://wegotthiscovered.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hvaL4OoYTPP1dI34g2SKpH&adsafe_url=https%3A%2F%2Fwegotthiscovered.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:1f4abc1e-fad9-55bc-6ec7-e8018ce40ae1,c:rhCzri,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765f644cdf-f7v26,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:rHRbA1,mtim:3,mot:0,app:0,maw:0,fm:tkvfcd4+11%7C12%7C13%7C14%7C15111%7C15112%7C15113%7C15114%7C15115%7C15116%7C15117%7C15118%7C15119%7C1511a%7C1512%7C1513%7C1514%7C1515%7C1516%7C1517%7C1518%7C1519%7C16%7C17%7C181%7C1821%7C183%7C184%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e*.1187894-65962642%7C1e1,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:23,oid:0e505734-4dec-11ed-853c-26350697d102,v:19.8.355,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
e531c85b-b7cc-45f5-a972-c8dd53ec8c10
https://wegotthiscovered.com/ Frame 2978 		787 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://wegotthiscovered.com/e531c85b-b7cc-45f5-a972-c8dd53ec8c10
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ef1496ada1a9e18163b11ca047dd9c4ab447472b4245850331fc3340650eafd

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
787
postback
s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/ Frame 2978 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/postback?ci=697322&dt=6973221530105335325000&c5=&_page=https%3A%2F%2Fwegotthiscovered.com%2F&r1=178.255.148.172&pp=wegotthiscovered.com&pc=108034&di=wegotthiscovered.com&gt=NO&c1=chrome&c2=desktop&si=29569&sid=AZPnnyMGEeY6jt_3&oz_sc=af68997ad0670b45c40479d7&oz_df=1665991177140&oz_l=741&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.72.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Oct 2022 07:19:36 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
ad.html
delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ Frame 8629 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.html?messId=fD0FOGBOPFObsPt3Z9Z0&lang=no&size=300x250&clickTag=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTIH7BwJNY56zHcrA7gPqnZLIDbb23sVsvbuFhaoO7Y78wgMQASDY6rYgYMOEgICYGKAB3cLr_wLIAQmpAkrH2hoSI3k-qAMBqgSHAk_QqnT75hNWw32wje_KVvkBu06HCTJd3_gtdxKhbmhOZDhx3nhZVBTQeE8pdq-yxLL2ioFOP6zT1bMzh1TjHV6zHLAOaTakS0h2UJuXYaKPl9MfcGTAaLN5gIIOWfpBeiGPhj5vBdkAH-XdkhtrbZV0olEaudvfFwDDszvrwl4iBsenI-72w-z3YnYlknZOixYq1MWthw6KHL7V4zVelxFGlGgNjwA7Tqh7sVEm_ePR3IC-eSGnX-AHzscJMzX7nKMzjR1bRKuczEvCGfEma42OyJcKoUuNAg-txNF6H1ParPdCTpEL1DuXfY3bW7khlOyG_8PA_ZmgQ1pwxa6uzf-4leBfv-opwATf6oLvyQPgBAOQBgGgBk2AB4u9lIABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiIYRABGB0yA4qCAToCgEDyCBthZHgtc3Vic3luLTU1MzU1MjE3NzY4ODY3MjmACgOYCwHICwGADAGwE8T6yRDIE9jFgt0D0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg%26sig%3DAOD64_2XSJwAX_q58DYVUA-pum2iWDf4HA%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-CK5f-LzEnzcdeBI49-HJgXLb4IrJnqQmYPHHL541ql1kYGfcrxnSZy7XrpUB89qFen7s2TIeQfVqswc4UArUVWfSTxr7wNa6To6yMQreZ4kN8Kj75gpG4QfJecvbhbSh31gKdB0GlXH3oHUiIr6Gh2KkuOx6D4IvPanrOtD3V5sdR8aCY%26cry%3D1%26dbm_d%3DAKAmf-AwEP0GMDg5jTfg2_xEp5zYaHW_reMdbUuUtrLD4oGQTjHeVS66ykpgjKrTWOmltxcB71wmdQ0NH3t-1TWl5a7_Ji8lCVKUKxd3G7yhDQAm4kGWw0xx5ZN2QL2Jxp_wSAzUQ-OnoOC783ZaP5SG5PgDZ8tsvuqMPtChMuqutDFRjc7aRUPd72SltNetxlmRPP27xtc7vi-AX8zAI2ZNS68tNaGwfyC_ZyOc1w7sWhfhHg5tOpl8Dm9ycIapBOAtOhOyhq-Co67e3Xo8B3xLcXIhvW0MY-hrNbGUcMrASKtjfVT8eLjQ5hEhrJJskKH2J-v2ZzTM1lDjQD5tTqB2UFrOjwfDEx64v42Ik5SJgjBsGGfiUiCwvPW7Ou8fZfp6jdKSesQNP2TZEK5zc9TXpNtpGB2cC7lx0RJYGxAaXMS6764nv6c7jjNseXX6FXhrJQsow0JeGThY4_zzNsv60aO7QgAFIEaMQ7oeA_2YEjqJl4ARdi4ZO6EoSSr29xd0NWEC6ISZucIMD6W-IauS0pZi3ZS1MwMCyhjIta0Vz4bY0dB3P2U%26adurl%3D
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-13.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
8274a9541622155d88e2a8d5e021724e2bb36cf5d78db3cbc856b068c07e8626

Request headers

Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

access-control-allow-origin
*
access-control-request-headers
*
access-control-request-method
GET
cache-control
max-age=14400
content-encoding
UTF-8
content-length
6779
content-type
text/html
date
Mon, 17 Oct 2022 07:19:37 GMT
origin
*
server
CloudFront
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
x-amz-cf-id
68aVzxEjO9x336105EwpqS5lVJsIQmJncbvEJ-6tjbpvCczvGi7frw==
x-amz-cf-pop
DUS51-P1
x-cache
LambdaGeneratedResponse from cloudfront
x-lae-region
eu-central-1
truncated
/ Frame 71AB 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9f92c6684a2c007f65da0d7df941089a57323f88b56e1916970dab9ff330751

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 63DD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
257379
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 07:49:58 GMT
expires
Sat, 14 Oct 2023 07:49:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E0AB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
257379
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 07:49:58 GMT
expires
Sat, 14 Oct 2023 07:49:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 8F4F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1187894&asId=1f4abc1e-fad9-55bc-6ec7-e8018ce40ae1&tv=%7Bc:rhCzyk,pingTime:-10,time:458,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1665991177308%7C%7C1fae5cae73b33166597b53c123bf1a4d%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C98ce6f7db8b82a84015de35a0ef396a7%7C%7C374209f25c9fc700e710dd4c4ef0e978%7C%7C2dd8f892b52096f183adf8508852601f%7C%7C7ea8a27a1034d557de2dd9d863aef2a8%7C%7Cdc46826d74312ba750f069c5e0f6c817%7C%7C1663701684%7D
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.118.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-118-155.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:37 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
postback
s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/ Frame 2978 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/postback?ci=697322&dt=6973221530105335325000&c5=&_page=https%3A%2F%2Fwegotthiscovered.com%2F&r1=178.255.148.172&pp=wegotthiscovered.com&pc=108034&di=wegotthiscovered.com&gt=NO&c1=chrome&c2=desktop&si=29569&sid=AZPnnyMGEeY6jt_3&oz_sc=af68997ad0670b45c40479d7&oz_df=1665991177318&oz_l=4298&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.72.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Oct 2022 07:19:36 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
fbbdf2d8
celtraidentity.com/ Frame 8F4F 		93 B
337 B 		Script
General
Check archive.org
Download Go to
Full URL
https://celtraidentity.com/fbbdf2d8?countryCode=NO&readOnly=true&cb=__jsonp26193118598336973
Requested by
Host: ads.celtra.com
URL: https://ads.celtra.com/e92f74ee/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsunbaqstOtkeHd1lxrldgLoSwx6DbZrkInDgjK7pJ6EYCK2y3e22JWeGn3lalhn0Ks2tIwgQLDFBM2kUr24TbL4-g09zy7WriKMOCt34Og4g0Os-TUkD22fJo0l223rUMUwl5TmixrKHxGggYN4RtJQM95HoqNFDAx20PWbnd_RCzzHtKOTeEntQ_ozcUyfaFPz116jiZ1wU6b2bYzqynHBcLItOiAJRAYcQoohifTcjXE_ueeJ4khtfNFzgkyW8dr2TqKLlrC5tE2xZaSOpdQdS5T8-vmBLOSu0G_NWNyeawKgGmEwQi_4lG8e5RYh33uSYF5SA8BUIS1oCghe1M0PKxBElwLXR0-nzzFQDxsSM0g_6g9UXmUM1ZOTy15sbBOvy6ZvfUCVor-7Aq6idXABMZNl_868MOUaUh9pTd02iDqYARt1xaixTZzSSPc_fY0L5K0cp2hg7ATarxCS1bcZWA1_o-CW1Bvb59HUIDsmXtW7xhUsUFIU_R1HtOFVXyCf_V1CxOms8e6OTzbV-h47iYxUFn7-K8egTpd73UbgUu5kjQbcbPdQAiU5rg_AnJsRSGJgiDoBnalsIK2nPXfyVZE3r2wtmUX14y-Mj0jKQnOQA8ydgr94nNUwfXRZ1XkIl3M84qbxT7gOJKLfb1wylioSP4JAQpQAU_TKAqChWmAfQX45dJwiV9ofoV0OaHragWn0eeEB58NfhOtZrXts4mcFP0oXdzUjpx2gmXMwGb42yKzwXtrSGh7PYNB9CYBJKBQGW2oapZMaaD3-n-g-krLdrkXcbtZ7YwzDSTgXwFSAzcYriWPoOMuW-km895H6nDlHyNenIEBXfXdMGgX7uSCW_1yUKLgksV047HLYtbBdTPn4BXNEG-MRk2kjec83UQnplTWjVGlP8HKW8sv89ivEu0eTmDcXFpj9c-MJ-uXfqUAeGx8XGwqnjgfCUcflzz4UXekSWlfF8CvBIujFDY72Kpkw74Q_-hPB7gSJCCb0-fEZgbWxz2NRxXkoxjxh5ZOXNJkUBtKPrsiKsfnpHHugvO3N4BM622GVvYxKyI_V2QlQLwPYN5DLDnSvZbYSZN0JWW3mLFMDp0PLnNnVMo53qW1wElDjtJBEljGMGGi7C1NviUiiI2OTDS-lvR-qdPKQm7loRCbSVzklZAGwfFXNkvmyIad5D-sZnjRo3ZryS6NNPAbz8SrE7XmurliDGZbYbmsKGuSp6oFda29Z1f2Nzz5fRBQYtZaBEyC1lU1JFEU_VzIWUvce3RZUYHZVn9n5JBmwSZYDJHSh4a-qZCs%26sai%3DAMfl-YTJOkX0xhOrFzWLZt-3biJqGPRFAgmvoU8kC5Ot3b7X_7pEu-0pdZjPBs4PYonbdaPEiuuNz3L9astFHWNnLhvYw85pQuZ_2pQiFgqMxuOaEIy8Co1CFK4yTfzE4QfceaUiERz9F6UTcOm7z7jJa9vpERLM4r-hLsoie049WmHsSeo6hgw8iu2f6TaeRabMtacz_X2D8_8yUKCyjDh_ogmgWm4W4HzI6gknqs-Vvpu6zaa5NRFaoWph1kcq6ufqozfIr-sI7lLMMhW8OAn2JKfvHmGJWrM%26sig%3DCg0ArKJSzHTYlPTTBZ2yEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&externalAdServer=DCM&tagVersion=html-standard-7&eas.JWVjaWQh=178499258&externalCreativeId=178499258&externalPlacementId=344701385&externalSiteId=5081253&externalLineItemId=538551370&externalCampaignId=28397668&externalCreativeSize=728x90&externalUserId=0&externalDestinationUrl=https%3A%2F%2Fwww.adidas.no%2Fperformance%3Fcm_mmc%3DAdiDisplay_DV360-_-CrossCategory-_-OE-_-Banner-_-Banner-_-dv%3AeCOM-_-cn%3AAlwaysOn_MidFunnel-_-pc%3ACrossCategory%26cm_mmc1%3DNO%26cm_mmc2%3Dadidas-EMEA-eCOM-Display-CrossCategory-Prospecting-NO-AlwaysOn-2201-00052-NA-Programmatic-MidFunnel%26dclid%3D%25edclid!&scriptId=celtra-script-1&clientTimestamp=1665991177.093&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=09263681744822305
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.58.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-58-88.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
e565ad49aa2949fa65c14fda459c98b01cd06a710caba259a67dfe57e1e0bc0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:19:37 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
ETag
W/"5d-Y4aquLDBppt8h8a6oudEH5wKDH0"
X-Powered-By
Express
Content-Length
93
Content-Type
text/javascript; charset=utf-8
truncated
/ Frame 8F4F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1fb6c3341f686c442a6641a06c802d703d63cdd27622c766ca0042f85df67212

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
postback
s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/ Frame 2978 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/postback?ci=697322&dt=6973221530105335325000&c5=&_page=https%3A%2F%2Fwegotthiscovered.com%2F&r1=178.255.148.172&pp=wegotthiscovered.com&pc=108034&di=wegotthiscovered.com&gt=NO&c1=chrome&c2=desktop&si=29569&sid=AZPnnyMGEeY6jt_3&oz_sc=af68997ad0670b45c40479d7&oz_df=1665991177500&oz_l=1143&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.72.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Oct 2022 07:19:36 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
bridge3.539.0_en.html
imasdk.googleapis.com/js/core/ Frame 8466 		687 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.539.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
sffe /
Resource Hash
56b3b5056e215c527846e60d3c1244f74b9ad5435f41bda47d354e027f29df49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
210240
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226562
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 20:55:37 GMT
expires
Sat, 14 Oct 2023 20:55:37 GMT
last-modified
Tue, 11 Oct 2022 21:54:17 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 2978 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Oct 2022 07:19:38 GMT
integrator.js
adservice.google.com/adsid/ Frame 2978 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wegotthiscovered.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
w4qma5wstXLbfLN5oI7shCu-oFOJn6s_edd673-SvSMGERuK2ea5lGh3UYXithwPogzsnZ8mvIYxaZeFhvJ3GKwvG4vZCB8n1M-ZGxTCzFrFnGaM76121yS9XCmHFuQMNaGxS0Jlcppa4xyIxIW5ZADiIBCoWRqS5swq9uwutq6M0Z63a-Puf-GTg9ng-wyS3BWZR...
ads.celtra.com/continue/ Frame 8F4F 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.celtra.com/continue/w4qma5wstXLbfLN5oI7shCu-oFOJn6s_edd673-SvSMGERuK2ea5lGh3UYXithwPogzsnZ8mvIYxaZeFhvJ3GKwvG4vZCB8n1M-ZGxTCzFrFnGaM76121yS9XCmHFuQMNaGxS0Jlcppa4xyIxIW5ZADiIBCoWRqS5swq9uwutq6M0Z63a-Puf-GTg9ng-wyS3BWZRcNTRsHwNS3TEUc6e1sLjkLVYd3usoVR9ISwJ8h1FiueF37zGEevCBihr9iWdSmYX2iVRxToJOtG-8pMmgkxbmFiSyX1cO4-1Hs51POMw0ZIT4zpIdSb-D9FbhHTohVBuYCG4NfhV4tou3aa5s93YptB2MO77JRrGro8zfwrg9-NZK09G8ZWPyCp5_siP34I4EwtncrgDrL9GmMPKa9CdYM3nZSf8wstfNeQbSOzX1G1zyphoqiysXwQzBrNtwY_9pC42W7_3RNC5W_g4aSDIHfNzaAuVbhtiSsdfLUV-DIBaNiSlxwAMVPsHA3Sma7uDVhl__OOFZ6wFjW09xzotOLlDmRpqGZMOQwS-sa_vSpYfJMJLykzJkIk8NdboBhfDAbWnBeRjY40SORj-zC3KeoPOi5xicU_WqNaV5CAHVEkJ1BD60y0VTpV7t5b4AHiEQFwoMxK061S9ycHQIji66DuMYqO7xT3PLWtS3pXAKobR2cTIJMRw5u1sKbQv2iuFkbLWIxBKf2h-L_j9f8yjHwA_nrNk6gW4jIO22Pri4vFF3wA514GLcch1v9-CwqbkEb2kRnjlqoDvmWbjggUrCeR7vAKi4L31Xib45CZIB4mOrzKuvijwIaz6XAW_wV2WZp7nJrntKCcJq-GeIhYDDR-x1M1KQ1dntxyxQ9e1RfjgnbrbI8pV9wOb2orjLzyvPLo-dqAxbrKv3TyqvpwdeC3eySUgaafMGoq9MmzJJWvfW-lXgpXvUKBWwEtjZsfPg2WCO4kmiact8hgA0QnwQdNBf9lV2QIWwpIFH4Oc7ZdL09NHn4_z1DWueF7uMoDBfVF-3TI9B8bhucgoBKrSECa7Wk4RRKAi9plC6VxLmjId0kSuJkk8fD6GQbefuiTvg5JYqFExr8bW87Hv-R4eZMguqy2imv9iS2Jvkv5lin44OmSrm0PZxabYRPBUIqUP5c0HFHnzUKTmyNNpgecQllmG3c-JAadnk2MrpKpyRLhjdg5ie6_zbqbMnEfrIn3sHXkN7bSdyfgMitgBtbVQP0vs3mSTgfdiV7CRkc4n9WEkTlQb-Q79IqSGqB1Bcdo8U5xG0UYN1_xYN740Tdeo3zdX7ntNANchpJae-2wtLZOnuneZo6G7QZjDgoZBAFE-mCA1z5q6Hi6NZgCS-7FF7jjWJK_O3H7UzRHR2iZcSRiSuCGFxAfE2FPGYpkRrQhQYtg3zN3ibODS4K6gWFnelGZLzO0qmYVtUqY0dC8gk8Usu5LOMHfCtkVBs2sJjP7-DqfROzcLOIVD5bFSLazTwBXicm581leLwQhzy2E0G47q5eT_9-WXmj1IsWhm8yi7-PSjhw3CXnwwTKDdaXHr4m1S9VWzyZVZAM7D6ykk-P1nJNN7zQSiwCsLulvGhkaywW26EbewPZyKb3l9-Ov4RogMqlktnc-EP4V3uAxQPWmxAJDPLzy1MITbvCBv0hNvIY1-UYSst_y-ew3QM6_l3JQ70sXo8tgHFzW3_w62fyWTYYacDHo5keLqAfFejcoRcy_CSJx2whY73UjTo-JVBxAUfcsNw-D5EsesQWDEn3LxqTaKRQGTBJ2H-t6OUMp2ml6uuNLJCS0X1ovTkDM_FleKii24Av4IidH8YbYV3tDordsn_jeH2Ex3gLIIyMm1z9vLQWpWP9gXZJ7_KY-_LxH7oKGw8ymGvViWuJSO9sH0wSn_MLEpHcuOOPxI_BO_Y39ykrgXHj55VlSjIkSK1l-qvJodvd1m2da1T8zhfG0l_ejMssBrl3TV9q4sRMBqV5S9BC0mGFlDdtXd1pCi57QRAo1fjr4C-r_0PMWB9butjYxdrudQgf5xdBCf9EIIlLiWe8rOwRSH3FDGNRKO8-Bx6VtObzuDN7ksa3t0_HUKd2bSys7j1KQNh-8Z-oyYU_blGzLGBdTZywIGK30nDhUkR1VwaJvKxVhzfJnB269PTj47KLfer1lMCDHwaqwhV7vikYlQUaQUG68OzQ1SEu7NaIJL3qi6lIpNy4ZvQFb2MtQ3iG4BJmSEUd-GS4Vk1BCKr9SWwVvrIF78-8VewqGVifQTviVkTJL7CTMkvF1m1rhPkPXyNKpVWXXL2YaroZ1Rxs29vuPdk23m1V5oUCTcXR-Uhsi27ZoPirxDFwHOiD5v-qAJaJOJBeI01gz2zFDHw1c7c_XmAKVLab_WiRvIRmRERnBs1Z4-aOeiyPp5wVJtvK9H1safSsYuDfWQqVDD_-NMPlzyPRYBJfHP0k1ztm4jzFBnBsAv3gM5VUG94eYcWFTSf4e0Mc7XkOPnF7O8f76J48YYQu035luRjBvHCrBIFKJOtqkBSXUh_-iEF1Ksomg_sOS2Jb1bVNDUdG6qfsBgxM3HUBXDoeFXdeEIroHnkogSaTVAWZuGlgQs_LbBDtVa43XJjfXsKnq31O8HIoi81gEOebJ81l0qrZ4ZEiDw6FgE8jN7CLXkw4HiPUusz66lGSceqFV2Up56GD06QcY6d1d26F_RcroOf3NK0QwjS70YXQfNiWDOnkgJGWJMjACIzTVCo5cn37h-SbZJnTzYM6gvqV24uxGtkvJ6YZ7sm2kGRAQRlVAyEkH7if46RMnnsAun3bw8g1H7m2L5xOpLk8UcPdCyvDS_4HSm5qB3zs5yCzKr2QWVkfuJD-9IQiYZTp_KBVESWxfa0VCz9OU1CCMuMcZV-3XttBNljhGrC1Ziurq-z5etRwkBCAly_lceSZQ0dKRok3XEV1psWTaiyX_BxQvj1S0VSQ_U6R6-0NLFj8NqRqjT-Zzajod6KK5x5D3IWu9j9pk5Kw6yVINwCn4eyVwW-YATLDGTGOL595zg3dPcI7d3gwQ54lFkPpq-b2DEtBMJLR04FPYQi4_uSVENuqPXNNWnyBsYO-K5R5wh4m0iPCBzKsy5E3rn0r9XSBeSfVC9edW1eh1jmMMmagJVRBlYa9tTLTIKusqXQM6_XUqnleVCt9lpEMK2ke8LwPq0awHeuUPeLB5xW9mveYW4VDP31dztbNPsLJSvo6Dp8v_NQab0xq5VMp-W09plhXj0MayzWPKq5gGB1UXpR9-WAeAhLOyG51y8McCWFfBaTy66uX0BgFQ48tsRInZ8c24THJ6KXw8lPInVsyoZV3xInCRyoPlRoj2fw5M8id6xPSZ4bdnhzB634DENbUVY41HbDEqOtdKuG63Beb8x67ee5EnGCVfDkgmONpCZXzokRzRO_sR3A7TUlAzBDYD50-eNUbBPgIdt-PU_W9l5ooQiN_IbCBcVwW3AS2rT8qh7_aLrP67M-dhvAZ7KVZULov6whLYHPYYU2yjBLFxyNkBgsgKdS3kvnL4GeZ49jf63ixWlEkBQD-hnQlv3n72CaQbXMvTCUI52Elc1gF655jvwzsIWAylW3GIeAbNtna9Taw31gImyKDAvM9F4GR5pDFhfbBB4Efd7COEgaFhP-FJ4yQlYmTqh-OrnYYSq1PcddtEEwbIPfviQTUMrK1R1iIrJojvz4Kfn8wGxoPdFE5eL5owDFwcnO2PuxgHEkbspDtIGTqqedKvzoEPTI_-8speEvMIOPXCOt4aFEF4EhRS5xg5U9-KbyEp0gntpnUi6BOnDjHjPjWH3HBGDxn03gA0qqIOzMntnDQoI797gu0HYmm8RhbmUajkrvD4Xhwk82MM_UL5fhafB4MKZ6iXKk-j2GZ1E7uBpm1o-WTvj48AqH5MVjvxhOnx6venhpNHhiqGHCB4fhOjqiQCsROA9mupvXyZ-U7WwUendsIYIbdoJpX1R0h4QfNQ2zGc59EprO1tn3QAwL6zkXe8lV6LoMpoelysTu5vqUmIBVjIipAkJXHrKV0ZUN5IDZbAHttDUDdQsWr2gISnM7l8S4GyBCLAFQUd1UosO0VOz1g_9J3sa2TqwpR50MgPvs54cfDjNLM1pOOda7_ZbCR7KcDfMFQVCqXU-i_tL1uFD-f8L9gBBEnDaxxrwc0xs6-91F2lebeV5wOewNJvSG7LtdLc8lsMvH8p01OdfSeskTW_-ZO5lVhIFkGw19TxmNNHhQ0_Oz2BuIZVJy4VJ4ulJJ7tuYvlvtRXdIvC7E50zhkb8WZlO0ujvpC2Q-Kxim17hG1xpfnpVYGnBIbxK6OUfNqkRgWrUXp3nCigceumVR5h6nJRjObG_Hqu85PH6s_L5vRkQoHD0uIjzHUq9Vbr4ya9WC92CyXJQ30Nini0U3_39CCn2fuOMS3HTc8rW4zK5N2IEHvsGGUTCnRM36QZBFO9s34qAY4DGTT6FDddq5RrMK38AJm58vj8XARsFRJkgKQ5DRK2raHtx9IYjCUXpjp_zC59Cl8GEfgfvENhRstrOtDiHYEKO6hmeoX9V5fVXlDiCueofqoAbgwqMDxzYuxeAutkAAMEmo03pynUqk5VzaT5ZvU6Hq2k4rN3sruIaiNQlXdK3yNSIoRyq8MuxRObGvUb1pJjiNzK24kRUKcBmdeUl_EBurHwRrdcz4dYxbUITP1Ys6jx_zmStOxZO6UCPp5Ro9hfKxxz4uocuQf69JY_CuvzbO8j89Cv3-cqaoXsxinVVPBlFyu8k3a1K123-ESWLO8c6i_nOELDyPHTmsizTfER55DpPdyYKLm3y__6g31bAm3uqb6j-PWFLi4R0710Ld7w8IWEhtGFSd7AZd65K9jgEwuJ8Pq7R65Dv_Q-AH7x-WIRQja94CJHMpzY7ZPFaf1MYShHzTmBCOwfqkJe60qYwH4c25DwRLZxGMHfsZdsOsXPHPCZ0Jw8PzYptWLH8u06OLjdtFPfHsEo21mgVzkq6xo0tunCASNfki1bqxmSYjo6eL4wwYgrg6G-U7NXiDx7eobx-AIiv3DJ_rTBMIp7GhiprDRIhfFhulcE2m35e_Pjn74PltNTIkThmrDof0wsFjwFE2LMBU-mTqMjXarqBrYuSjc5T5j1CR8ILLkrffjZWUjljvoyKum4aNM61RpnNv0w8kLGEPm5DuJ8XOXH6gT1N5khBcDp3Jo3XX02-s4eXzmf9R7i7oXy25WyxSm9H9sNLwgMnOjQ-Mk-qkkw_ZfOqqwYh0zwx39LDX1086ezeKBQ7A0apdKpnesaMCUkT2WxSsCI0L5WUKwR9drKMGyKxK3ZHlfYWaMPnhxQM70Yeu_7RvdTotxt4K7UO3EVmyTdcc7jC5mrtolt-3iBDrRtMgPs1B-tqoVnYj6pIj_aoMZaIsE?signature=c8re56S7EhpHipSk1RUxtQ&clientParams=eyJpZGVudGl0eVRyYWNraW5nIjp7InN0YXR1cyI6InN1Y2Nlc3MiLCJ0aW1lIjoyNTAsImRhdGEiOnsiaWQiOm51bGx9fX0%3D
Requested by
Host: ads.celtra.com
URL: https://ads.celtra.com/e92f74ee/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsunbaqstOtkeHd1lxrldgLoSwx6DbZrkInDgjK7pJ6EYCK2y3e22JWeGn3lalhn0Ks2tIwgQLDFBM2kUr24TbL4-g09zy7WriKMOCt34Og4g0Os-TUkD22fJo0l223rUMUwl5TmixrKHxGggYN4RtJQM95HoqNFDAx20PWbnd_RCzzHtKOTeEntQ_ozcUyfaFPz116jiZ1wU6b2bYzqynHBcLItOiAJRAYcQoohifTcjXE_ueeJ4khtfNFzgkyW8dr2TqKLlrC5tE2xZaSOpdQdS5T8-vmBLOSu0G_NWNyeawKgGmEwQi_4lG8e5RYh33uSYF5SA8BUIS1oCghe1M0PKxBElwLXR0-nzzFQDxsSM0g_6g9UXmUM1ZOTy15sbBOvy6ZvfUCVor-7Aq6idXABMZNl_868MOUaUh9pTd02iDqYARt1xaixTZzSSPc_fY0L5K0cp2hg7ATarxCS1bcZWA1_o-CW1Bvb59HUIDsmXtW7xhUsUFIU_R1HtOFVXyCf_V1CxOms8e6OTzbV-h47iYxUFn7-K8egTpd73UbgUu5kjQbcbPdQAiU5rg_AnJsRSGJgiDoBnalsIK2nPXfyVZE3r2wtmUX14y-Mj0jKQnOQA8ydgr94nNUwfXRZ1XkIl3M84qbxT7gOJKLfb1wylioSP4JAQpQAU_TKAqChWmAfQX45dJwiV9ofoV0OaHragWn0eeEB58NfhOtZrXts4mcFP0oXdzUjpx2gmXMwGb42yKzwXtrSGh7PYNB9CYBJKBQGW2oapZMaaD3-n-g-krLdrkXcbtZ7YwzDSTgXwFSAzcYriWPoOMuW-km895H6nDlHyNenIEBXfXdMGgX7uSCW_1yUKLgksV047HLYtbBdTPn4BXNEG-MRk2kjec83UQnplTWjVGlP8HKW8sv89ivEu0eTmDcXFpj9c-MJ-uXfqUAeGx8XGwqnjgfCUcflzz4UXekSWlfF8CvBIujFDY72Kpkw74Q_-hPB7gSJCCb0-fEZgbWxz2NRxXkoxjxh5ZOXNJkUBtKPrsiKsfnpHHugvO3N4BM622GVvYxKyI_V2QlQLwPYN5DLDnSvZbYSZN0JWW3mLFMDp0PLnNnVMo53qW1wElDjtJBEljGMGGi7C1NviUiiI2OTDS-lvR-qdPKQm7loRCbSVzklZAGwfFXNkvmyIad5D-sZnjRo3ZryS6NNPAbz8SrE7XmurliDGZbYbmsKGuSp6oFda29Z1f2Nzz5fRBQYtZaBEyC1lU1JFEU_VzIWUvce3RZUYHZVn9n5JBmwSZYDJHSh4a-qZCs%26sai%3DAMfl-YTJOkX0xhOrFzWLZt-3biJqGPRFAgmvoU8kC5Ot3b7X_7pEu-0pdZjPBs4PYonbdaPEiuuNz3L9astFHWNnLhvYw85pQuZ_2pQiFgqMxuOaEIy8Co1CFK4yTfzE4QfceaUiERz9F6UTcOm7z7jJa9vpERLM4r-hLsoie049WmHsSeo6hgw8iu2f6TaeRabMtacz_X2D8_8yUKCyjDh_ogmgWm4W4HzI6gknqs-Vvpu6zaa5NRFaoWph1kcq6ufqozfIr-sI7lLMMhW8OAn2JKfvHmGJWrM%26sig%3DCg0ArKJSzHTYlPTTBZ2yEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&externalAdServer=DCM&tagVersion=html-standard-7&eas.JWVjaWQh=178499258&externalCreativeId=178499258&externalPlacementId=344701385&externalSiteId=5081253&externalLineItemId=538551370&externalCampaignId=28397668&externalCreativeSize=728x90&externalUserId=0&externalDestinationUrl=https%3A%2F%2Fwww.adidas.no%2Fperformance%3Fcm_mmc%3DAdiDisplay_DV360-_-CrossCategory-_-OE-_-Banner-_-Banner-_-dv%3AeCOM-_-cn%3AAlwaysOn_MidFunnel-_-pc%3ACrossCategory%26cm_mmc1%3DNO%26cm_mmc2%3Dadidas-EMEA-eCOM-Display-CrossCategory-Prospecting-NO-AlwaysOn-2201-00052-NA-Programmatic-MidFunnel%26dclid%3D%25edclid!&scriptId=celtra-script-1&clientTimestamp=1665991177.093&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=09263681744822305
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.220.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-220-111.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
73ce6113dc6c63d07409b2fe76cba0e2c72cbc361f909c4bae223b7258af5ec0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:36 GMT
content-encoding
gzip
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
6684
Expires
0
OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
pagead2.googlesyndication.com/bg/ Frame 63DD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 20:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16062
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 16 Oct 2023 20:42:56 GMT
postback
s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/ Frame 2978 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/postback?ci=697322&dt=6973221530105335325000&c5=&_page=https%3A%2F%2Fwegotthiscovered.com%2F&r1=178.255.148.172&pp=wegotthiscovered.com&pc=108034&di=wegotthiscovered.com&gt=NO&c1=chrome&c2=desktop&si=29569&sid=AZPnnyMGEeY6jt_3&oz_sc=af68997ad0670b45c40479d7&oz_df=1665991177657&oz_l=257&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.72.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Oct 2022 07:19:37 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ Frame 8629 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: delivered-by-madington.com
URL: https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.html?messId=fD0FOGBOPFObsPt3Z9Z0&lang=no&size=300x250&clickTag=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTIH7BwJNY56zHcrA7gPqnZLIDbb23sVsvbuFhaoO7Y78wgMQASDY6rYgYMOEgICYGKAB3cLr_wLIAQmpAkrH2hoSI3k-qAMBqgSHAk_QqnT75hNWw32wje_KVvkBu06HCTJd3_gtdxKhbmhOZDhx3nhZVBTQeE8pdq-yxLL2ioFOP6zT1bMzh1TjHV6zHLAOaTakS0h2UJuXYaKPl9MfcGTAaLN5gIIOWfpBeiGPhj5vBdkAH-XdkhtrbZV0olEaudvfFwDDszvrwl4iBsenI-72w-z3YnYlknZOixYq1MWthw6KHL7V4zVelxFGlGgNjwA7Tqh7sVEm_ePR3IC-eSGnX-AHzscJMzX7nKMzjR1bRKuczEvCGfEma42OyJcKoUuNAg-txNF6H1ParPdCTpEL1DuXfY3bW7khlOyG_8PA_ZmgQ1pwxa6uzf-4leBfv-opwATf6oLvyQPgBAOQBgGgBk2AB4u9lIABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiIYRABGB0yA4qCAToCgEDyCBthZHgtc3Vic3luLTU1MzU1MjE3NzY4ODY3MjmACgOYCwHICwGADAGwE8T6yRDIE9jFgt0D0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg%26sig%3DAOD64_2XSJwAX_q58DYVUA-pum2iWDf4HA%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-CK5f-LzEnzcdeBI49-HJgXLb4IrJnqQmYPHHL541ql1kYGfcrxnSZy7XrpUB89qFen7s2TIeQfVqswc4UArUVWfSTxr7wNa6To6yMQreZ4kN8Kj75gpG4QfJecvbhbSh31gKdB0GlXH3oHUiIr6Gh2KkuOx6D4IvPanrOtD3V5sdR8aCY%26cry%3D1%26dbm_d%3DAKAmf-AwEP0GMDg5jTfg2_xEp5zYaHW_reMdbUuUtrLD4oGQTjHeVS66ykpgjKrTWOmltxcB71wmdQ0NH3t-1TWl5a7_Ji8lCVKUKxd3G7yhDQAm4kGWw0xx5ZN2QL2Jxp_wSAzUQ-OnoOC783ZaP5SG5PgDZ8tsvuqMPtChMuqutDFRjc7aRUPd72SltNetxlmRPP27xtc7vi-AX8zAI2ZNS68tNaGwfyC_ZyOc1w7sWhfhHg5tOpl8Dm9ycIapBOAtOhOyhq-Co67e3Xo8B3xLcXIhvW0MY-hrNbGUcMrASKtjfVT8eLjQ5hEhrJJskKH2J-v2ZzTM1lDjQD5tTqB2UFrOjwfDEx64v42Ik5SJgjBsGGfiUiCwvPW7Ou8fZfp6jdKSesQNP2TZEK5zc9TXpNtpGB2cC7lx0RJYGxAaXMS6764nv6c7jjNseXX6FXhrJQsow0JeGThY4_zzNsv60aO7QgAFIEaMQ7oeA_2YEjqJl4ARdi4ZO6EoSSr29xd0NWEC6ISZucIMD6W-IauS0pZi3ZS1MwMCyhjIta0Vz4bY0dB3P2U%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://delivered-by-madington.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:14:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
277504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Oct 2023 02:14:34 GMT
ad.css
delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ Frame 8629 		49 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.css
Requested by
Host: delivered-by-madington.com
URL: https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.html?messId=fD0FOGBOPFObsPt3Z9Z0&lang=no&size=300x250&clickTag=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTIH7BwJNY56zHcrA7gPqnZLIDbb23sVsvbuFhaoO7Y78wgMQASDY6rYgYMOEgICYGKAB3cLr_wLIAQmpAkrH2hoSI3k-qAMBqgSHAk_QqnT75hNWw32wje_KVvkBu06HCTJd3_gtdxKhbmhOZDhx3nhZVBTQeE8pdq-yxLL2ioFOP6zT1bMzh1TjHV6zHLAOaTakS0h2UJuXYaKPl9MfcGTAaLN5gIIOWfpBeiGPhj5vBdkAH-XdkhtrbZV0olEaudvfFwDDszvrwl4iBsenI-72w-z3YnYlknZOixYq1MWthw6KHL7V4zVelxFGlGgNjwA7Tqh7sVEm_ePR3IC-eSGnX-AHzscJMzX7nKMzjR1bRKuczEvCGfEma42OyJcKoUuNAg-txNF6H1ParPdCTpEL1DuXfY3bW7khlOyG_8PA_ZmgQ1pwxa6uzf-4leBfv-opwATf6oLvyQPgBAOQBgGgBk2AB4u9lIABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiIYRABGB0yA4qCAToCgEDyCBthZHgtc3Vic3luLTU1MzU1MjE3NzY4ODY3MjmACgOYCwHICwGADAGwE8T6yRDIE9jFgt0D0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg%26sig%3DAOD64_2XSJwAX_q58DYVUA-pum2iWDf4HA%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-CK5f-LzEnzcdeBI49-HJgXLb4IrJnqQmYPHHL541ql1kYGfcrxnSZy7XrpUB89qFen7s2TIeQfVqswc4UArUVWfSTxr7wNa6To6yMQreZ4kN8Kj75gpG4QfJecvbhbSh31gKdB0GlXH3oHUiIr6Gh2KkuOx6D4IvPanrOtD3V5sdR8aCY%26cry%3D1%26dbm_d%3DAKAmf-AwEP0GMDg5jTfg2_xEp5zYaHW_reMdbUuUtrLD4oGQTjHeVS66ykpgjKrTWOmltxcB71wmdQ0NH3t-1TWl5a7_Ji8lCVKUKxd3G7yhDQAm4kGWw0xx5ZN2QL2Jxp_wSAzUQ-OnoOC783ZaP5SG5PgDZ8tsvuqMPtChMuqutDFRjc7aRUPd72SltNetxlmRPP27xtc7vi-AX8zAI2ZNS68tNaGwfyC_ZyOc1w7sWhfhHg5tOpl8Dm9ycIapBOAtOhOyhq-Co67e3Xo8B3xLcXIhvW0MY-hrNbGUcMrASKtjfVT8eLjQ5hEhrJJskKH2J-v2ZzTM1lDjQD5tTqB2UFrOjwfDEx64v42Ik5SJgjBsGGfiUiCwvPW7Ou8fZfp6jdKSesQNP2TZEK5zc9TXpNtpGB2cC7lx0RJYGxAaXMS6764nv6c7jjNseXX6FXhrJQsow0JeGThY4_zzNsv60aO7QgAFIEaMQ7oeA_2YEjqJl4ARdi4ZO6EoSSr29xd0NWEC6ISZucIMD6W-IauS0pZi3ZS1MwMCyhjIta0Vz4bY0dB3P2U%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-13.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6050db252282cef68bc73a4c638ba4faa5cc660ed118d5d9d63313e73990c5f1

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.html?messId=fD0FOGBOPFObsPt3Z9Z0&lang=no&size=300x250&clickTag=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTIH7BwJNY56zHcrA7gPqnZLIDbb23sVsvbuFhaoO7Y78wgMQASDY6rYgYMOEgICYGKAB3cLr_wLIAQmpAkrH2hoSI3k-qAMBqgSHAk_QqnT75hNWw32wje_KVvkBu06HCTJd3_gtdxKhbmhOZDhx3nhZVBTQeE8pdq-yxLL2ioFOP6zT1bMzh1TjHV6zHLAOaTakS0h2UJuXYaKPl9MfcGTAaLN5gIIOWfpBeiGPhj5vBdkAH-XdkhtrbZV0olEaudvfFwDDszvrwl4iBsenI-72w-z3YnYlknZOixYq1MWthw6KHL7V4zVelxFGlGgNjwA7Tqh7sVEm_ePR3IC-eSGnX-AHzscJMzX7nKMzjR1bRKuczEvCGfEma42OyJcKoUuNAg-txNF6H1ParPdCTpEL1DuXfY3bW7khlOyG_8PA_ZmgQ1pwxa6uzf-4leBfv-opwATf6oLvyQPgBAOQBgGgBk2AB4u9lIABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiIYRABGB0yA4qCAToCgEDyCBthZHgtc3Vic3luLTU1MzU1MjE3NzY4ODY3MjmACgOYCwHICwGADAGwE8T6yRDIE9jFgt0D0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg%26sig%3DAOD64_2XSJwAX_q58DYVUA-pum2iWDf4HA%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-CK5f-LzEnzcdeBI49-HJgXLb4IrJnqQmYPHHL541ql1kYGfcrxnSZy7XrpUB89qFen7s2TIeQfVqswc4UArUVWfSTxr7wNa6To6yMQreZ4kN8Kj75gpG4QfJecvbhbSh31gKdB0GlXH3oHUiIr6Gh2KkuOx6D4IvPanrOtD3V5sdR8aCY%26cry%3D1%26dbm_d%3DAKAmf-AwEP0GMDg5jTfg2_xEp5zYaHW_reMdbUuUtrLD4oGQTjHeVS66ykpgjKrTWOmltxcB71wmdQ0NH3t-1TWl5a7_Ji8lCVKUKxd3G7yhDQAm4kGWw0xx5ZN2QL2Jxp_wSAzUQ-OnoOC783ZaP5SG5PgDZ8tsvuqMPtChMuqutDFRjc7aRUPd72SltNetxlmRPP27xtc7vi-AX8zAI2ZNS68tNaGwfyC_ZyOc1w7sWhfhHg5tOpl8Dm9ycIapBOAtOhOyhq-Co67e3Xo8B3xLcXIhvW0MY-hrNbGUcMrASKtjfVT8eLjQ5hEhrJJskKH2J-v2ZzTM1lDjQD5tTqB2UFrOjwfDEx64v42Ik5SJgjBsGGfiUiCwvPW7Ou8fZfp6jdKSesQNP2TZEK5zc9TXpNtpGB2cC7lx0RJYGxAaXMS6764nv6c7jjNseXX6FXhrJQsow0JeGThY4_zzNsv60aO7QgAFIEaMQ7oeA_2YEjqJl4ARdi4ZO6EoSSr29xd0NWEC6ISZucIMD6W-IauS0pZi3ZS1MwMCyhjIta0Vz4bY0dB3P2U%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
date
Mon, 17 Oct 2022 05:15:55 GMT
last-modified
Thu, 08 Jul 2021 08:02:48 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
7431
etag
W/"cb558a5824315a3010d728fc987b366c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
aIsBCCDgnYtwt74i9ngNV6Tu5vQIOH7xb49zVVGGpHFJumn9Y8yC6Q==
ad.js
delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ Frame 8629 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.js
Requested by
Host: delivered-by-madington.com
URL: https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.html?messId=fD0FOGBOPFObsPt3Z9Z0&lang=no&size=300x250&clickTag=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTIH7BwJNY56zHcrA7gPqnZLIDbb23sVsvbuFhaoO7Y78wgMQASDY6rYgYMOEgICYGKAB3cLr_wLIAQmpAkrH2hoSI3k-qAMBqgSHAk_QqnT75hNWw32wje_KVvkBu06HCTJd3_gtdxKhbmhOZDhx3nhZVBTQeE8pdq-yxLL2ioFOP6zT1bMzh1TjHV6zHLAOaTakS0h2UJuXYaKPl9MfcGTAaLN5gIIOWfpBeiGPhj5vBdkAH-XdkhtrbZV0olEaudvfFwDDszvrwl4iBsenI-72w-z3YnYlknZOixYq1MWthw6KHL7V4zVelxFGlGgNjwA7Tqh7sVEm_ePR3IC-eSGnX-AHzscJMzX7nKMzjR1bRKuczEvCGfEma42OyJcKoUuNAg-txNF6H1ParPdCTpEL1DuXfY3bW7khlOyG_8PA_ZmgQ1pwxa6uzf-4leBfv-opwATf6oLvyQPgBAOQBgGgBk2AB4u9lIABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiIYRABGB0yA4qCAToCgEDyCBthZHgtc3Vic3luLTU1MzU1MjE3NzY4ODY3MjmACgOYCwHICwGADAGwE8T6yRDIE9jFgt0D0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg%26sig%3DAOD64_2XSJwAX_q58DYVUA-pum2iWDf4HA%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-CK5f-LzEnzcdeBI49-HJgXLb4IrJnqQmYPHHL541ql1kYGfcrxnSZy7XrpUB89qFen7s2TIeQfVqswc4UArUVWfSTxr7wNa6To6yMQreZ4kN8Kj75gpG4QfJecvbhbSh31gKdB0GlXH3oHUiIr6Gh2KkuOx6D4IvPanrOtD3V5sdR8aCY%26cry%3D1%26dbm_d%3DAKAmf-AwEP0GMDg5jTfg2_xEp5zYaHW_reMdbUuUtrLD4oGQTjHeVS66ykpgjKrTWOmltxcB71wmdQ0NH3t-1TWl5a7_Ji8lCVKUKxd3G7yhDQAm4kGWw0xx5ZN2QL2Jxp_wSAzUQ-OnoOC783ZaP5SG5PgDZ8tsvuqMPtChMuqutDFRjc7aRUPd72SltNetxlmRPP27xtc7vi-AX8zAI2ZNS68tNaGwfyC_ZyOc1w7sWhfhHg5tOpl8Dm9ycIapBOAtOhOyhq-Co67e3Xo8B3xLcXIhvW0MY-hrNbGUcMrASKtjfVT8eLjQ5hEhrJJskKH2J-v2ZzTM1lDjQD5tTqB2UFrOjwfDEx64v42Ik5SJgjBsGGfiUiCwvPW7Ou8fZfp6jdKSesQNP2TZEK5zc9TXpNtpGB2cC7lx0RJYGxAaXMS6764nv6c7jjNseXX6FXhrJQsow0JeGThY4_zzNsv60aO7QgAFIEaMQ7oeA_2YEjqJl4ARdi4ZO6EoSSr29xd0NWEC6ISZucIMD6W-IauS0pZi3ZS1MwMCyhjIta0Vz4bY0dB3P2U%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-13.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94c01a67940bac40021f6878c0bed15e78395266e57c4bccbe637285f1469508

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.html?messId=fD0FOGBOPFObsPt3Z9Z0&lang=no&size=300x250&clickTag=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTIH7BwJNY56zHcrA7gPqnZLIDbb23sVsvbuFhaoO7Y78wgMQASDY6rYgYMOEgICYGKAB3cLr_wLIAQmpAkrH2hoSI3k-qAMBqgSHAk_QqnT75hNWw32wje_KVvkBu06HCTJd3_gtdxKhbmhOZDhx3nhZVBTQeE8pdq-yxLL2ioFOP6zT1bMzh1TjHV6zHLAOaTakS0h2UJuXYaKPl9MfcGTAaLN5gIIOWfpBeiGPhj5vBdkAH-XdkhtrbZV0olEaudvfFwDDszvrwl4iBsenI-72w-z3YnYlknZOixYq1MWthw6KHL7V4zVelxFGlGgNjwA7Tqh7sVEm_ePR3IC-eSGnX-AHzscJMzX7nKMzjR1bRKuczEvCGfEma42OyJcKoUuNAg-txNF6H1ParPdCTpEL1DuXfY3bW7khlOyG_8PA_ZmgQ1pwxa6uzf-4leBfv-opwATf6oLvyQPgBAOQBgGgBk2AB4u9lIABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiIYRABGB0yA4qCAToCgEDyCBthZHgtc3Vic3luLTU1MzU1MjE3NzY4ODY3MjmACgOYCwHICwGADAGwE8T6yRDIE9jFgt0D0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg%26sig%3DAOD64_2XSJwAX_q58DYVUA-pum2iWDf4HA%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-CK5f-LzEnzcdeBI49-HJgXLb4IrJnqQmYPHHL541ql1kYGfcrxnSZy7XrpUB89qFen7s2TIeQfVqswc4UArUVWfSTxr7wNa6To6yMQreZ4kN8Kj75gpG4QfJecvbhbSh31gKdB0GlXH3oHUiIr6Gh2KkuOx6D4IvPanrOtD3V5sdR8aCY%26cry%3D1%26dbm_d%3DAKAmf-AwEP0GMDg5jTfg2_xEp5zYaHW_reMdbUuUtrLD4oGQTjHeVS66ykpgjKrTWOmltxcB71wmdQ0NH3t-1TWl5a7_Ji8lCVKUKxd3G7yhDQAm4kGWw0xx5ZN2QL2Jxp_wSAzUQ-OnoOC783ZaP5SG5PgDZ8tsvuqMPtChMuqutDFRjc7aRUPd72SltNetxlmRPP27xtc7vi-AX8zAI2ZNS68tNaGwfyC_ZyOc1w7sWhfhHg5tOpl8Dm9ycIapBOAtOhOyhq-Co67e3Xo8B3xLcXIhvW0MY-hrNbGUcMrASKtjfVT8eLjQ5hEhrJJskKH2J-v2ZzTM1lDjQD5tTqB2UFrOjwfDEx64v42Ik5SJgjBsGGfiUiCwvPW7Ou8fZfp6jdKSesQNP2TZEK5zc9TXpNtpGB2cC7lx0RJYGxAaXMS6764nv6c7jjNseXX6FXhrJQsow0JeGThY4_zzNsv60aO7QgAFIEaMQ7oeA_2YEjqJl4ARdi4ZO6EoSSr29xd0NWEC6ISZucIMD6W-IauS0pZi3ZS1MwMCyhjIta0Vz4bY0dB3P2U%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
date
Sun, 16 Oct 2022 11:56:06 GMT
last-modified
Thu, 08 Jul 2021 08:02:49 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
69812
etag
W/"ac2f83b4874ea19fa81f46776d8b27e4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
4wA-wOf2Dv4LZkhwT9Yiu2Kq8NG1Ljj-SDKy9-S95JtmHKy4--qM7g==
web.js
cache-ssl.celtra.com/api/creatives/46827b60/compiled/ Frame 8F4F 		533 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache-ssl.celtra.com/api/creatives/46827b60/compiled/web.js?v=3-99d7afd5c5&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0&batch-trackers-enabled=1
Requested by
Host: ads.celtra.com
URL: https://ads.celtra.com/continue/w4qma5wstXLbfLN5oI7shCu-oFOJn6s_edd673-SvSMGERuK2ea5lGh3UYXithwPogzsnZ8mvIYxaZeFhvJ3GKwvG4vZCB8n1M-ZGxTCzFrFnGaM76121yS9XCmHFuQMNaGxS0Jlcppa4xyIxIW5ZADiIBCoWRqS5swq9uwutq6M0Z63a-Puf-GTg9ng-wyS3BWZRcNTRsHwNS3TEUc6e1sLjkLVYd3usoVR9ISwJ8h1FiueF37zGEevCBihr9iWdSmYX2iVRxToJOtG-8pMmgkxbmFiSyX1cO4-1Hs51POMw0ZIT4zpIdSb-D9FbhHTohVBuYCG4NfhV4tou3aa5s93YptB2MO77JRrGro8zfwrg9-NZK09G8ZWPyCp5_siP34I4EwtncrgDrL9GmMPKa9CdYM3nZSf8wstfNeQbSOzX1G1zyphoqiysXwQzBrNtwY_9pC42W7_3RNC5W_g4aSDIHfNzaAuVbhtiSsdfLUV-DIBaNiSlxwAMVPsHA3Sma7uDVhl__OOFZ6wFjW09xzotOLlDmRpqGZMOQwS-sa_vSpYfJMJLykzJkIk8NdboBhfDAbWnBeRjY40SORj-zC3KeoPOi5xicU_WqNaV5CAHVEkJ1BD60y0VTpV7t5b4AHiEQFwoMxK061S9ycHQIji66DuMYqO7xT3PLWtS3pXAKobR2cTIJMRw5u1sKbQv2iuFkbLWIxBKf2h-L_j9f8yjHwA_nrNk6gW4jIO22Pri4vFF3wA514GLcch1v9-CwqbkEb2kRnjlqoDvmWbjggUrCeR7vAKi4L31Xib45CZIB4mOrzKuvijwIaz6XAW_wV2WZp7nJrntKCcJq-GeIhYDDR-x1M1KQ1dntxyxQ9e1RfjgnbrbI8pV9wOb2orjLzyvPLo-dqAxbrKv3TyqvpwdeC3eySUgaafMGoq9MmzJJWvfW-lXgpXvUKBWwEtjZsfPg2WCO4kmiact8hgA0QnwQdNBf9lV2QIWwpIFH4Oc7ZdL09NHn4_z1DWueF7uMoDBfVF-3TI9B8bhucgoBKrSECa7Wk4RRKAi9plC6VxLmjId0kSuJkk8fD6GQbefuiTvg5JYqFExr8bW87Hv-R4eZMguqy2imv9iS2Jvkv5lin44OmSrm0PZxabYRPBUIqUP5c0HFHnzUKTmyNNpgecQllmG3c-JAadnk2MrpKpyRLhjdg5ie6_zbqbMnEfrIn3sHXkN7bSdyfgMitgBtbVQP0vs3mSTgfdiV7CRkc4n9WEkTlQb-Q79IqSGqB1Bcdo8U5xG0UYN1_xYN740Tdeo3zdX7ntNANchpJae-2wtLZOnuneZo6G7QZjDgoZBAFE-mCA1z5q6Hi6NZgCS-7FF7jjWJK_O3H7UzRHR2iZcSRiSuCGFxAfE2FPGYpkRrQhQYtg3zN3ibODS4K6gWFnelGZLzO0qmYVtUqY0dC8gk8Usu5LOMHfCtkVBs2sJjP7-DqfROzcLOIVD5bFSLazTwBXicm581leLwQhzy2E0G47q5eT_9-WXmj1IsWhm8yi7-PSjhw3CXnwwTKDdaXHr4m1S9VWzyZVZAM7D6ykk-P1nJNN7zQSiwCsLulvGhkaywW26EbewPZyKb3l9-Ov4RogMqlktnc-EP4V3uAxQPWmxAJDPLzy1MITbvCBv0hNvIY1-UYSst_y-ew3QM6_l3JQ70sXo8tgHFzW3_w62fyWTYYacDHo5keLqAfFejcoRcy_CSJx2whY73UjTo-JVBxAUfcsNw-D5EsesQWDEn3LxqTaKRQGTBJ2H-t6OUMp2ml6uuNLJCS0X1ovTkDM_FleKii24Av4IidH8YbYV3tDordsn_jeH2Ex3gLIIyMm1z9vLQWpWP9gXZJ7_KY-_LxH7oKGw8ymGvViWuJSO9sH0wSn_MLEpHcuOOPxI_BO_Y39ykrgXHj55VlSjIkSK1l-qvJodvd1m2da1T8zhfG0l_ejMssBrl3TV9q4sRMBqV5S9BC0mGFlDdtXd1pCi57QRAo1fjr4C-r_0PMWB9butjYxdrudQgf5xdBCf9EIIlLiWe8rOwRSH3FDGNRKO8-Bx6VtObzuDN7ksa3t0_HUKd2bSys7j1KQNh-8Z-oyYU_blGzLGBdTZywIGK30nDhUkR1VwaJvKxVhzfJnB269PTj47KLfer1lMCDHwaqwhV7vikYlQUaQUG68OzQ1SEu7NaIJL3qi6lIpNy4ZvQFb2MtQ3iG4BJmSEUd-GS4Vk1BCKr9SWwVvrIF78-8VewqGVifQTviVkTJL7CTMkvF1m1rhPkPXyNKpVWXXL2YaroZ1Rxs29vuPdk23m1V5oUCTcXR-Uhsi27ZoPirxDFwHOiD5v-qAJaJOJBeI01gz2zFDHw1c7c_XmAKVLab_WiRvIRmRERnBs1Z4-aOeiyPp5wVJtvK9H1safSsYuDfWQqVDD_-NMPlzyPRYBJfHP0k1ztm4jzFBnBsAv3gM5VUG94eYcWFTSf4e0Mc7XkOPnF7O8f76J48YYQu035luRjBvHCrBIFKJOtqkBSXUh_-iEF1Ksomg_sOS2Jb1bVNDUdG6qfsBgxM3HUBXDoeFXdeEIroHnkogSaTVAWZuGlgQs_LbBDtVa43XJjfXsKnq31O8HIoi81gEOebJ81l0qrZ4ZEiDw6FgE8jN7CLXkw4HiPUusz66lGSceqFV2Up56GD06QcY6d1d26F_RcroOf3NK0QwjS70YXQfNiWDOnkgJGWJMjACIzTVCo5cn37h-SbZJnTzYM6gvqV24uxGtkvJ6YZ7sm2kGRAQRlVAyEkH7if46RMnnsAun3bw8g1H7m2L5xOpLk8UcPdCyvDS_4HSm5qB3zs5yCzKr2QWVkfuJD-9IQiYZTp_KBVESWxfa0VCz9OU1CCMuMcZV-3XttBNljhGrC1Ziurq-z5etRwkBCAly_lceSZQ0dKRok3XEV1psWTaiyX_BxQvj1S0VSQ_U6R6-0NLFj8NqRqjT-Zzajod6KK5x5D3IWu9j9pk5Kw6yVINwCn4eyVwW-YATLDGTGOL595zg3dPcI7d3gwQ54lFkPpq-b2DEtBMJLR04FPYQi4_uSVENuqPXNNWnyBsYO-K5R5wh4m0iPCBzKsy5E3rn0r9XSBeSfVC9edW1eh1jmMMmagJVRBlYa9tTLTIKusqXQM6_XUqnleVCt9lpEMK2ke8LwPq0awHeuUPeLB5xW9mveYW4VDP31dztbNPsLJSvo6Dp8v_NQab0xq5VMp-W09plhXj0MayzWPKq5gGB1UXpR9-WAeAhLOyG51y8McCWFfBaTy66uX0BgFQ48tsRInZ8c24THJ6KXw8lPInVsyoZV3xInCRyoPlRoj2fw5M8id6xPSZ4bdnhzB634DENbUVY41HbDEqOtdKuG63Beb8x67ee5EnGCVfDkgmONpCZXzokRzRO_sR3A7TUlAzBDYD50-eNUbBPgIdt-PU_W9l5ooQiN_IbCBcVwW3AS2rT8qh7_aLrP67M-dhvAZ7KVZULov6whLYHPYYU2yjBLFxyNkBgsgKdS3kvnL4GeZ49jf63ixWlEkBQD-hnQlv3n72CaQbXMvTCUI52Elc1gF655jvwzsIWAylW3GIeAbNtna9Taw31gImyKDAvM9F4GR5pDFhfbBB4Efd7COEgaFhP-FJ4yQlYmTqh-OrnYYSq1PcddtEEwbIPfviQTUMrK1R1iIrJojvz4Kfn8wGxoPdFE5eL5owDFwcnO2PuxgHEkbspDtIGTqqedKvzoEPTI_-8speEvMIOPXCOt4aFEF4EhRS5xg5U9-KbyEp0gntpnUi6BOnDjHjPjWH3HBGDxn03gA0qqIOzMntnDQoI797gu0HYmm8RhbmUajkrvD4Xhwk82MM_UL5fhafB4MKZ6iXKk-j2GZ1E7uBpm1o-WTvj48AqH5MVjvxhOnx6venhpNHhiqGHCB4fhOjqiQCsROA9mupvXyZ-U7WwUendsIYIbdoJpX1R0h4QfNQ2zGc59EprO1tn3QAwL6zkXe8lV6LoMpoelysTu5vqUmIBVjIipAkJXHrKV0ZUN5IDZbAHttDUDdQsWr2gISnM7l8S4GyBCLAFQUd1UosO0VOz1g_9J3sa2TqwpR50MgPvs54cfDjNLM1pOOda7_ZbCR7KcDfMFQVCqXU-i_tL1uFD-f8L9gBBEnDaxxrwc0xs6-91F2lebeV5wOewNJvSG7LtdLc8lsMvH8p01OdfSeskTW_-ZO5lVhIFkGw19TxmNNHhQ0_Oz2BuIZVJy4VJ4ulJJ7tuYvlvtRXdIvC7E50zhkb8WZlO0ujvpC2Q-Kxim17hG1xpfnpVYGnBIbxK6OUfNqkRgWrUXp3nCigceumVR5h6nJRjObG_Hqu85PH6s_L5vRkQoHD0uIjzHUq9Vbr4ya9WC92CyXJQ30Nini0U3_39CCn2fuOMS3HTc8rW4zK5N2IEHvsGGUTCnRM36QZBFO9s34qAY4DGTT6FDddq5RrMK38AJm58vj8XARsFRJkgKQ5DRK2raHtx9IYjCUXpjp_zC59Cl8GEfgfvENhRstrOtDiHYEKO6hmeoX9V5fVXlDiCueofqoAbgwqMDxzYuxeAutkAAMEmo03pynUqk5VzaT5ZvU6Hq2k4rN3sruIaiNQlXdK3yNSIoRyq8MuxRObGvUb1pJjiNzK24kRUKcBmdeUl_EBurHwRrdcz4dYxbUITP1Ys6jx_zmStOxZO6UCPp5Ro9hfKxxz4uocuQf69JY_CuvzbO8j89Cv3-cqaoXsxinVVPBlFyu8k3a1K123-ESWLO8c6i_nOELDyPHTmsizTfER55DpPdyYKLm3y__6g31bAm3uqb6j-PWFLi4R0710Ld7w8IWEhtGFSd7AZd65K9jgEwuJ8Pq7R65Dv_Q-AH7x-WIRQja94CJHMpzY7ZPFaf1MYShHzTmBCOwfqkJe60qYwH4c25DwRLZxGMHfsZdsOsXPHPCZ0Jw8PzYptWLH8u06OLjdtFPfHsEo21mgVzkq6xo0tunCASNfki1bqxmSYjo6eL4wwYgrg6G-U7NXiDx7eobx-AIiv3DJ_rTBMIp7GhiprDRIhfFhulcE2m35e_Pjn74PltNTIkThmrDof0wsFjwFE2LMBU-mTqMjXarqBrYuSjc5T5j1CR8ILLkrffjZWUjljvoyKum4aNM61RpnNv0w8kLGEPm5DuJ8XOXH6gT1N5khBcDp3Jo3XX02-s4eXzmf9R7i7oXy25WyxSm9H9sNLwgMnOjQ-Mk-qkkw_ZfOqqwYh0zwx39LDX1086ezeKBQ7A0apdKpnesaMCUkT2WxSsCI0L5WUKwR9drKMGyKxK3ZHlfYWaMPnhxQM70Yeu_7RvdTotxt4K7UO3EVmyTdcc7jC5mrtolt-3iBDrRtMgPs1B-tqoVnYj6pIj_aoMZaIsE?signature=c8re56S7EhpHipSk1RUxtQ&clientParams=eyJpZGVudGl0eVRyYWNraW5nIjp7InN0YXR1cyI6InN1Y2Nlc3MiLCJ0aW1lIjoyNTAsImRhdGEiOnsiaWQiOm51bGx9fX0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-83.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
959d7910198a24212e9e346cd4e5d727064e962efa82bef4a0d4194a0fd91fa6

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:05:44 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.2), 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
339232
x-cache
Hit from cloudfront
content-length
132794
server
Apache
etag
"d8d67f64119fe0fb6feba7eae053c57d683a5328bd642e9f5028acdf469ad1a7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-varnish
3047426
accept-ranges
bytes
x-amz-cf-id
CJgB0RtrX10jFKqT9xddpdTAa3qzIr43QQ3znjdfvq2VYwNThagfFg==
truncated
/ Frame 8F4F 		167 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
3b5ef600-4685-429d-a0f7-fb2965e3086a
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/ Frame 8F4F 		167 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/3b5ef600-4685-429d-a0f7-fb2965e3086a
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
167
Content-Type
image/png
OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
pagead2.googlesyndication.com/bg/ Frame E0AB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 20:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16062
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 16 Oct 2023 20:42:56 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FCE1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=111602
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 17 Oct 2022 07:19:37 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 18 Oct 2022 14:19:39 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
liveView.php
live.primis.tech/live/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTY2NTx5MTE3NSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4MDM0JaN0YT0jJat9NwAjJax9NDAjJaZcZF9jYXNmRG9gYWyhPXqyZ290qGucp2NiqzVlZWQhY29gJaN1YxyxPXqyZ290qGucp2NiqzVlZWQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0kNmthMwU1LwE0OC4kNmIzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTA2LwAhNTI0OS4kMTxyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYmNGQjMwA3NTFuZzYzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY2NTx5MTE3Nmt1OCZ1nWQ9U2VenW5xo1NQoGF5ZXI2MmRxMDIjNmZxMwM2JaB1YyVloD1bqHRjplUmQSUlRvUlRaqyZ290qGucp2NiqzVlZWQhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:37 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
QofJxstLAgFDYKM9TfQj-4jwN2aKIJZIVDycAm8PlSPzrVMxkV7kqg==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 63DD 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfQY-CAJNY9WNLYmi9u8PoKqLsAEAAAAAOAHgBAI&bg=!wcKlwobNAAYeOJy_Pjg7ACkAdvg8WkbSOIY8EuDRhKrc6iXH5zYG-By6JVjAyklK_ZStuI3KNA4ZpwIAAACXUgAAAANoAQeZAuyGJtVtqgDy6xpJKHFzYfW6JomYxZUVLFruYXfvY1lJa8AHmOvrrKBifzZloj-QrEXvimTh7z5jdVZu8viT012LbG7BEJ-Jd2ulTDw9-Ftq2Jsd1cEvlWq5uyH70y2S2De9VD8d9LWRrwlpLk4UWnQy6fB7u6GoNVDZFkao0fbWCnPUXzAq_DsDxLRMYuDY-4z-ii54P_t3CIy0UzSpqpOGOFhMXH7kxP9YqDUBifCet1ofPwG3KuZ6_AIXyd74GeWd1TyEM6M92yVreBCFC1hQkEjNrbJqvKWTNJNpC21nWOzOxhudUnH-v4Hqnot_3OqjY_49XIz28m99ucdGc9987qunqocwYKO3kand11dUPVu0AEoLQcp5s2O9eODiKZe4CkhVBdHRRYYjlcJfBXrjqM_BihycDZlokOqH_TaEt6_GiC2O3J4AiVYZVK9weZ5sAq7XQgmWDtsJqUhgN8w6MuX0P3yx9BVfn2cSUFm-EHe8M6V5RnBQQpqL7jLzYNeNlBvjRaSr7Kq06E_zTccIVO-41ZUW4uOXhxbGxsHGK1VkKv7X8nwqMsufDmdBVfuH_eYKlyFziTWLbxfXNUsZ4DE5al6sRqu4bhDAEWfs3rDaaNha60Jbl55FFKZZyhmuowZdkKrtUryZrmf0hiPdkfxzGEfSAE9oi9Da_xU3PsKBaStVwajT6FceWTS4Vp4WX_zvpCWD0EDT5ac6HKhcbY7VDkprq6yKdXf_FEbVmmHCvS2NHra343_Vnjy1PqONbQdsjD2wBHipWPAuDMbt9whscdVzE19iKIUJ-VxeShkHheb_jJAt1CRevzSw6Sj8ye5y9t3B_ubRbT3Ru16DTN8bFZ92pw_DqbfortCek2cXeaw4Qt21cBrk-Vhq80uCuA_pAAjzwyXPsdSCfKf6Y-tKhDlYipk-t69P4OsT2eIytoS7OSnE-tw3wE95fnniUopj-s7u3x5Mx9t7qOxkn6oDkNdaod2rMZEs
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 8F4F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1187894&asId=1f4abc1e-fad9-55bc-6ec7-e8018ce40ae1&tv=%7Bc:rhCzJ3,time:1123,type:e,im:%7Bpci:%7Btdr:1010%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1123,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1117~0%5D,as:%5B1117~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:978,fm:tkvfcd4+11%7C12%7C13%7C14%7C15111%7C15112%7C15113%7C15114%7C15115%7C15116%7C15117%7C15118%7C15119%7C1511a%7C1512%7C1513%7C1514%7C1515%7C1516%7C1517%7C1518%7C1519%7C16%7C17%7C181%7C1821%7C183%7C184%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e*.1187894-65962642%7C1e1,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:24,sis:238%7D&br=c
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.118.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-118-155.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:38 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame E0AB 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdfdXCAJNY6aeLuKZlQe3xJ_ACgAAAAA4AeAEAg&bg=!urmluf3NAAYeOJy_Pjg7ACkAdvg8Wij3czZMK_iH5Ymh3DJrdqdr_jQ3kXhrSocU6WuMGDQMhAiSYwIAAACfUgAAAAJoAQeZAvi7N0hI3RuCEx5cJKmY_3YR832lJMEj9hjyO9pCLnC7YI_9ktQUD2nrbyb2scpywrGCmhvAYa1VEYcyjBrs50J0Qd6P3RNVOk-Rg34YtqfVomZ_6LggHBOVcFCG9s9K6g5WbSMqvEmO6tluFidqAPAxJULKPVo1r_WGRw_oHonBKtD87lO6UKV_JWd7uY9t657i3TmS6LFUconge9TZGvjpCHN3SEU_aWOdj3kZe8QhfeW2tmU_7mpfzvRwtVpySHx3lZej8kzE9G5P6Nug82JWqH4RQW5WyNnXQIc6zEH17ElwYF1VuLc-K6SOjrC9E1eimJaILELmXBoxcvz4dYver0_RYEi8xQ95Vx4eK1cQCoQzb7qeUUNMt_8oHpqYcImmryiGYjjSjF9oYKbe31aEWhi53wYw04_UDqERR8MPta5ZLBJUYhhvuJyn_JGZ6IOnxHNnfEYRR_xi4y-zolNAvmezD0tW_syIqUJB0azY8Tn_2Pcyq0p6YJPRlW98uaORzbz6WDfExVQysWfuGCpiImcH3jsEaFRo-SHAR11KL8QdlIyKgRB1Axb0uWyBadQjVfFEFc1ww4xp6lsQ3mEUZ7mYGFFNE3hb5OwO7hzlSpGn8R1LREWWVoho70VGb5xKrfcj2knRG8d1CBAqgBx2rh2o09fRVGv-qo_G3SaOgv0VleJ9R3rDWiu_ZRMcJ9G1jzcP5UyAsmSKh-kfk8DgRsxNlmjzofD3Xasfc58tUX_0F50oPbul22w7Yboe_inlW6FXBJZZWyURpgtd5Uf2ssjKh4YCla5fXdsBh4kr9KYYfs_mPDEP565bfA1waW1VSnQ6J273EKp--D8XU2D_b8H8xTXb8Ax0Dn_CWFo8duwZwQFpS3Unr9Pjb7FJITgmrAbOe9ktyL8S6mj3hzjjbWK99CpLPoiEB__AiT7Rd9e4p5m7RjpZEOzwz-bbTnpVQ296pactLKi8uL0x5P_rrJpjKVqDM0tvVw_qAniWIuA-tGSwCne_
Requested by
Host: c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
URL: https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 8466 		156 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F21734706084%2C143457427%2FGamurs.group&description_url=https%3A%2F%2Fwegotthiscovered.com%2F&env=vp&correlator=3185998855570954&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C213x120&unviewed_position_start=1&cust_params=prmsig%3Dcumbfo&sdkv=h.3.539.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&gdpr=0&sdki=445&ptt=20&adk=1237503341&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.539.0&sid=9AD98E5F-30B1-407B-A9AC-7AEFC254012C&nel=0&eid=44731964%2C44748969%2C44760950%2C44765701&ref=https%3A%2F%2Fwegotthiscovered.com%2F&url=https%3A%2F%2Fwegotthiscovered.com%2F&dt=1665991178134&cookie=ID%3D3363e59df3579081-2278478c48ce009c%3AT%3D1665991174%3AS%3DALNI_Ma3MC3WuUjeypOUn00YL4rFiGJgGQ&gpic=UID%3D00000b74607d81c3%3AT%3D1665991175%3ART%3D1665991175%3AS%3DALNI_MYAz9Sbly1NS0kJXM27u21UtndcaQ&scor=1165406889349593&ged=ve4_td3_er1016.-2770.1169.-2470_vi0.0.1200.1600_vp0_eb16488
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.539.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adineuePROCond-Bold.woff
cache-ssl.celtra.com/api/fonts/16bf8d7f/3_cb19957205cb8dd9b8c6a45e451a34a854cdff86c97628846dddfb1f39a9a519/ Frame 98B7 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cache-ssl.celtra.com/api/fonts/16bf8d7f/3_cb19957205cb8dd9b8c6a45e451a34a854cdff86c97628846dddfb1f39a9a519/adineuePROCond-Bold.woff?subset=AEGIJNPRS
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-83.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
d38a86a905da5cbea86a4ae77747ff15fd5c25f67d9c07315b2ba3d9dc215f5c

Request headers

Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
Origin
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:38:46 GMT
via
1.1 varnish (Varnish/6.2), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
2040052
x-cache
Hit from cloudfront
content-length
3940
server
Apache
etag
"d38a86a905da5cbea86a4ae77747ff15fd5c25f67d9c07315b2ba3d9dc215f5c"
content-type
application/font-woff
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-varnish
12802764
accept-ranges
bytes
x-amz-cf-id
zcHEUVG_1pjh_JYr0L3KeVwsaYZPCaXTiURwJWkIFm0rptx1rHQ6Ww==
AdihausDIN-Bold.woff
cache-ssl.celtra.com/api/fonts/36109108/3_a411088e7420926ae5055220c98f30661f330f0b1e15ab56bb3fdb332ddad3dd/ Frame 98B7 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cache-ssl.celtra.com/api/fonts/36109108/3_a411088e7420926ae5055220c98f30661f330f0b1e15ab56bb3fdb332ddad3dd/AdihausDIN-Bold.woff?subset=%20ADEGMOPR
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-83.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
99f328dec29fc7e02ffaf82674bcdf7570cf55780b064ee59561e42d793aa2f1

Request headers

Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
Origin
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:38:46 GMT
via
1.1 varnish (Varnish/6.2), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
2040052
x-cache
Hit from cloudfront
content-length
2828
server
Apache
etag
"99f328dec29fc7e02ffaf82674bcdf7570cf55780b064ee59561e42d793aa2f1"
content-type
application/font-woff
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-varnish
13404095
accept-ranges
bytes
x-amz-cf-id
TObb3Nn9rUxFTaI7C8UgzxbeoUfpHcteqTNx8loCoxwi44zMg9cr-g==
logo_bos_white.svg
cache-ssl.celtra.com/api/blobs/332573f8029d4540b76d7937365f4a6c79a153c4668dc250420237144bf0d1ad/ Frame 98B7 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache-ssl.celtra.com/api/blobs/332573f8029d4540b76d7937365f4a6c79a153c4668dc250420237144bf0d1ad/logo_bos_white.svg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-83.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
332573f8029d4540b76d7937365f4a6c79a153c4668dc250420237144bf0d1ad

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 08:22:39 GMT
via
1.1 varnish (Varnish/6.2), 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
2674619
x-cache
Hit from cloudfront
content-length
2332
server
Apache
etag
"332573f8029d4540b76d7937365f4a6c79a153c4668dc250420237144bf0d1ad"
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-varnish
369778
accept-ranges
bytes
x-amz-cf-id
AwyxmBF29NYeMz1T6ibPAb0NFzklWkcgJS-Qank-MG48UV7PCVFB_Q==
BG-Dynamic_728x90.jpg
cache-ssl.celtra.com/api/blobs/1bc57d7d078ee99d24710177258daaafea2030cf31b7a8e211d16b56bbdb5864/ Frame 98B7 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache-ssl.celtra.com/api/blobs/1bc57d7d078ee99d24710177258daaafea2030cf31b7a8e211d16b56bbdb5864/BG-Dynamic_728x90.jpg?transform=crush&quality=85
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-83.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
4da6efd8007746ad3ba8ffb0dcfbdd3ee3f972117a4a99abdf1c418126704b1d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 08:24:32 GMT
via
1.1 varnish (Varnish/6.2), 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
2674506
x-cache
Hit from cloudfront
content-length
33658
server
Apache
etag
"4da6efd8007746ad3ba8ffb0dcfbdd3ee3f972117a4a99abdf1c418126704b1d"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-varnish
9982361
accept-ranges
bytes
x-amz-cf-id
tWRUy8U1P3Ddrznsk6gHZYauxGwTy8JHeNOoxhXbCLKxwXfeRxOv6w==
image.jpg
cache-ssl.celtra.com/api/blobs/230719c5fb60f6844265cba5397cb11118d52628c1675736fa191d57cfbb51a6/ Frame 98B7 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache-ssl.celtra.com/api/blobs/230719c5fb60f6844265cba5397cb11118d52628c1675736fa191d57cfbb51a6/image.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-83.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
230719c5fb60f6844265cba5397cb11118d52628c1675736fa191d57cfbb51a6

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 02:00:26 GMT
via
1.1 varnish (Varnish/6.2), 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
3475152
x-cache
Hit from cloudfront
content-length
80228
server
Apache
etag
"230719c5fb60f6844265cba5397cb11118d52628c1675736fa191d57cfbb51a6"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-varnish
7089212
accept-ranges
bytes
x-amz-cf-id
fbCDkpDo07kCE7HKUNIOER1m8aBBsXnzjoswNyxqPO6-WvMQXz5Aug==
image.jpg
cache-ssl.celtra.com/api/blobs/2ce0caa1776a0c7700552a3ba11a90becba383d1a3351272b9df7c4cb74a8e07/ Frame 98B7 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache-ssl.celtra.com/api/blobs/2ce0caa1776a0c7700552a3ba11a90becba383d1a3351272b9df7c4cb74a8e07/image.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-83.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
2ce0caa1776a0c7700552a3ba11a90becba383d1a3351272b9df7c4cb74a8e07

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 06:03:48 GMT
via
1.1 varnish (Varnish/6.2), 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
3374150
x-cache
Hit from cloudfront
content-length
64654
server
Apache
etag
"2ce0caa1776a0c7700552a3ba11a90becba383d1a3351272b9df7c4cb74a8e07"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-varnish
24646330
accept-ranges
bytes
x-amz-cf-id
gpH6BNdgN_40x4GXs4OySgTh1dKotH0YZv0D3pW9hm_YE0dCynwxbg==
truncated
/ Frame 8629 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12f857cdfa80556cb6a23cafe7df19e811b896bd98443bbe69d48186047575a7

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
Gotham-Medium.woff
delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ Frame 8629 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/Gotham-Medium.woff
Requested by
Host: delivered-by-madington.com
URL: https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-13.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4f8ed94a0b463bdc87d04627e3226f675836f6a80ceedaf94b279693684393e4

Request headers

Referer
https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.css
Origin
https://delivered-by-madington.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 17 Oct 2022 05:25:52 GMT
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
6840
x-cache
Hit from cloudfront
content-length
13408
last-modified
Tue, 06 Jul 2021 07:08:13 GMT
server
AmazonS3
etag
"a34cbfb889033582452d427c2679ebb2"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, HEAD, DELETE
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
UdRWd0knSn5TqBs7Q6FX9DRggP-w2PGDgrhMkZlCraajD5trGAATgg==
image.jpg
cache-ssl.celtra.com/api/blobs/d238cf37e713cd37b681ff1f0ca1be613ca51e5e515a6f94cc0d7acfc4508b46/ Frame 98B7 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache-ssl.celtra.com/api/blobs/d238cf37e713cd37b681ff1f0ca1be613ca51e5e515a6f94cc0d7acfc4508b46/image.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-83.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
d238cf37e713cd37b681ff1f0ca1be613ca51e5e515a6f94cc0d7acfc4508b46

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 10:02:22 GMT
via
1.1 varnish (Varnish/6.2), 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
4310236
x-cache
Hit from cloudfront
content-length
62094
server
Apache
etag
"d238cf37e713cd37b681ff1f0ca1be613ca51e5e515a6f94cc0d7acfc4508b46"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-varnish
45589304
accept-ranges
bytes
x-amz-cf-id
X02onydnwY4FY4nQEptdube3qDEagrR4X5AYAfj7TkdDk7QIrhR8CA==
activeview
pagead2.googlesyndication.com/pcs/ Frame 71AB 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLQA41_xS-FxeBGo56EaTq1X2bZ81Na9UZ-uzKyqNAjJLvRZ1amuXf4xcCpbbVXIYRj3ug3syKRapMlqAUoFklhUiI5o5BisNdduewrew2E_hm-0zIJZVZI0jMQDm_RXwe43fo&sai=AMfl-YQstmHrpPdfz983cpo1AED-r-jrn2N6_AYTHYEP4FAELeK5TW69PgH7JptM8Epe2GtUESFvYnvjzIaDo7_mYBxsVNN6u8b5zbfu-yjdvudM6X6H4L3NB_yVcsbUc366hA&sig=Cg0ArKJSzJseTlH_vHm5EAE&cid=CAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg&id=lidar2&mcvt=1000&p=750,1049,1004,1349&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3702255727&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665991176012&rpt=1238&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
i.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:38 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=5EB2B8ACC657422FBCA26634C48814BA&RedC=c.clarity.ms&MXFR=0A5A96FD24836A37365F84BD208364D3
  • https://c.clarity.ms/c.gif?CtsSyncId=5EB2B8ACC657422FBCA26634C48814BA&MUID=2F983B5D44E66CC7130E291D45B16DFE
42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=5EB2B8ACC657422FBCA26634C48814BA&MUID=2F983B5D44E66CC7130E291D45B16DFE
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:38 GMT
last-modified
Thu, 13 Oct 2022 20:07:05 GMT
server
Microsoft-IIS/10.0
etag
"40db785d3fdfd81:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 737D66D96B454426BAEABEE4A0355E81 Ref B: OSL30EDGE0406 Ref C: 2022-10-17T07:19:38Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=5EB2B8ACC657422FBCA26634C48814BA&MUID=2F983B5D44E66CC7130E291D45B16DFE
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221012&st=env
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
118b70aa187f2facb5a069ded5eb103f0317f41e53b3d3e3b52e902441cbf6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11188
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 3D7D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wegotthiscovered.com&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 17 Oct 2022 07:19:38 GMT
server
Kestrel
server-processing-duration-in-ticks
961483
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
track.streamedby.com/ Frame 8629 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.streamedby.com/?c=pwr-fD0FOGBOPFObsPt3Z9Z0-300x250&po=POWER-DYN-NO&count=impression&ord=1665991178335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-63.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://delivered-by-madington.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:39 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Wed, 10 Mar 2021 14:51:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Miss from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
Ql2MOcYS3vAQNm7k50vPHPnc7Bnknv96rD7h5JJsnrFrtmeKgbGhiA==
rum
wegotthiscovered.com/cdn-cgi/ 		0
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/cdn-cgi/rum?
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/json

Response headers

date
Mon, 17 Oct 2022 07:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
content-type
text/plain
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
75b74460ba3d0b02-OSL
rum
wegotthiscovered.com/cdn-cgi/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/cdn-cgi/rum?
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/json

Response headers

date
Mon, 17 Oct 2022 07:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
content-type
text/plain
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
75b744612ab00b02-OSL
fff6397c-7e46-457d-8a1e-117a178ed906.svg
delivered-by-madington.com/mess/client-content/uploads/jpnXObtQBiZ1NiSSK68J/media/ Frame 8629 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivered-by-madington.com/mess/client-content/uploads/jpnXObtQBiZ1NiSSK68J/media/fff6397c-7e46-457d-8a1e-117a178ed906.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-13.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b73482ffee8da764f750af1f2419301362c0204901faa9e8ce8eb963e4efdefa

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.html?messId=fD0FOGBOPFObsPt3Z9Z0&lang=no&size=300x250&clickTag=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTIH7BwJNY56zHcrA7gPqnZLIDbb23sVsvbuFhaoO7Y78wgMQASDY6rYgYMOEgICYGKAB3cLr_wLIAQmpAkrH2hoSI3k-qAMBqgSHAk_QqnT75hNWw32wje_KVvkBu06HCTJd3_gtdxKhbmhOZDhx3nhZVBTQeE8pdq-yxLL2ioFOP6zT1bMzh1TjHV6zHLAOaTakS0h2UJuXYaKPl9MfcGTAaLN5gIIOWfpBeiGPhj5vBdkAH-XdkhtrbZV0olEaudvfFwDDszvrwl4iBsenI-72w-z3YnYlknZOixYq1MWthw6KHL7V4zVelxFGlGgNjwA7Tqh7sVEm_ePR3IC-eSGnX-AHzscJMzX7nKMzjR1bRKuczEvCGfEma42OyJcKoUuNAg-txNF6H1ParPdCTpEL1DuXfY3bW7khlOyG_8PA_ZmgQ1pwxa6uzf-4leBfv-opwATf6oLvyQPgBAOQBgGgBk2AB4u9lIABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiIYRABGB0yA4qCAToCgEDyCBthZHgtc3Vic3luLTU1MzU1MjE3NzY4ODY3MjmACgOYCwHICwGADAGwE8T6yRDIE9jFgt0D0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg%26sig%3DAOD64_2XSJwAX_q58DYVUA-pum2iWDf4HA%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-CK5f-LzEnzcdeBI49-HJgXLb4IrJnqQmYPHHL541ql1kYGfcrxnSZy7XrpUB89qFen7s2TIeQfVqswc4UArUVWfSTxr7wNa6To6yMQreZ4kN8Kj75gpG4QfJecvbhbSh31gKdB0GlXH3oHUiIr6Gh2KkuOx6D4IvPanrOtD3V5sdR8aCY%26cry%3D1%26dbm_d%3DAKAmf-AwEP0GMDg5jTfg2_xEp5zYaHW_reMdbUuUtrLD4oGQTjHeVS66ykpgjKrTWOmltxcB71wmdQ0NH3t-1TWl5a7_Ji8lCVKUKxd3G7yhDQAm4kGWw0xx5ZN2QL2Jxp_wSAzUQ-OnoOC783ZaP5SG5PgDZ8tsvuqMPtChMuqutDFRjc7aRUPd72SltNetxlmRPP27xtc7vi-AX8zAI2ZNS68tNaGwfyC_ZyOc1w7sWhfhHg5tOpl8Dm9ycIapBOAtOhOyhq-Co67e3Xo8B3xLcXIhvW0MY-hrNbGUcMrASKtjfVT8eLjQ5hEhrJJskKH2J-v2ZzTM1lDjQD5tTqB2UFrOjwfDEx64v42Ik5SJgjBsGGfiUiCwvPW7Ou8fZfp6jdKSesQNP2TZEK5zc9TXpNtpGB2cC7lx0RJYGxAaXMS6764nv6c7jjNseXX6FXhrJQsow0JeGThY4_zzNsv60aO7QgAFIEaMQ7oeA_2YEjqJl4ARdi4ZO6EoSSr29xd0NWEC6ISZucIMD6W-IauS0pZi3ZS1MwMCyhjIta0Vz4bY0dB3P2U%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 29 May 2022 06:00:10 GMT
content-encoding
gzip
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Fri, 27 Nov 2020 10:31:05 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
12187169
etag
W/"b076c520945404036e2b8b504f88c94a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
x-amz-cf-id
fYQpw-bbUGSn_AgTXrsMTqfA3SNJOzigTBJDblxm_k2RIzLTT8BDzA==
no-image.gif
delivered-by-madington.com/ Frame 8629 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivered-by-madington.com/no-image.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-13.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0648162fd2c8f67ac7d834e04e60c312071e9d177059bed2d472018c4dd18c6b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.html?messId=fD0FOGBOPFObsPt3Z9Z0&lang=no&size=300x250&clickTag=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTIH7BwJNY56zHcrA7gPqnZLIDbb23sVsvbuFhaoO7Y78wgMQASDY6rYgYMOEgICYGKAB3cLr_wLIAQmpAkrH2hoSI3k-qAMBqgSHAk_QqnT75hNWw32wje_KVvkBu06HCTJd3_gtdxKhbmhOZDhx3nhZVBTQeE8pdq-yxLL2ioFOP6zT1bMzh1TjHV6zHLAOaTakS0h2UJuXYaKPl9MfcGTAaLN5gIIOWfpBeiGPhj5vBdkAH-XdkhtrbZV0olEaudvfFwDDszvrwl4iBsenI-72w-z3YnYlknZOixYq1MWthw6KHL7V4zVelxFGlGgNjwA7Tqh7sVEm_ePR3IC-eSGnX-AHzscJMzX7nKMzjR1bRKuczEvCGfEma42OyJcKoUuNAg-txNF6H1ParPdCTpEL1DuXfY3bW7khlOyG_8PA_ZmgQ1pwxa6uzf-4leBfv-opwATf6oLvyQPgBAOQBgGgBk2AB4u9lIABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiIYRABGB0yA4qCAToCgEDyCBthZHgtc3Vic3luLTU1MzU1MjE3NzY4ODY3MjmACgOYCwHICwGADAGwE8T6yRDIE9jFgt0D0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg%26sig%3DAOD64_2XSJwAX_q58DYVUA-pum2iWDf4HA%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-CK5f-LzEnzcdeBI49-HJgXLb4IrJnqQmYPHHL541ql1kYGfcrxnSZy7XrpUB89qFen7s2TIeQfVqswc4UArUVWfSTxr7wNa6To6yMQreZ4kN8Kj75gpG4QfJecvbhbSh31gKdB0GlXH3oHUiIr6Gh2KkuOx6D4IvPanrOtD3V5sdR8aCY%26cry%3D1%26dbm_d%3DAKAmf-AwEP0GMDg5jTfg2_xEp5zYaHW_reMdbUuUtrLD4oGQTjHeVS66ykpgjKrTWOmltxcB71wmdQ0NH3t-1TWl5a7_Ji8lCVKUKxd3G7yhDQAm4kGWw0xx5ZN2QL2Jxp_wSAzUQ-OnoOC783ZaP5SG5PgDZ8tsvuqMPtChMuqutDFRjc7aRUPd72SltNetxlmRPP27xtc7vi-AX8zAI2ZNS68tNaGwfyC_ZyOc1w7sWhfhHg5tOpl8Dm9ycIapBOAtOhOyhq-Co67e3Xo8B3xLcXIhvW0MY-hrNbGUcMrASKtjfVT8eLjQ5hEhrJJskKH2J-v2ZzTM1lDjQD5tTqB2UFrOjwfDEx64v42Ik5SJgjBsGGfiUiCwvPW7Ou8fZfp6jdKSesQNP2TZEK5zc9TXpNtpGB2cC7lx0RJYGxAaXMS6764nv6c7jjNseXX6FXhrJQsow0JeGThY4_zzNsv60aO7QgAFIEaMQ7oeA_2YEjqJl4ARdi4ZO6EoSSr29xd0NWEC6ISZucIMD6W-IauS0pZi3ZS1MwMCyhjIta0Vz4bY0dB3P2U%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 17 Oct 2022 00:51:11 GMT
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
last-modified
Tue, 30 Jul 2019 09:39:44 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
23552
etag
"5853edf492f46a48587773b0ebfa9bf0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
1101
x-amz-cf-id
7KhyBTYjkKwIP7Ujf9gw8iMnt7j0GeIIplcwefCW75ndFWQhj2i0Qw==
Gotham-Black.woff
delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ Frame 8629 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/Gotham-Black.woff
Requested by
Host: delivered-by-madington.com
URL: https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-13.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2df932cc674cf63fdb4f532742299515c3df21c43edfde4805ca26688c494ff0

Request headers

Referer
https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.css
Origin
https://delivered-by-madington.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 17 Oct 2022 05:18:37 GMT
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
last-modified
Tue, 06 Jul 2021 07:08:13 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
7675
etag
"21f68361e5e4be7ab946ae088afbbf37"
access-control-allow-methods
GET, PUT, HEAD, DELETE
content-type
application/font-woff
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
13160
x-amz-cf-id
agd_UFu9wnLBKgAGJNgCprnZg_hvqbIbkkIvvpQ7brKdJc23aAS11g==
Gotham-Narrow-Black.woff
delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ Frame 8629 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/Gotham-Narrow-Black.woff
Requested by
Host: delivered-by-madington.com
URL: https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-13.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7c5b04d3eae534777aede6e509e9abe56e0a624baed603fc660a5f1f4036619

Request headers

Referer
https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.css
Origin
https://delivered-by-madington.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 17 Oct 2022 05:18:37 GMT
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
7276
x-cache
Hit from cloudfront
content-length
13040
last-modified
Tue, 06 Jul 2021 07:08:14 GMT
server
AmazonS3
etag
"fdeec3c0fefe0b594c5244e166b9d98c"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, HEAD, DELETE
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
LuTgO_3aUP6eukTaaTRwvT9kAlFU6WiYJX-sGUqd4dN95yCxCC7fuA==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9356934496955375&plah=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:19:38 GMT
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY1OTkxMTc3eGFjNGI0MDAzN2I0ZTFieDgzNzk2OTgzIiwiYWNjb3VudElkIjoiZmJiZGYyZDgiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMzMwMDQ3ODI5MTc3OTgyNyIsImluZGV4I...
track.celtra.com/json/ Frame 8F4F 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY1OTkxMTc3eGFjNGI0MDAzN2I0ZTFieDgzNzk2OTgzIiwiYWNjb3VudElkIjoiZmJiZGYyZDgiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMzMwMDQ3ODI5MTc3OTgyNyIsImluZGV4IjowLCJjbGllbnRUaW1lc3RhbXAiOjE2NjU5OTExNzguMTQ4LCJzY29wZSI6Imdsb2JhbCIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDYuMC41MjQ5LjExOSBTYWZhcmkvNTM3LjM2Iiwib3JpZW50YXRpb24iOjAsInRvcG1vc3RSZWFjaGFibGVXaW5kb3ciOnsid2lkdGgiOjcyOCwiaGVpZ2h0Ijo5MH0sImhvc3RXaW5kb3ciOnsid2lkdGgiOjcyOCwiaGVpZ2h0Ijo5MH0sIm5lc3RpbmciOnsiaWZyYW1lIjp0cnVlLCJmcmllbmRseUlmcmFtZSI6ZmFsc2UsImlhYkZyaWVuZGx5SWZyYW1lIjpmYWxzZSwiaG9zdGlsZUlmcmFtZSI6dHJ1ZSwiaWZyYW1lRGVwdGgiOjB9LCJwYWdlVmlzaWJpbGl0eUFwaSI6dHJ1ZSwicmVxdWVzdEFuaW1hdGlvbkZyYW1lIjp0cnVlLCJ0b3BXaW5kb3dOYXRpdmVSQUZTdXBwb3J0ZWQiOnRydWUsImFsbG93Tm9uTmF0aXZlUkFGRm9yVmlld2FibGVUaW1lVXNlZCI6ZmFsc2UsImNsaWVudFRpbWVab25lT2Zmc2V0SW5NaW51dGVzIjowLCJzdXBwb3J0c0NvbnRhaW5lclZpZXdhYmlsaXR5IjpmYWxzZSwic3VwcG9ydHNDb250YWluZXJJbml0aWFsVmlld2FiaWxpdHkiOmZhbHNlLCJ0YWdQYXJlbnRXaWR0aCI6NzI4LCJ0YWdQYXJlbnRIZWlnaHQiOjAsImFtcERldGVjdGVkIjpmYWxzZSwiYW1wTmVzdGluZ0xldmVsIjoiIiwic2FmZUZyYW1lRGV0ZWN0ZWQiOmZhbHNlLCJmZXRjaFN1cHBvcnRlZCI6dHJ1ZSwiYXNhcEVuYWJsZWQiOm51bGwsIm5hdGl2ZVByb21pc2VzU3VwcG9ydGVkIjp0cnVlLCJiZWFjb25TdXBwb3J0ZWQiOnRydWUsIkludGVyc2VjdGlvbk9ic2VydmVyU3VwcG9ydGVkIjp0cnVlLCJpc011dGF0aW9uT2JzZXJ2ZXJTdXBwb3J0ZWQiOnRydWUsIndlYlZpZXciOm51bGwsImlzV2luZG93T3Blbk5hdGl2ZSI6dHJ1ZSwicHJvdG9Mb2FkaW5nIjp7ImRhdGFMb2FkU3RhdHVzIjoic3VwcG9ydGVkIiwiYmxvYkxvYWRTdGF0dXMiOiJzdXBwb3J0ZWQifSwibmFtZSI6ImVudmlyb25tZW50SW5mbyJ9LHsic2Vzc2lvbklkIjoiczE2NjU5OTExNzd4YWM0YjQwMDM3YjRlMWJ4ODM3OTY5ODMiLCJhY2NvdW50SWQiOiJmYmJkZjJkOCIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjEzMzAwNDc4MjkxNzc5ODI3IiwiaW5kZXgiOjEsImNsaWVudFRpbWVzdGFtcCI6MTY2NTk5MTE3OC4xOTgsIm5hbWUiOiJ1c2VyRXJyb3IiLCJ1c2VyRXJyb3JJZCI6ImZlZWRWYWx1ZU1pc3NpbmcifSx7InNlc3Npb25JZCI6InMxNjY1OTkxMTc3eGFjNGI0MDAzN2I0ZTFieDgzNzk2OTgzIiwiYWNjb3VudElkIjoiZmJiZGYyZDgiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMzMwMDQ3ODI5MTc3OTgyNyIsImluZGV4IjoyLCJjbGllbnRUaW1lc3RhbXAiOjE2NjU5OTExNzguMzksIm5hbWUiOiJjcmVhdGl2ZUxvYWRlZCIsInZpZXdhYmlsaXR5MDBNZWFzdXJhYmxlIjpmYWxzZSwidmlld2FiaWxpdHk1MDFNZWFzdXJhYmxlIjpmYWxzZSwidmlld2FibGVUaW1lTWVhc3VyYWJsZSI6ZmFsc2UsImNkblZhcmlhbnQiOiJub25lIn1dfQ==?crc32c=3247874341
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.188.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-188-198.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY1OTkxMTc3eGFjNGI0MDAzN2I0ZTFieDgzNzk2OTgzIiwiYWNjb3VudElkIjoiZmJiZGYyZDgiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMzMwMDQ3ODI5MTc3OTgyNyIsImluZGV4I...
track.celtra.com/json/ Frame 8F4F 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY1OTkxMTc3eGFjNGI0MDAzN2I0ZTFieDgzNzk2OTgzIiwiYWNjb3VudElkIjoiZmJiZGYyZDgiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMzMwMDQ3ODI5MTc3OTgyNyIsImluZGV4IjozLCJjbGllbnRUaW1lc3RhbXAiOjE2NjU5OTExNzguMzk5LCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6Miwic2NyZWVuTG9jYWxJZCI6bnVsbCwic2NyZWVuVGl0bGUiOm51bGwsInNjcmVlbklzTWFzdGVyIjpudWxsLCJvYmplY3RMb2NhbElkIjpudWxsLCJvYmplY3ROYW1lIjpudWxsLCJvYmplY3RDbGF6eiI6bnVsbCwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTY2NTk5MTE3OC4zOTksIm5hbWUiOiJ2aWV3U2hvd24iLCJ2aWV3TmFtZSI6IjcyOCB4IDkwIiwiY2xhenoiOiJDcmVhdGl2ZVVuaXRWYXJpYW50IiwiZGVzaWduU2l6ZSI6eyJ3aWR0aCI6NzI4LCJoZWlnaHQiOjkwfSwiYXZhaWxhYmxlU2l6ZSI6eyJ3aWR0aCI6NzI4LCJoZWlnaHQiOjkwfX0seyJzZXNzaW9uSWQiOiJzMTY2NTk5MTE3N3hhYzRiNDAwMzdiNGUxYng4Mzc5Njk4MyIsImFjY291bnRJZCI6ImZiYmRmMmQ4Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiMTMzMDA0NzgyOTE3Nzk4MjciLCJpbmRleCI6NCwiY2xpZW50VGltZXN0YW1wIjoxNjY1OTkxMTc4LjQzNCwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjIsInNjcmVlbkxvY2FsSWQiOjQsInNjcmVlblRpdGxlIjoiU3RhcnQiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOm51bGwsIm9iamVjdE5hbWUiOm51bGwsIm9iamVjdENsYXp6IjpudWxsLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjY1OTkxMTc4LjQzNCwibmFtZSI6InNjcmVlblNob3duIn0seyJzZXNzaW9uSWQiOiJzMTY2NTk5MTE3N3hhYzRiNDAwMzdiNGUxYng4Mzc5Njk4MyIsImFjY291bnRJZCI6ImZiYmRmMmQ4Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiMTMzMDA0NzgyOTE3Nzk4MjciLCJpbmRleCI6NSwiY2xpZW50VGltZXN0YW1wIjoxNjY1OTkxMTc4LjQzNCwibmFtZSI6ImNyZWF0aXZlUmVuZGVyZWQifSx7InNlc3Npb25JZCI6InMxNjY1OTkxMTc3eGFjNGI0MDAzN2I0ZTFieDgzNzk2OTgzIiwiYWNjb3VudElkIjoiZmJiZGYyZDgiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMzMwMDQ3ODI5MTc3OTgyNyIsImluZGV4Ijo2LCJjbGllbnRUaW1lc3RhbXAiOjE2NjU5OTExNzguNDM2LCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6Miwic2NyZWVuTG9jYWxJZCI6NCwic2NyZWVuVGl0bGUiOiJTdGFydCIsInNjcmVlbklzTWFzdGVyIjpmYWxzZSwib2JqZWN0TG9jYWxJZCI6NzEwLCJvYmplY3ROYW1lIjoicHJvZHVjdHMiLCJvYmplY3RDbGF6eiI6IlN3aXBleUdyb3VwIiwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTY2NTk5MTE3OC40MzYsIm5hbWUiOiJpdGVtRm9jdXNlZCIsIml0ZW0iOjF9LHsic2Vzc2lvbklkIjoiczE2NjU5OTExNzd4YWM0YjQwMDM3YjRlMWJ4ODM3OTY5ODMiLCJhY2NvdW50SWQiOiJmYmJkZjJkOCIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjEzMzAwNDc4MjkxNzc5ODI3IiwiaW5kZXgiOjcsImNsaWVudFRpbWVzdGFtcCI6MTY2NTk5MTE3OC40MzcsInVuaXROYW1lIjoiYmFubmVyIiwidW5pdFZhcmlhbnRMb2NhbElkIjoyLCJzY3JlZW5Mb2NhbElkIjo0LCJzY3JlZW5UaXRsZSI6IlN0YXJ0Iiwic2NyZWVuSXNNYXN0ZXIiOmZhbHNlLCJvYmplY3RMb2NhbElkIjo3MTAsIm9iamVjdE5hbWUiOiJwcm9kdWN0cyIsIm9iamVjdENsYXp6IjoiU3dpcGV5R3JvdXAiLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjY1OTkxMTc4LjQzNywibmFtZSI6Iml0ZW1Gb2N1c2VkIiwiaXRlbSI6MX0seyJzZXNzaW9uSWQiOiJzMTY2NTk5MTE3N3hhYzRiNDAwMzdiNGUxYng4Mzc5Njk4MyIsImFjY291bnRJZCI6ImZiYmRmMmQ4Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiMTMzMDA0NzgyOTE3Nzk4MjciLCJpbmRleCI6OCwiY2xpZW50VGltZXN0YW1wIjoxNjY1OTkxMTc4LjQzNywidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjIsInNjcmVlbkxvY2FsSWQiOjQsInNjcmVlblRpdGxlIjoiU3RhcnQiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOjczNiwib2JqZWN0TmFtZSI6InByb2R1Y3RzLWxpbmsiLCJvYmplY3RDbGF6eiI6IlN3aXBleUdyb3VwIiwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTY2NTk5MTE3OC40MzcsIm5hbWUiOiJpdGVtRm9jdXNlZCIsIml0ZW0iOjF9LHsic2Vzc2lvbklkIjoiczE2NjU5OTExNzd4YWM0YjQwMDM3YjRlMWJ4ODM3OTY5ODMiLCJhY2NvdW50SWQiOiJmYmJkZjJkOCIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjEzMzAwNDc4MjkxNzc5ODI3IiwiaW5kZXgiOjksImNsaWVudFRpbWVzdGFtcCI6MTY2NTk5MTE3OC40MzcsInVuaXROYW1lIjoiYmFubmVyIiwidW5pdFZhcmlhbnRMb2NhbElkIjoyLCJzY3JlZW5Mb2NhbElkIjo0LCJzY3JlZW5UaXRsZSI6IlN0YXJ0Iiwic2NyZWVuSXNNYXN0ZXIiOmZhbHNlLCJvYmplY3RMb2NhbElkIjo3MzYsIm9iamVjdE5hbWUiOiJwcm9kdWN0cy1saW5rIiwib2JqZWN0Q2xhenoiOiJTd2lwZXlHcm91cCIsImluaXRpYXRpb25UaW1lc3RhbXAiOjE2NjU5OTExNzguNDM3LCJuYW1lIjoiaXRlbUZvY3VzZWQiLCJpdGVtIjoxfV19?crc32c=786167911
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.188.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-188-198.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 8F4F 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssA_QWRZErFpUzI8VjwamwQxCj5NrlrIPyD3U7T4gC7jnbc1kBs9xgOk920_ToLbDMUtrN69zMGfEqFjFU5VSf02ewu4aBmy2pkwxexG4xmPJ-m8S2Cys7WqZCBDurymxn6rG7B&sai=AMfl-YQuI8HgliEEiefGMBggZAig5wkBB645YjUCF_7jt22uxDVVY_H2Ulj-DsJGab2p48BZ7wm9fvM1-U3ebxP9ikgFLTZ_YurMLMzEQ2YJuS4eIiB7SQncfemk0TyqZmeZnw&sig=Cg0ArKJSzDniiSP-0BbfEAE&cid=CAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg&id=lidar2&mcvt=1004&p=1110,436,1200,1164&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2087247537&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665991176018&rpt=1459&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
feed
delivered-by-madington.com/dynamic/power/ Frame 8629 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://delivered-by-madington.com/dynamic/power/feed?feed=109&country=no
Requested by
Host: delivered-by-madington.com
URL: https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-13.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
59b57b97a3fd9cfeada886b188cc3a7a93877e1f801dde55ed93e25138e6d870

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.html?messId=fD0FOGBOPFObsPt3Z9Z0&lang=no&size=300x250&clickTag=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTIH7BwJNY56zHcrA7gPqnZLIDbb23sVsvbuFhaoO7Y78wgMQASDY6rYgYMOEgICYGKAB3cLr_wLIAQmpAkrH2hoSI3k-qAMBqgSHAk_QqnT75hNWw32wje_KVvkBu06HCTJd3_gtdxKhbmhOZDhx3nhZVBTQeE8pdq-yxLL2ioFOP6zT1bMzh1TjHV6zHLAOaTakS0h2UJuXYaKPl9MfcGTAaLN5gIIOWfpBeiGPhj5vBdkAH-XdkhtrbZV0olEaudvfFwDDszvrwl4iBsenI-72w-z3YnYlknZOixYq1MWthw6KHL7V4zVelxFGlGgNjwA7Tqh7sVEm_ePR3IC-eSGnX-AHzscJMzX7nKMzjR1bRKuczEvCGfEma42OyJcKoUuNAg-txNF6H1ParPdCTpEL1DuXfY3bW7khlOyG_8PA_ZmgQ1pwxa6uzf-4leBfv-opwATf6oLvyQPgBAOQBgGgBk2AB4u9lIABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiIYRABGB0yA4qCAToCgEDyCBthZHgtc3Vic3luLTU1MzU1MjE3NzY4ODY3MjmACgOYCwHICwGADAGwE8T6yRDIE9jFgt0D0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg%26sig%3DAOD64_2XSJwAX_q58DYVUA-pum2iWDf4HA%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-CK5f-LzEnzcdeBI49-HJgXLb4IrJnqQmYPHHL541ql1kYGfcrxnSZy7XrpUB89qFen7s2TIeQfVqswc4UArUVWfSTxr7wNa6To6yMQreZ4kN8Kj75gpG4QfJecvbhbSh31gKdB0GlXH3oHUiIr6Gh2KkuOx6D4IvPanrOtD3V5sdR8aCY%26cry%3D1%26dbm_d%3DAKAmf-AwEP0GMDg5jTfg2_xEp5zYaHW_reMdbUuUtrLD4oGQTjHeVS66ykpgjKrTWOmltxcB71wmdQ0NH3t-1TWl5a7_Ji8lCVKUKxd3G7yhDQAm4kGWw0xx5ZN2QL2Jxp_wSAzUQ-OnoOC783ZaP5SG5PgDZ8tsvuqMPtChMuqutDFRjc7aRUPd72SltNetxlmRPP27xtc7vi-AX8zAI2ZNS68tNaGwfyC_ZyOc1w7sWhfhHg5tOpl8Dm9ycIapBOAtOhOyhq-Co67e3Xo8B3xLcXIhvW0MY-hrNbGUcMrASKtjfVT8eLjQ5hEhrJJskKH2J-v2ZzTM1lDjQD5tTqB2UFrOjwfDEx64v42Ik5SJgjBsGGfiUiCwvPW7Ou8fZfp6jdKSesQNP2TZEK5zc9TXpNtpGB2cC7lx0RJYGxAaXMS6764nv6c7jjNseXX6FXhrJQsow0JeGThY4_zzNsv60aO7QgAFIEaMQ7oeA_2YEjqJl4ARdi4ZO6EoSSr29xd0NWEC6ISZucIMD6W-IauS0pZi3ZS1MwMCyhjIta0Vz4bY0dB3P2U%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 06:00:11 GMT
content-encoding
UTF-8
access-control-request-method
GET
origin
*
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
4767
x-cache
Hit from cloudfront
content-length
2946
server
CloudFront
x-lae-region
eu-central-1
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=7200
x-amz-cf-id
1nhSLde4hEelfcBpMbUjMnvev6Qa_3uReVTM-4rO1U2TKkl5u5sJ7A==
access-control-request-headers
*
b04ab6eb-7065-4f8c-a7f4-7b3983e4540d.jpg
delivered-by-madington.com/mess/client-content/uploads/jpnXObtQBiZ1NiSSK68J/media/ Frame 8629 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivered-by-madington.com/mess/client-content/uploads/jpnXObtQBiZ1NiSSK68J/media/b04ab6eb-7065-4f8c-a7f4-7b3983e4540d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-13.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a01d727b698c59261a7ac1a415c4773ecff2574f79144a5662fd9d1ff0c4d80a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://delivered-by-madington.com/dynamic/mess/creative/power/mt/gen1/v5/ad.html?messId=fD0FOGBOPFObsPt3Z9Z0&lang=no&size=300x250&clickTag=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTIH7BwJNY56zHcrA7gPqnZLIDbb23sVsvbuFhaoO7Y78wgMQASDY6rYgYMOEgICYGKAB3cLr_wLIAQmpAkrH2hoSI3k-qAMBqgSHAk_QqnT75hNWw32wje_KVvkBu06HCTJd3_gtdxKhbmhOZDhx3nhZVBTQeE8pdq-yxLL2ioFOP6zT1bMzh1TjHV6zHLAOaTakS0h2UJuXYaKPl9MfcGTAaLN5gIIOWfpBeiGPhj5vBdkAH-XdkhtrbZV0olEaudvfFwDDszvrwl4iBsenI-72w-z3YnYlknZOixYq1MWthw6KHL7V4zVelxFGlGgNjwA7Tqh7sVEm_ePR3IC-eSGnX-AHzscJMzX7nKMzjR1bRKuczEvCGfEma42OyJcKoUuNAg-txNF6H1ParPdCTpEL1DuXfY3bW7khlOyG_8PA_ZmgQ1pwxa6uzf-4leBfv-opwATf6oLvyQPgBAOQBgGgBk2AB4u9lIABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiIYRABGB0yA4qCAToCgEDyCBthZHgtc3Vic3luLTU1MzU1MjE3NzY4ODY3MjmACgOYCwHICwGADAGwE8T6yRDIE9jFgt0D0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9Pe5CldWCjDbsT47DJdARrNa1FPxnlwEexEbr7vFGve8i4_A9CnAJW7teJ8vmEDOLsAHWASg-Qqz0GAEgDg%26sig%3DAOD64_2XSJwAX_q58DYVUA-pum2iWDf4HA%26client%3Dca-pub-6897902191714833%26dbm_c%3DAKAmf-CK5f-LzEnzcdeBI49-HJgXLb4IrJnqQmYPHHL541ql1kYGfcrxnSZy7XrpUB89qFen7s2TIeQfVqswc4UArUVWfSTxr7wNa6To6yMQreZ4kN8Kj75gpG4QfJecvbhbSh31gKdB0GlXH3oHUiIr6Gh2KkuOx6D4IvPanrOtD3V5sdR8aCY%26cry%3D1%26dbm_d%3DAKAmf-AwEP0GMDg5jTfg2_xEp5zYaHW_reMdbUuUtrLD4oGQTjHeVS66ykpgjKrTWOmltxcB71wmdQ0NH3t-1TWl5a7_Ji8lCVKUKxd3G7yhDQAm4kGWw0xx5ZN2QL2Jxp_wSAzUQ-OnoOC783ZaP5SG5PgDZ8tsvuqMPtChMuqutDFRjc7aRUPd72SltNetxlmRPP27xtc7vi-AX8zAI2ZNS68tNaGwfyC_ZyOc1w7sWhfhHg5tOpl8Dm9ycIapBOAtOhOyhq-Co67e3Xo8B3xLcXIhvW0MY-hrNbGUcMrASKtjfVT8eLjQ5hEhrJJskKH2J-v2ZzTM1lDjQD5tTqB2UFrOjwfDEx64v42Ik5SJgjBsGGfiUiCwvPW7Ou8fZfp6jdKSesQNP2TZEK5zc9TXpNtpGB2cC7lx0RJYGxAaXMS6764nv6c7jjNseXX6FXhrJQsow0JeGThY4_zzNsv60aO7QgAFIEaMQ7oeA_2YEjqJl4ARdi4ZO6EoSSr29xd0NWEC6ISZucIMD6W-IauS0pZi3ZS1MwMCyhjIta0Vz4bY0dB3P2U%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 04:00:02 GMT
x-amz-version-id
uYBzGr94KskIppK5FC4xxF.7Jb7ei4v6
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
last-modified
Mon, 12 Sep 2022 09:34:58 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
1221576
etag
"a8a9f7714a314eb22b81f780239610a7"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
93693
x-amz-cf-id
sMcbporwqWr-tRsGP19vmdgyInYln5y0ocSAsjR2KX5Pi5AaPx67Og==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E530 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
4415
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Oct 2022 06:06:04 GMT
expires
Tue, 17 Oct 2023 06:06:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F75B 		783 B
1000 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f4.1e100.net
Software
GSE /
Resource Hash
65c2ecf2a0209c53818856c65da599892e23a6bf2d3cc7040fbc5f44eb2bcdde
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nF4sp12lSYQMjq3t0p94Ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-nF4sp12lSYQMjq3t0p94Ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 17 Oct 2022 07:19:39 GMT
expires
Mon, 17 Oct 2022 07:19:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VRDHJCSX1H&gtm=2oeaa0&_p=170619640&cid=1146920510.1665991174&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1665991173&sct=1&seg=0&dl=https%3A%2F%2Fwegotthiscovered.com%2F&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&en=Allowed&_ee=1&ep.event_category=Ad%20Block&ep.non_interaction=true&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRDHJCSX1H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 3D7D 		465 B
582 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=wegotthiscovered.com&sn=ChromeSyncframe&so=0&topUrl=wegotthiscovered.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wegotthiscovered.com&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bd9127d95f5e7f7da3624ec9e28e1b14e750e0a3baae29ae3d160e324356e318
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wegotthiscovered.com&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:38 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2326086
expires
0
usync.html
eus.rubiconproject.com/ Frame 52C6 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr_consent=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Oct 2022 07:19:39 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame E3F8 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=151674
content-encoding
gzip
content-length
13946
content-type
text/html
date
Mon, 17 Oct 2022 07:19:39 GMT
expires
Wed, 19 Oct 2022 01:27:33 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 6645 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 17 Oct 2022 07:19:39 GMT
iframe
sync.teads.tv/ Frame 3781 		153 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
153
content-type
text/html; charset=UTF-8
date
Mon, 17 Oct 2022 07:19:39 GMT
expires
Mon, 17 Oct 2022 07:19:39 GMT
pragma
no-cache
server
akka-http/10.2.9
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 0803 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
14176514
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
506
Content-Type
text/html
Date
Mon, 17 Oct 2022 07:19:39 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
Server
nginx/1.13.10
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
445, 17973
X-Served-By
cache-lga13623-LGA, cache-bma1658-BMA
X-Timer
S1665991179.159964,VS0,VE0
usync.js
eus.rubiconproject.com/ Frame 52C6 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr_consent=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:19:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27527
Connection
keep-alive
Content-Length
9421
Expires
Mon, 17 Oct 2022 14:58:26 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E3F8 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12177264&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:38 GMT
content-length
0
async_usersync
secure.adnxs.com/ Frame 0803 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:39 GMT
AN-X-Request-Uuid
7fc66cdf-d841-425f-8948-ca42416bd16d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.255.148.172; 178.255.148.172; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F75B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221012&jk=3271238232573634&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
pagead2.googlesyndication.com/bg/ Frame E530 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 20:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16062
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 16 Oct 2023 20:42:56 GMT
generate_204
tpc.googlesyndication.com/ Frame E530 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?W-opFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:19:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
dt
dt.adsafeprotected.com/ Frame 8F4F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1187894&asId=1f4abc1e-fad9-55bc-6ec7-e8018ce40ae1&tv=%7Bc:rhCAaR,pingTime:1,time:2847,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D,%7Bpiv:100,vs:i,r:,t:1846%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1846,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1840~0,0~100%5D,as:%5B1840~728.90%5D%7D%7D,%7Bsl:i,t:1846,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:212,fm:tkvfcd4+11%7C12%7C13%7C14%7C15111%7C15112%7C15113%7C15114%7C15115%7C15116%7C15117%7C15118%7C15119%7C1511a%7C1512%7C1513%7C1514%7C1515%7C1516%7C1517%7C1518%7C1519%7C16%7C17%7C181%7C1821%7C183%7C184%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e*.1187894-65962642%7C1e1,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:24,sis:238%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.118.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-118-155.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:39 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 8F4F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1187894&asId=1f4abc1e-fad9-55bc-6ec7-e8018ce40ae1&tv=%7Bc:rhCAaS,pingTime:1,time:2848,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D,%7Bpiv:100,vs:i,r:,t:1846%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1846,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1840~0,0~100%5D,as:%5B1840~728.90%5D%7D%7D,%7Bsl:i,t:1846,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:212,fm:tkvfcd4+11%7C12%7C13%7C14%7C15111%7C15112%7C15113%7C15114%7C15115%7C15116%7C15117%7C15118%7C15119%7C1511a%7C1512%7C1513%7C1514%7C1515%7C1516%7C1517%7C1518%7C1519%7C16%7C17%7C181%7C1821%7C183%7C184%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e*.1187894-65962642%7C1e1,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:24,sis:238%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.118.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-118-155.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:39 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221012&jk=3271238232573634&bg=!e3ileDzNAAYeOJy_Pjg7ACkAdvg8WqAIIP8Jn_N4pdTV5HwaEvX78TJHlQQYFsvTxmRnD9dmlc0jjwIAAAB5UgAAAANoAQeZApkPTR7BVSMGumVzh32MPNuSiaHkGvynilQ1aqn-SODtckYYKKC4UFKUhmheCbydQQ-Neh3mjNvkK1Qk3uWgYPjv-5wTuQpU8-brWj78Gnht5YmnGK7FzJZdv3dJXouF6MVS7dD82s2x-1oAyI4NLYftQmyvszNCbcrH3rHm4aZyhyb4q_sJAhsdycTggcQsRmRh2ofplRw-5gtzdHlXISnEU0Z_ZLd0uQxpM9r-yhOmGbj96iKor_ZruzqRcM2pKasjdCtUIkq-EZ4Kt2-aqDYhqo7mrUTXzDOaq1W8orjTxn7uRDbEmbJLoaGK27DCimy6Cdx5DennHfhsMJdVVvpBk2neoSgjZwj18n8MPiEjueqXzZ4XG0p1hBkhmRALDJOE7tM4Snlf-ZWeNcoP7QW2D2DHDEFu_OXETWhhQGeTwbTX1AqAH6n_RokwEgTrN85HRigL2pRvTCEZkTArVV5tRwTmyr7cVQqLaQTIYppaDAoBvKEjJu7vv5SgH2A8BPnuyQtKal7GjFaaNMCtu96CAgd97ZVe5hR70vX66NSbjj_MuSBJaGe7hj0d5rSyKUBEldno_4czk-GcNsc8iHvM2qDH_YgPbnW4xkCVMXpzgKs96FHx1FDbU8lxlKOEL8IE7MGkTM6ShzsmZk_i5XnxUdu4jWl7d2XvrFBNJMxbRhlEn8PiGcwoOO2a4XxDqpaZW1vHi342GfVRvHc_ZOWl7RsToh-VOesCk20FCfwXRB1-qQTAh3OMpMGalVmiqOGXM0GPt_DFv8cVVqR4lAfUlO_jFrN-rCsvWA9SgLWikJekDvUDVOvima55J6fsupdiEUBgB5U04WVss62zivO_EcmLcqNtGUqTRAclKiXIjKuY8O9lW_U3xw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame DC71 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
14176515
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
506
Content-Type
text/html
Date
Mon, 17 Oct 2022 07:19:40 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
Server
nginx/1.13.10
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
445, 17974
X-Served-By
cache-lga13623-LGA, cache-bma1658-BMA
X-Timer
S1665991181.545098,VS0,VE0
check.html
biddr.brealtime.com/ Frame 9B37 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Age
5443
CF-Cache-Status
HIT
CF-RAY
75b7446efcbb1c06-OSL
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 17 Oct 2022 07:19:40 GMT
Expires
Mon, 17 Oct 2022 08:19:40 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
WeqF89pYIGWpFNs426rAd5J4pPA0pX7StLc3dP4FJwbYenlb1hONdEOob5jWo4xU9l+FdgGxHIU=
x-amz-request-id
H6ZYF8B5P5AMX1X7
pd
u.openx.net/w/1.0/ Frame B0EE 		666 B
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
71c0227f48a798f311008a65403bd73ce029c29cce714f97c5c8fe5b4eee8370

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
419
content-type
text/html
date
Mon, 17 Oct 2022 07:19:40 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
v2
de.tynt.com/deb/ Frame CBD3 		75 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aARC5I0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
max-age=86400
content-length
75
content-type
text/html
date
Mon, 17 Oct 2022 07:19:40 GMT
expires
Tue, 18 Oct 2022 07:19:41 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
v2
de.tynt.com/deb/ Frame C6B9 		75 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
max-age=86400
content-length
75
content-type
text/html
date
Mon, 17 Oct 2022 07:19:40 GMT
expires
Tue, 18 Oct 2022 07:19:41 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
sd
eu-u.openx.net/w/1.0/ Frame B0EE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=15ef634d-0208-4900-81d7-51cff97ccef3
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=15ef634d-0208-4900-81d7-51cff97ccef3
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 17 Oct 2022 07:19:40 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=15ef634d-0208-4900-81d7-51cff97ccef3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 17 Oct 2022 07:19:39 GMT
sd
us-u.openx.net/w/1.0/ Frame B0EE
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=3Cn_Bdoo-1fHf_xS0y_mANsprgfHe_JYjiksQvck
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=3Cn_Bdoo-1fHf_xS0y_mANsprgfHe_JYjiksQvck
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=3Cn_Bdoo-1fHf_xS0y_mANsprgfHe_JYjiksQvck
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame B0EE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2649579307043192526
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2649579307043192526
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2649579307043192526
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame B0EE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=2e3b6b0c-81c6-7100-e914-37ead1bf7455&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Oct 2022 07:19:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B0EE 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDI1NGI4YzYtNDhiMS0yZmE0LWZjZjQtNmQ1MzFiNWRiYTM1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B0EE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECSzFZo75hbxC6aQFdIpNTA&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECSzFZo75hbxC6aQFdIpNTA&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Oct 2022 07:19:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECSzFZo75hbxC6aQFdIpNTA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
secure.adnxs.com/ Frame DC71 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Oct 2022 07:19:40 GMT
AN-X-Request-Uuid
7826f46d-cb00-4270-b54d-a9826a7ee75a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.255.148.172; 178.255.148.172; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
i.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 17 Oct 2022 07:19:41 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
postback
s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/ Frame 2978 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.72.0/697322/AZPnnyMGEeY6jt_3/postback?ci=697322&dt=6973221530105335325000&c5=&_page=https%3A%2F%2Fwegotthiscovered.com%2F&r1=178.255.148.172&pp=wegotthiscovered.com&pc=108034&di=wegotthiscovered.com&gt=NO&c1=chrome&c2=desktop&si=29569&sid=AZPnnyMGEeY6jt_3&oz_sc=af68997ad0670b45c40479d7&oz_df=1665991181745&oz_l=106&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.72.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Oct 2022 07:19:41 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
v2
de.tynt.com/deb/ Frame 1918 		75 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
max-age=86400
content-length
75
content-type
text/html
date
Mon, 17 Oct 2022 07:19:41 GMT
expires
Tue, 18 Oct 2022 07:19:42 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
v2
de.tynt.com/deb/ Frame 7796 		75 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aq47yi0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
max-age=86400
content-length
75
content-type
text/html
date
Mon, 17 Oct 2022 07:19:41 GMT
expires
Tue, 18 Oct 2022 07:19:42 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
v2
de.tynt.com/deb/ Frame 0DAC 		75 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
max-age=86400
content-length
75
content-type
text/html
date
Mon, 17 Oct 2022 07:19:42 GMT
expires
Tue, 18 Oct 2022 07:19:42 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Verdicts & Comments Add Verdict or Comment

362 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| ANDROID string| BLACKBERRY string| IPAD string| IPHONE string| IPOD string| MOBILE string| NOKIA string| SYMBIAN string| WINDOWS_PHONE string| WINDOWS string| MAC string| LINUX string| OTHER object| MOBILE_ARRAY object| DESKTOP_ARRAY function| getDeviceType function| isDesktopDevice function| is_mobile string| gtm4wp_datalayer_name object| dataLayer undefined| $ function| jQuery object| wpp_params object| WordPressPopularPosts object| dataLayer_content object| special_ops object| propertag function| gtag object| GlobalSnowplowNamespace function| snowplow object| _sf_async_config object| _comscore object| _atrk_opts function| fbq function| _fbq function| admiral object| googletag function| __tcfapi function| __uspapi boolean| haveWeGotAds object| WGTCADS number| postBottom object| $sidebar object| $topStickySideAnchor object| $topStickySideContainer object| $topStickySideUnits object| $stickySideAnchor object| $stickySideContainer object| $stickySideUnits function| addStickySidebar boolean| _add_1 boolean| _end_1 boolean| _finish_1 function| EvEmitter function| imagesLoaded object| infiniteScroll function| getArticle function| getArticlePage function| wgtcLoadGallery object| Cookies object| hurrytimer_ajax_object function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _classCallCheck function| _defineProperties function| _createClass function| HurrytimerAction function| _typeof function| HurrytimerCampaign number| square_loaded number| top_loaded number| fullscreen number| delay string| hash boolean| gallery_square_ad_ready boolean| gallery_banner_ad_ready boolean| hover_loaded function| load_gallery_square_ad function| load_gallery_banner_ad function| unload_gallery_ads function| popup undefined| newsletterCookieValue string| string object| myPopup object| Modernizr string| ggv2id function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| FB object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ggeac object| google_js_reporting_queue object| __cfBeacon number| topLimit object| carouselSlider object| __VM number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| clarity object| COMSCORE function| udm_ object| AMP object| properSpecialOps boolean| payload_loaded function| atrk boolean| _atrk_fired object| webVitals object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| _qevents function| proper_log function| proper_debug_console function| proper_debug_overlay function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properSpaNewSection function| properSpaNewPageView function| properSpaNewPageReset function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant function| runATS function| publisherAudiencesOptOut function| refreshAuctionAndSlotsByName object| TraceKit function| UAParser object| properStorage string| PBJS_USER_ID_OPTOUT_NAME object| device string| PUB_COMMON string| EXP_SUFFIX string| COOKIE string| LOCAL_STORAGE string| MODULE_NAME number| GVLID object| amazon_crid_map string| SYNC_ENDPOINT string| NON_MEASURABLE number| accountId number| alias_accountId string| proper_ad_page_uuid object| apstag object| link1 object| link2 function| proper_50a6db8c_14e42236_1 function| proper_edb0c162_05522647_2 function| proper_9fcc9409_6a1a9710_3 number| proper_rps string| proper_ad_session_uuid object| propervideotag function| onYouTubeIframeAPIReady object| gaGlobal string| x string| placementId object| Criteo object| userId object| _cbm object| ats object| __buffer function| 4dm1r11545242527 object| gaplugins object| gaData boolean| apstagLOADED object| lotame_sync_16576 object| google_optimize function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| lotameIsCompatible function| sync16576_c function| sync16576_d undefined| sync16576_e undefined| sync16576_f undefined| sync16576_g function| sync16576_h object| sync16576_j function| sync16576_k function| sync16576_l object| sync16576_ object| sync16576_la function| sync16576_a function| sync16576_b function| sync16576_i function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_aa function| sync16576_q function| sync16576_r function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_ba function| sync16576_ca function| sync16576_v function| sync16576_da function| sync16576_w function| sync16576_x function| sync16576_y function| sync16576_ea function| sync16576_z function| sync16576_A function| sync16576_B function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_fa function| sync16576_J function| sync16576_K function| sync16576_ga function| sync16576_ha function| sync16576_L function| sync16576_M function| sync16576_ia function| sync16576_ja function| sync16576_ka function| sync16576_N function| sync16576_O function| sync16576_P function| sync16576_Q function| sync16576_R function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Z function| sync16576_Y function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_4 function| sync16576_5 function| sync16576_ma function| sync16576_3 function| sync16576_7 function| sync16576_6 function| sync16576_na function| sync16576_8 function| sync16576_oa function| sync16576_9 function| sync16576_pa function| sync16576_$ function| sync16576_qa object| PublisherCommonId object| ProperMediaVideo function| propervideo_log function| propervideo_display function| google_sa_impl object| googleToken object| googleIMState function| setImmediate function| clearImmediate object| ID5 object| ns_p boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement object| PrimisApiConfig function| constructsekindoParent916 boolean| sekindoFlowingPlayerOn object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| closure_lm_669720 object| GoogleGcLKhOms object| ebData

113 Cookies

Domain/Path Name / Value
wegotthiscovered.com/ Name: newsletter-popup
Value: 2
wegotthiscovered.com/ Name: _sp_ses.1618
Value: *
wegotthiscovered.com/ Name: _sp_id.1618
Value: 73d0912f-5ef7-4965-869f-2678f7b4d602.1665991173.1.1665991173.1665991173.622bec45-b0ac-4af1-80f0-f03c6bf5a685
.wegotthiscovered.com/ Name: _cb
Value: CTwAafkkPs_LbPWB
.wegotthiscovered.com/ Name: _chartbeat2
Value: .1665991173296.1665991173296.1.DBGKG8BXoZXVDI0AjTS2_5U3ai52.1
.wegotthiscovered.com/ Name: _cb_svref
Value: null
.wegotthiscovered.com/ Name: _sp_cookie
Value: 8ab781f1-0171-4c90-b970-a065afb9515f
.wegotthiscovered.com/ Name: __asc
Value: e6d5b0bb183e4cfe60049ba2743
.wegotthiscovered.com/ Name: __auc
Value: e6d5b0bb183e4cfe60049ba2743
wegotthiscovered.com/ Name: _lr_retry_request
Value: true
wegotthiscovered.com/ Name: _lr_env_src_ats
Value: false
.wegotthiscovered.com/ Name: _ga_VRDHJCSX1H
Value: GS1.1.1665991173.1.0.1665991173.60.0.0
.wegotthiscovered.com/ Name: _fbp
Value: fb.1.1665991173901.1854948234
.wegotthiscovered.com/ Name: usprivacy
Value: 1---
.wegotthiscovered.com/ Name: _ga
Value: GA1.2.1146920510.1665991174
.wegotthiscovered.com/ Name: _gid
Value: GA1.2.230528678.1665991174
.wegotthiscovered.com/ Name: _gat_gtag_UA_17178859_1
Value: 1
wegotthiscovered.com/ Name: _lr_geo_location
Value: NO
.adnxs.com/ Name: icu
Value: ChgIt-19EAoYASABKAEwhoS0mgY4AUABSAEQhoS0mgYYAA..
.adnxs.com/ Name: uuid2
Value: 6707861486997632952
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: N7qTz27lIIlLG_zZXP6CZwmkkC4MTJvk7u2xemEgrmpLQ1FKcu1ruciEJSLdQaD01Yj65kecGrbE_IiEDIAwfafgaRS_I8cmlOL2S4NuRJrnta1uei_n6g
.spotxchange.com/ Name: audience
Value: 0cd0eb1c-4dec-11ed-a8d0-1dbc55590006
www.clarity.ms/ Name: CLID
Value: 74c1f6d0493845bc8221fcc5adf064eb.20221017.20231017
.gumgum.com/ Name: vst
Value: e_5f02736b-84f1-4d1a-98e5-26b5034ea202
.go.sonobi.com/ Name: __uis
Value: c26433ef-716e-48f4-bf9a-dab7dceb843d
.go.sonobi.com/ Name: _usd_wegotthiscovered.com
Value: bafa01f6-01b0-46c8-947f-5295bb35265f
.go.sonobi.com/ Name: HAPLB8G
Value: s8633|Y00CC
.wegotthiscovered.com/ Name: _clck
Value: ee9ewf|1|f5s|0
.bidswitch.net/ Name: tuuid
Value: fd40c209-fe0b-47c3-874a-27d345d44587
.bidswitch.net/ Name: c
Value: 1665991174
.bidswitch.net/ Name: tuuid_lu
Value: 1665991174
.rubiconproject.com/ Name: khaos
Value: L9CG4P8O-3-HITT
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qotwGTydbgPpiB+/HrRb5FksqSS3mMAn6pUiVhf2cKS45NvbE+mFzQvPPtrTxEF+nBo2B05UvZjLwHEE8jtDwI50A+VO7RH1E0=
.proper.io/ Name: adaptmx
Value: 85771e22-245e-4bd9-a348-d2c57530031e
.proper.io/ Name: mediagrid
Value: fd40c209-fe0b-47c3-874a-27d345d44587
.quantserve.com/ Name: mc
Value: 634d0206-e7395-a13ef-a99d3
.wegotthiscovered.com/ Name: __qca
Value: P0-918389762-1665991174904
.amazon-adsystem.com/ Name: ad-id
Value: AzntcySjN0i_hA3HIZZu5zA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.wegotthiscovered.com/ Name: __gpi
Value: UID=00000b74607d81c3:T=1665991175:RT=1665991175:S=ALNI_MYAz9Sbly1NS0kJXM27u21UtndcaQ
.wegotthiscovered.com/ Name: _clsk
Value: 1pf8s3b|1665991175289|1|1|i.clarity.ms/collect
.proper.io/ Name: __cf_bm
Value: fS8W4hs5NzB8aE4MENSQDIY4V2B6ruJX4Sh3.q48bXE-1665991173-0-AVXS9bsk%2FhPnCgpt2w4%2F%2FSoq%2F%2BSoV7I48LllzjCS3Dma%2FmmVA8pCH1qdyCsQpvKLPv%2BDBqdyKgoaApx%2BGJe1hSuXAOaogOuw%2BHXjPe7sRoWM
.lijit.com/ Name: ljt_reader
Value: Ffq3tPZHgUrRqnBqQ1CbWjkK
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwVrIyNDMzNzIwMDc31VEyNbQwRxWxMEXlG6HpMDRA5tcCAL2VEL8%3D
.casalemedia.com/ Name: CMID
Value: Y00CB57oA85I5ypaqBa9wwAA
.casalemedia.com/ Name: CMPS
Value: 4378
.casalemedia.com/ Name: CMPRO
Value: 4378
.media.net/ Name: visitor-id
Value: 3089927759418831000V10
.yahoo.com/ Name: A3
Value: d=AQABBAcCTWMCEOfxJvJ35KJXeRg_6-s9hQ4FEgEBAQFTTmNWYwAAAAAA_eMAAA&S=AQAAAqfp3qEzHio9-Rxh0V0JFYc
.yieldmo.com/ Name: yieldmo_id
Value: gd82111b01bd0c5cc36e%7C1665991175561%7C0%7C
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zvEyGtoZmZqaWloaG5qbmwEAHdeKWgQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjYxMTQxNzQ3NRbiM9RN8jIKDQ429MtOyfMEAEkPEVglAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjYxMTQxNzQ3NRbiM9RN8jIKDQ429MtOyfMEAEkPEVglAAAA
.creativecdn.com/ Name: u
Value: Rxv13bX84CQbZMPwfucR
.creativecdn.com/ Name: ts
Value: 1665991175
.doubleclick.net/ Name: IDE
Value: AHWqTUkXhCXb8qpznhYPFH50G9r2zP2y5KVixoMn7qpLPTyohO2G9-Z-Nv_9uOaBTU8
.sitescout.com/ Name: ssi
Value: ba227bfe-5d39-4173-94e1-dd417e697074#1665991175809
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y00CBwAAALFipQAW
.smaato.net/ Name: SCM
Value: 75b303cd
.smaato.net/ Name: SCMaps
Value: 75b303cd
.turn.com/ Name: uid
Value: 3710936749595118862
.media.net/ Name: data-pri
Value: 634d020751aff~~34
.bidr.io/ Name: bito
Value: AAMkN07GmgQAACC9prZjfA
.bidr.io/ Name: bitoIsSecure
Value: ok
.360yield.com/ Name: tuuid
Value: 47e86614-5e44-428d-b6eb-6ec5b1af9d5d
.360yield.com/ Name: tuuid_lu
Value: 1665991175
.sitescout.com/ Name: _ssuma
Value: eyIyNCI6MTY2NTk5MTE3NTkxNCwiMzkiOjE2NjU5OTExNzU5MTQsIjciOjE2NjU5OTExNzU5MTR9
.ads.yieldmo.com/ Name: ptran
Value: 6707861486997632952
.wegotthiscovered.com/ Name: __gads
Value: ID=3363e59df3579081-2278478c48ce009c:T=1665991174:S=ALNI_Ma3MC3WuUjeypOUn00YL4rFiGJgGQ
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.wegotthiscovered.com/ Name: properSessionStorage
Value: eyJ1dWlkIjoiNzk4ZDlmZjQtNmQyMS00YjQxLWE0ZjktNDI0NWE5ZDU5OTllIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLjAwMDIyLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6e30sImF1Y3Rpb25fY291bnQiOjEsImxhc3RfdGhyZXNob2xkIjowfQ%3D%3D
.mfadsrvr.com/ Name: tuuid
Value: 16187c8e-675a-42ea-9ea1-b23851e32350
.mfadsrvr.com/ Name: c
Value: 1665991175
.lijit.com/ Name: _ljtrtb_85
Value: AAMkN07GmgQAACC9prZjfA
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.ads.stickyadstv.com/ Name: UID
Value: 14ee1d767274c6f439a51aab8aa60b2
.ipredictive.com/ Name: cu
Value: 60b6a5aa-9fb2-40f7-8e5d-9111aabb026b|1665991176046
.wegotthiscovered.com/ Name: _awl
Value: 2.1665991176.0.5-60524d3343d83cf880028f8e91a908a3-6763652d6575726f70652d7765737431-0
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ea6e3a2a-f144-495a-79cd-740a4e8c7dbe.gIo8nZPeljOhc3hY09OFZgr%2FzyNO8BCwk2%2FvecZcr%2FA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A6m46KvFESVp5zXQKTox9vrL_lKw.nck8%2BL1EUex90eDzdCXGrGurKY57oLpDZdxjE6s5Vf4
.outbrain.com/ Name: obuid
Value: 88f3b813-cfcd-42d6-aade-75c97ff87c01
.mfadsrvr.com/ Name: tuuid_lu
Value: 1665991176
.mfadsrvr.com/ Name: ssh
Value: !yieldmo,1665991176
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ccd1c137-dc45-44af-80f0-076d1511f213-003%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
.admanmedia.com/ Name: admtr
Value: 3ecec759-cbc4-45f2-b4a6-da9db333e415
.admanmedia.com/ Name: ac_r
Value: CS116
.ads.yieldmo.com/ Name: ptrstk
Value: 6m46KvFESVp5zXQKTox9vrL_lKw
.ads.yieldmo.com/ Name: ptrmf
Value: 16187c8e-675a-42ea-9ea1-b23851e32350
.smartadserver.com/ Name: pid
Value: 7257882633351935861
.tapad.com/ Name: TapAd_TS
Value: 1665991176297
.tapad.com/ Name: TapAd_DID
Value: d1a15615-82bf-4c20-846e-81c78a26d195
.contextweb.com/ Name: V
Value: gsCglYhOqayW
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1gpe|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ac56bcda6fdcb546
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.tremorhub.com/ Name: tvid
Value: 1eb9d68f136d40afa7b5d49f22e0e791
.mathtag.com/ Name: uuid
Value: 15ef634d-0208-4900-81d7-51cff97ccef3
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y4~27rj:198j~27rj"
.casalemedia.com/ Name: CMTS
Value: 5187
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&6dd5232b-071d-4e1a-8280-1fada77a2063"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjU5OTExNzY7MjswMjG6agDJNp2mgpALl4vBWH8ju7PQRo13lefqG628wIVJNA==
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2408:u=1:x=1:i=1665991176:t=1666077576:v=2:sig=AQGxD38QAx8Z6fHlnTaBCEccWdX8xxhF"
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%1o5HhX!@wnfH8K6pQK`!5=E<*L5?%K35c=c+4f79IhtNB?jFlCCmeOL6:'l?ig>KS]P(hw9P-HC_#ttx))t5mn
.openx.net/ Name: i
Value: fd975455-2841-4ef7-b3c2-ff02b59847a8|1665991176
.criteo.com/ Name: uid
Value: 0d0a9b48-f7ab-458f-bc47-3d0cf8253f4a
.wegotthiscovered.com/ Name: cto_bundle
Value: vbYUUF9xdHl5QkVSOUFYM2RjJTJGUnAlMkZiOUhXWjlyNElUZldUT2U2WElwMEZkNjI1NnBmMG5kRXUzZVh1a2tndTBZYVM0TVpTRklETGdwJTJGRnRvWnhnR20ycjlXblJnS21IVDJHbFpObVBnSUdXY3FBVW1oZ2NxUHp6dmxaRmNKdGZjSEg5ZiUyQlpVOHRYU3ElMkJjVkRsWiUyQmFyVUxwM1lYcW43JTJCMjhtdzd0S3YySyUyRkRzOEljJTNE
.c.bing.com/ Name: SRM_B
Value: 2F983B5D44E66CC7130E291D45B16DFE
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2F983B5D44E66CC7130E291D45B16DFE
.c.clarity.ms/ Name: ANONCHK
Value: 0
.ads.pubmatic.com/ Name: KCCH
Value: YES

3 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=72
Message:
Failed to load resource: the server responded with a status of 451 ()
worker error URL: blob:https://wegotthiscovered.com/7f579643-bf8c-480f-bcfe-c5c4b4aa92a7
Message:
Mixed Content: The page at 'blob:https://wegotthiscovered.com/7f579643-bf8c-480f-bcfe-c5c4b4aa92a7' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://wegotthiscovered.com/7f579643-bf8c-480f-bcfe-c5c4b4aa92a7
Message:
Mixed Content: The page at 'blob:https://wegotthiscovered.com/7f579643-bf8c-480f-bcfe-c5c4b4aa92a7' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
abcheck.proper.io
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.turn.com
ads.celtra.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adserver.adtech.advertising.com
adservice.google.com
adservice.google.no
adx.adform.net
ajax.googleapis.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
ats.rlcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
biddr.brealtime.com
bids.proper.io
bidswitch-eu.splicky.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c1.adform.net
c2shb.pubgw.yahoo.com
c4a363e9834ac7e65401ffb7e6636da8.safeframe.googlesyndication.com
cache-ssl.celtra.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
celtraidentity.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
cs.media.net
csync.loopme.me
d.adroll.com
de.tynt.com
delivered-by-madington.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb.proper.io
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
g2.gumgum.com
geo.privacymanager.io
global.proper.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hb.vntsm.com
hb.vntsm.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clarity.ms
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
live.primis.tech
mab.chartbeat.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mb9eo-7w62j.ads.tremorhub.com
mb9eo.publishers.tremorhub.com
onetag-sys.com
p.rfihub.com
p.skimresources.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
player.propervideo.io
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
propermedia-d.openx.net
px.ads.linkedin.com
r.casalemedia.com
r.skimresources.com
reachms.bfmio.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.analytics.google.com
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.skimresources.com
s.srvmath.com
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
spc.wegotthiscovered.com
ssbsync.smartadserver.com
ssc.33across.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
superficialeyes.com
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.teads.tv
sync.technoratimedia.com
t.skimresources.com
tag.1rx.io
tags.crwdcntrl.net
terrifictooth.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.celtra.com
track.streamedby.com
u.openx.net
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
usync.proper.io
video.primis.tech
web.hb.ad.cpe.dotomi.com
wegotthiscovered.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.no
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
yieldmo-match.dotomi.com
100.20.118.155
103.229.205.243
104.16.123.175
104.16.88.20
104.17.119.107
104.17.24.14
104.17.78.34
104.18.158.234
104.18.18.126
104.18.19.126
104.18.47.230
104.19.173.108
104.22.47.142
108.138.17.118
108.138.19.89
108.138.4.10
108.138.7.46
108.157.4.74
13.107.246.45
13.107.43.14
13.225.78.35
13.225.78.83
13.32.99.105
13.32.99.122
141.95.98.68
142.250.181.225
142.250.181.226
142.250.184.194
142.250.184.202
142.250.184.226
142.250.184.232
142.250.185.66
142.250.185.98
142.250.186.106
142.250.186.138
142.250.186.142
142.250.186.98
142.250.186.99
142.250.74.193
142.250.74.198
143.204.94.230
147.75.85.234
15.197.193.217
150.136.156.92
151.101.130.49
151.101.65.108
151.101.66.202
151.139.128.11
152.199.22.24
162.19.138.118
162.19.138.120
168.119.127.61
169.197.150.7
172.217.18.14
172.217.18.2
172.217.18.3
172.217.18.4
172.67.15.35
172.67.38.106
172.67.69.19
172.67.70.134
178.250.0.157
178.250.2.130
178.250.2.131
18.156.0.31
18.156.195.47
18.203.130.15
18.222.102.2
18.66.112.116
18.66.122.63
18.66.122.81
18.66.248.13
18.66.248.38
185.184.8.90
185.59.220.194
185.60.216.19
185.60.216.35
185.64.190.78
185.80.39.216
185.86.137.113
185.86.139.101
185.89.210.122
185.89.210.82
185.94.180.124
185.94.180.125
193.0.160.128
198.148.27.139
198.47.127.22
20.234.93.27
202.241.208.57
204.79.197.200
213.19.147.43
213.19.147.44
213.19.162.61
216.239.34.36
216.52.2.48
216.58.212.161
23.203.77.3
23.206.210.112
23.213.161.138
23.3.109.122
23.35.237.56
3.120.142.33
3.126.157.114
3.126.58.88
3.231.84.56
3.64.188.198
3.64.202.105
3.71.169.66
34.107.148.139
34.110.189.112
34.110.240.68
34.120.133.55
34.120.157.206
34.149.20.76
34.208.107.239
34.231.120.233
34.240.197.120
34.247.233.198
34.98.64.218
35.190.59.101
35.190.91.160
35.201.67.47
35.227.248.159
35.244.159.8
37.157.3.29
37.157.4.23
44.196.106.145
46.228.164.11
51.89.9.251
52.11.176.167
52.167.85.21
52.17.64.38
52.222.139.112
52.28.220.111
52.28.237.81
52.29.149.17
52.46.130.91
52.49.202.27
52.49.242.74
52.95.122.74
54.160.55.69
54.170.205.64
54.171.34.58
54.229.167.95
54.72.178.118
54.77.23.81
54.81.173.34
54.87.2.133
64.202.112.63
64.74.236.255
65.9.86.39
66.155.71.150
67.202.105.31
69.166.1.8
69.173.144.138
69.173.144.139
69.173.144.165
72.251.249.14
74.125.133.157
76.223.111.18
80.77.87.162
88.221.168.201
89.207.16.201
89.207.16.210
91.228.74.168
95.101.200.23
99.80.190.113
008e90273db880727fb65b4722d49f4fc0fde84c28f8317e8ba2a61047091838
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01e06e58ea6abd3e14ae73dfe90f4a02101ce5095069b34b5cd2f2e67a49d62a
0250bae94c192308b056716908e76fe160797b10dbfe697796ce894411cbeb5c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03e9dec725aab2d6419dcc153481fafd8b29a1dc57de9c17cc07c900c5240298
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
054a04406983d8a175156ba094ed8e14d48c53cc79a9092459517bb0c3bd8212
058d7c59d62bfd765b6e8b6de2612368118b326df45ae75b209f80dcc988fba2
05cd57d49bb6781b9467d3ed82f61ab929963df6a8eaec63b7f18851b8640460
0648162fd2c8f67ac7d834e04e60c312071e9d177059bed2d472018c4dd18c6b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07b5544225f2af1fa86acc92b50d3ff50887b594493d3ceaa5379b9cdc0a6881
0a53bc33c39273359690f66fe69169c7f21746854db5a1541fb76bd1313e2122
0a5f33873437de5eb40785cd7faf4033b60e342d024720ffb51309572f4fe372
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0aa87ccf3a1419b793e70ac232b54165a20b868b04b90d91a61184f9c6e25d1c
0b0536f3ab7c2d86d08672c1bff8619633b6d2517d8e71411ce374f40b376cce
0b3b300b17657e70b69a9e12d4f798e6cd85acb4d92e14335d2d653b58e8cba4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c59268e8085c994d261e889135e1f2c218d1543430fc5bf1fea9c2497a3dd85
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
0df8ad781bd81d499199eb98969eee75d738957c5d1b4a8d4c9812fd0a57a60f
0e9c1e427a5e80c2866377d7efcf372713fe8de95427f06e0fcfedfe1e3cd12a
0f57a9438d1f4756f4ae1fe5710b489389a2bd3315f544c25218f21682e514fa
10b9d688509666bd9712e877a397c9ea8354cf3725397f7d41cee8be1371829d
10e1d9583bec9aebae1231ed389de64660b8412c089e4f28a71baf310731992c
118b70aa187f2facb5a069ded5eb103f0317f41e53b3d3e3b52e902441cbf6e4
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12f857cdfa80556cb6a23cafe7df19e811b896bd98443bbe69d48186047575a7
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
19097fa904822558caf987e8aff8661d00f55af1e78c4512bcf62c7ff9ca8cb0
1aace6d8444e3be8f862828dbfc5c12226caae6b6251d08a461d681d25045b86
1abdc8291e51bfcc3085ca21f273ad2e1a68168e30b860ededd5d6ceca04112d
1ca7d45c26841657f394d905623d5e5c9c7f32aecc66d66ff8401388ffc43097
1d377d4655bac00143bed9eb5a77b6e42b51b4ef08c9beb9eff792f3bd2b9e4f
1dcc3a70a58173edb52c239f825660330766559209a6c1d7ac01082da2d3d9f1
1f403824565ad03f738fc442bd35d4ea60e66e55db9e0aaa8c97533a1a87b57a
1fb6c3341f686c442a6641a06c802d703d63cdd27622c766ca0042f85df67212
21c50e788fb6a49d63782c11d00acd80266e796e83778cd26d6d75f9cc0af674
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
230719c5fb60f6844265cba5397cb11118d52628c1675736fa191d57cfbb51a6
24559cb630d9fc7ad4c9c2ceb19663a2dacdc44af12c572d7f08a28e1e74218a
2541943eb1b759367d198f4b470134d85aadc1bf18a48da5e49de3c61b9a59ac
25c13860d3414f69bb7b576932bb34f8546abaf5c02003d5ad9e0436225d9541
25d2b6d716f6c8f6419a6125300c789b8d3e98790246821df596731db1d2ee61
25e3ac717642cb99a0785b006f493b8463e9e5f9bd9dce2add3a86cd9ef1ba1d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26f7acfaf45918eb3808eb0ed03474989ab933f5d26792f55254de5970df7cfc
2882d3646622afcd0d69bab5f09673279172f1c3b29e446cb92649b0a9ea5fcd
28930a94473be1f9279f53a47e850ed938db6da5692cc554b34713083d9b156e
29d0154b2d1b0ff73fc58de7dfc7836a6fc02cd6b329fcdb413873e15dc06cc1
2aed8ce4cd0453720b1275a7cb826a00d9871349b904e012994099c39592e9f1
2ce0caa1776a0c7700552a3ba11a90becba383d1a3351272b9df7c4cb74a8e07
2ce25e13cd9c8a7e7d706d11cbe8ae9f32e60e86c1ef64ce36e5bb78e8aa732a
2da2ffa6e2de6d8e2cdc2ef2051e0f3a26fb76d6400c0d988ba7a036a81957a2
2df932cc674cf63fdb4f532742299515c3df21c43edfde4805ca26688c494ff0
2e0091f801faab4a606b65dc6f0ed1329f2f6648dd6cf1a760d67b467e376e6f
2eff9682459cdf09edbdc26d40a2ebe4ebe9a89398676952d0b06c1630452789
2f3348a8ee1dbd57fad45698e5b6fb89c2fec31e8029bdaa35b835b2a79497f0
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
324229580a277a2f43dabaa9aee2042c1e8197bcf0a8e2fe6fc5aa077f0d14e8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
330aca3434953f81f77e04046b0ef17298e84ce808f0a051aaba8e956320a4a1
332573f8029d4540b76d7937365f4a6c79a153c4668dc250420237144bf0d1ad
33277ffb1c537988994e15918695f168d9b7ee59d5866f132731d3f5dfa35068
34ecb7ef623a42fc54de0a4507e36de0384f0de391b9de25a68f0903b89a6800
3617f59b95c68af5821319dc484e7de01b9c151942db516ce0e72b0113c79c2a
36888c04868ad973127198ca39debe974bd10d13871eeb44dd7931319d58c88b
37af83b7b3447b5e7b839c6406cbb743d9258ce5a11e65ad03381efd9cad1a71
38af84288c6a60c461f6cf4cbe518f766c05705602ffc9e31124902bdefb7a62
38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841
3a81bd2425e5725039db450e784f4fa7cb512dbed007c21547a084fa4141e303
3ae879f1c8ff87a4f27a1482174aea8a471f8bcf1d464175d50f4c571149a6f4
3cbfa45685b4ad91c14f3256742155082ef47dc59fb6838faff5329877c5ad9d
3d65ddec06825d1ebc7e354b4fe88540c3f4e3cbac0e652fd6234a19eefa6688
3ebf9870a51c84275abbecf380260c983fbbdbcff801b18cc6f112aeaafdf52f
3f326fd68ae8024a28ee8c1a343e7756a21c4a75a1c606d95a045d805874cb93
3fb1c16399a593cf16e7bc1fb38150f92dc9955b647491682e8abafe288ff0b0
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
402c6f58539c3a7ce25b7840fc56a2d3f1abf33c8c47522bcec5b7aa04adb2a9
403241b852418ca0a269ff09fc5591368857b0e6a0d53db60fdfe11d6f803b58
40c355087a7f93e2ee470fd36378c8b9f34843cbfc7e83ab834b6eee218f6330
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
431b5140c7a0b3e8424ae07fafec98128dd98361ea2d6855de13d2049ac28146
45281e337b45f62495d0fc72e21561e5952e1f2bdeea34dd433a1d1523282442
453b57830935e21f0f2cf183955c5cd69170129b3b7aef9e6caf1fc1676b703d
455a332b75d9d91f920cce6c87a8d05cb682f69a3aad04986bc9a8bf507fb994
45a8c2670b5333ea90954c5e64695f8f14d45f7050ba1c46a5a050bc332fecbf
45b5ee17b16a3d0e34c52bbaccee93001f0f4df87cee2a5a910a10ed21d3514e
45bb03d1c0234d1066d3fcfd2de8103b00fd71759a4ccb0a209081edb4dba4b6
4632a5bb144ed6611182211786fc7993b0528bb8f51fa36a1bdbb1da8510381d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a7db562fb13eee614f11a3cdae116fe7c3e0006dd13a0142da5173bb107901
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c5b55ff805d5e4c854c5ab9a9bfe23335fa48df78b79e45334d792507d674d2
4d4df0308d725f61662a563021da50bc21873865d0173500bd024009caba0694
4da6efd8007746ad3ba8ffb0dcfbdd3ee3f972117a4a99abdf1c418126704b1d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef1496ada1a9e18163b11ca047dd9c4ab447472b4245850331fc3340650eafd
4f8ed94a0b463bdc87d04627e3226f675836f6a80ceedaf94b279693684393e4
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
507c27740d49f6b21e854adb09f4f2b4e482ce1e2d043e3d71d25a652543465d
509d215626c5e7b12302dc36b9f381defd270fb58818257b050c827bc7da37f3
50ae53daeae089ba7965b0f90aa6b4cf96481b1059c9b2d17f7bbe0f83692472
51086502acd4fdc403eeedbd3737637f9ced4fb948d0d6d5e5eb4a77c49c5d6b
51308cfc2cee270e6819ae124d2eb4eec815637c9ac20f0b4a44b20ff0c41689
544655deb2ee0c64031ce29769c557f467a81dc635a70f19f348869a224fd8a3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
554ac4187cd25e38d24ec4368d204b0a09356998613445af097e374520865e9f
555c5831361c4820ac95074518dd826bfe3d8656b4999a31ac5e8e0afbe4ff3d
557fbd54d2f7dad640163c328d5f8812b2cdd3fcf5b0e0240bbfa8daf4d86396
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ad7370d435f848f76a3fecc3ca8e9c822978255b28dc3e0724787579ab7ae2
56b3b5056e215c527846e60d3c1244f74b9ad5435f41bda47d354e027f29df49
57ba6e1bdb4acee34e54dc147acabd1d0573218dbe12fc0fdf9148d45eacbbed
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
58cde63104e1a4f81ec9e8366bba27a717bf03d7201795a8430af0942fd9cac2
5924f525fe9bbf754240e3d9fc7ee3dc7e4d2973e981edc7c19c976d228fb38e
593fc58f2450af33765b141b31dbd1ad98e24f9482dfdad2a0ac2181988c11ff
59b57b97a3fd9cfeada886b188cc3a7a93877e1f801dde55ed93e25138e6d870
59ceddc895e647ebb72da6bc39d772438f78c09352a36220436d6276ab608bb7
5a72b52b794a68531921569f3a375efdec00fc6268489f7d3f9a774dcce73429
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5d1705c7320deef14d27fb8787a05bee8aa18d56f3ee76623660d2e0aae3245b
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5e20a6b4029146676ea4405b3f92a2e033cbe3aac6f7ba0b5d3a54256bc252b1
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5e9e8ae4b52da14c2647bcd0d9697ccb862c5e8cf6f617bbecb1153beb33e950
5ff260fd162a9f0e75c20af800fae143c081f3c0e5a25c461fea3efa5c3aece5
6016274a403f6bdabe82cad8d6e58ba42417b104f61a317e883127ca89a6767a
6050db252282cef68bc73a4c638ba4faa5cc660ed118d5d9d63313e73990c5f1
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c77b92768b078cd57f475c17b015f28a52a040a1a503ab50611e1cb1ec2478
65c2ecf2a0209c53818856c65da599892e23a6bf2d3cc7040fbc5f44eb2bcdde
66a2ddb76f1fc75bcd261e77b00d8007564c1740855edc939a226afe2a9d1c61
66eec5ff1f5907c3bfb3d9fc41b7a9dba1cb34f81ee6cd1dc5f07da29ba5e977
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
6a2e81445d96198a101d10b8e84f27f0d5e393efe23ef8c18514a6369ff5f0d1
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
6b48f22bba68355b3e14e2b1b5815459852ff24e2865405bf6d25404bfcb2995
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c02fccef5dabd5a437aca1de220214645fb8f8a247dbd7802b85e7b909e2b59
6c6d8ab696235723aaed176d626b651ac15eed08b0573f67af08ebd8567f78e6
6d6cd1bc5c5f6f74a45d532bd75e3fa3ba2bf68de66d8f7d3e4b55a3e5f00576
6e9fafd10b9c075cbd480ddbc7e48b43c24fb0d857277a5af1e967fefdca1c8f
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
712136b0e2652dff75d2c0ed3eb2f4e316de8e58a1c26dfb66c23309ce8b50bf
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732
71c0227f48a798f311008a65403bd73ce029c29cce714f97c5c8fe5b4eee8370
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
733fabf50fb55cbe99e96c43cbfc47814539799a07dc71db58c81572bbec2d37
73ce6113dc6c63d07409b2fe76cba0e2c72cbc361f909c4bae223b7258af5ec0
75b8ede7b4966f6085a73ee7cdf54a83c9898d3f8609eff4dd7ff0626a7de56a
7952a34f886e3cef6c4522009e3abebb3b7f8254955848f6ef064a915fa9ed23
7993f6e0cfa068d4670f4abaa1b2c974694337fe1cabfc365bf64c7af739746d
79e62d29fefb53795ce1a8d02e8cfb8d181991a72fedb60974f451680d1bc03a
7b74e863426ec6d947289cf82bef2c667ed3fa7ed1ae3f37e0541be87fcdccda
7c57c4d05d08dad65bc6935b48f240ba3b7a31897805b4def998917a8dcb6ad7
7c5a777ae5f019ccfc137e41a5ba673f03c52e28538ff33ecd31be1e8741709e
7c64a2e50e17df0de764f7d3ed69a5852bcc5c2bc6367f5e4854a1c10a850ea4
7d409d40452e89d9d370724999a883b2c61e2a38756d16399f5a42b17ffebe74
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81b683dd9d42cd417d7d9b29ab60b1d30c8f3b6d0cd6dde6587725805559a7d2
8274a9541622155d88e2a8d5e021724e2bb36cf5d78db3cbc856b068c07e8626
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846aeb819b7aea3f2f12d38321a6c7cf185a9ac4153fbb5014cd4776621239e7
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
85630d06eeee4dd3b42a5acb3b36d88c074c1f730826560a9b262c8694f046d2
8630fd5423bf681eeda0f8debba996c0bb23808b67e028c0c9733b2ee0a66545
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
892fca9247bb47d68b34153f59af473c71e1e16d05d61a94f212432387820867
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cd295e68be50a02352f50a968b8d76e6ce5b2754171c6e1ae231e34d6e6e023
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9003eb7e3040cdb9591230348da3f8342778da4f6ba8b2ce9deafa8970caba4a
911716587002e7918a9bbc3307d19b3d5aea3e3ba505556ae53efb865ac5eb02
912ef6b184dac47e0d58acb8dfa85d752772c7a17a2f20edfbed9ee60f1bfef8
919f42903bb424c247b4a225f4b16b3df0cbff5bae6db237289eea58821271e3
926846273f4dd0ea2ec93638b1470b8c708695bd34cb7a09f1b0bd34e5b2df2d
938986e52476bcf4aaee36477f436632149e842ad418d656afbe6d5d50b9a48d
94c01a67940bac40021f6878c0bed15e78395266e57c4bccbe637285f1469508
94d7ec1ea563f6e407c32352b0a74f09bb645a4c4a4805951c3a168e57fbb554
954e385ecd6ed2ab0cb91dc0333ea1b3cf1bdcfe309d4857e7181324cb8dc25b
959d7910198a24212e9e346cd4e5d727064e962efa82bef4a0d4194a0fd91fa6
95c39c3cfa3b86b13a2758d6001727a9f6198240b95c703c854184ab8c49ca52
96f131db63a90ae82dd1bab101e28d3c98e7aa9bf80cd472ca81d471343fd87e
99168b29ca0e1449918a1b50f7394365cb38dfa622b55fe2e5f993bbecb3db0b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f328dec29fc7e02ffaf82674bcdf7570cf55780b064ee59561e42d793aa2f1
9a81f6a513f2d091d2e41d942bd51cf0eb2059fe2c7217702972b985b4f0a1b9
9af9508d25e68d849a04b63411eb788a15aabd08a9eb90660288f6a5cd13cb2f
9b65f9e6f8490065868d7799db46fdd7db35c4b9916bdbab632e801682e40bb1
9c3e558715da41b6c370c4135fc060f94b54168c714d276ebcc962501a1c1d35
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9cab7a2588ee09da94299ab1b8c38adacec9e8622e21c01c98e134d7910fa0b8
9efce1167bfa7986ff49c16eeeaeece62a3e9f705829e97885a1f53e8e6a3707
a01d727b698c59261a7ac1a415c4773ecff2574f79144a5662fd9d1ff0c4d80a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a40de02ac15a36a562d8b5364b884154d047e72cca6ce0a4c887d7d69dbf737c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f27ebb0f237a1ae53cfeffa54619fb1c003abd679afb6660ce76e28cbedcad
a63e5cadd935b4e0f99d4e3813d01b5c71f7348fa8ada43d7e46ac9caa57939a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a73812e57136681708334ad8ba2a99156fed80bd1d9969d7d300ad9733fd0253
a781afb124e4c90d1946015f4301edf1bd75dfb3f5b74a57b6fbb61e71fd3800
a7c9c22b208188ff00e5a8520e95e65aa736a7534ce0bc906b16825bd68069e0
a7ec2f9db815eb2a10ca811cc4c5e8e97db00d6ee58a328d6f0386a5a3ce2dcb
a7f30e418e25a2d6f77cadc8a1476981548b1eb0e153c5d48280348dd8c77051
a9f92c6684a2c007f65da0d7df941089a57323f88b56e1916970dab9ff330751
aa87f164c753fcd9ff3025f95a937a6f7009046c1bcffe1fe714f2b03ccf3648
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
ab76c8f3c21530b36d51b97e8107597d45ce1e645213592cd5b1319924ef8391
ab96ae870f19374c05af51e7edbc5fd889447fb2d67e55eadf71ddcb88cd08c3
ac5624936c6753cecc0c839defb1b6d85664861de6d57c016bbed64d4d34fa1e
ace4208545fb0ff5ea87fbe1470d3bf0af8e73d7d52fea869966c4b9d8c78a60
ad2c5471459209ba7d7a8390ea9ef631be7d4baa8791c6720efe9f9cbb9d2040
ae969c6eea068030b5470aa722e36fddd5ef6c03e776737e18d850477c914c82
af016586aec330dd4780cb337a771e77965798a265773f55105e77e6a3b57d6b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19c60fa43cb401e392a7df755e73ebf9947ffd6f43e978893a39cfe0f7e74ee
b2306d78b774202daa2ededd0873d1b661cb411331dee4b4f957c94ae4fd2263
b3741635b1f0031805e7ae2cafeec569dee3bbb6a432d0963d35ca140db6cb4f
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b47c4fa5dc6b9452b6c85baa164141a54ecbb53d43f1e1317312f4eeab895a69
b5cf3c1e88f1fa0dbbcf17a91699d3b05da3ac779dcc160deb9f1160781365b4
b626e525becd9c321151bee2d4e9e70fcf7873f4418c3fcf92359fddf0cf51fc
b6722b1b54d5fcfc1d98924d899a5274c100985fe20e098ef8b3f1459e42d082
b73482ffee8da764f750af1f2419301362c0204901faa9e8ce8eb963e4efdefa
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
b935fe4ed1144f31185d68dc69b462ee2dd28ec1b57cd580bfb4765ff0dcfc53
ba7ad249431970601e976ddf2361e9c49b535d586421f6256643a4295a1b5aae
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbbb9e40b685c8fe25d229b1f9b95bff8805f9f0e94c9f68a847bd19f7eda291
bc0161ac646d29d227691fa974edb1c45866e3e11c16954c2f923d8a9576f57e
bc92c2167eb936b5d5231d4d81429b5aa66c67505b0803555f594aa724cb1d16
bd16acf789ed09630a22c695b91001427d3151e59d58b274bcb37262a8e77e7d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd9127d95f5e7f7da3624ec9e28e1b14e750e0a3baae29ae3d160e324356e318
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be4f858d0a3ad5660f598c4f361546437a459ccc399a6c68a958f7e0003d7994
be7255d813685f0de1613223d8a60eceab095069fa83c62106bb98818faebf95
c17b56f8d87f80bcbf15ec1adbf2f801a4ce4fc2de2fae6d67597a1ec1a152b3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2cc373e3fbad2fae5232f296171808a0d633b056e68e8df237699ce6751cb52
c3f05412b273a3c32bf550bf721db6302d8c8c8692d25b847f278ef67693195d
c4650b58465a55f3d663bca634f08b6ac44b63053752457add5a2c13e7648b2b
c4f62e43764347f7a96f4a243dbc3b79839a9953a756034abe8330597aad0584
c51fffe2be6f1a72b6d297c12af42ddea28f64b60d1d75a7fe774114dd6942a3
c79c43f0651fdf6be32a15cd88006afb7001389fbb3252b44436fa189951d8a0
c7c5b04d3eae534777aede6e509e9abe56e0a624baed603fc660a5f1f4036619
c8344323654a094820e67585d0c4216cb97746f06e4e7b8acd7ee803a8fba010
c8662027f2d18a06c77dfb505e1ce31999817ea9d380aeb81c47b38019bda843
c9955e19568508a719db26d8693da8ca6273a5fc2c06b6cd9e8eca8bb2807318
ca0ccc7b7800ada7ed4c0880382e70db3660597b4d8be6043b4e3069fe3d8d77
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
ce2baa53d54f1cafc4897d96567e68ee120b016c92218d09c331d70c6b7f4bc1
ce630a87cafe7efd332eae170cd429cb853bdef76526391e26cfad6ae23c644b
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf26ae4b134c741999f2f581d4ab12dd08003c78f0fddbaef7acae1c0ca433b1
cf39a3fb32574c7b3294edff576675f9f84c2dde6d27d2b2016949c2c215cb22
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
d0ab89ac7f1a776cd6fbc92b90634b825b9794b13d255b6a49140091ffbd8496
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d238cf37e713cd37b681ff1f0ca1be613ca51e5e515a6f94cc0d7acfc4508b46
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2
d277594d46cc2ed755905a4b6b428c171b80ac509a4bb929aea2595226939abe
d350d82a519c5fac452e82405846a81ec7a521c645567be99070ca8d613ac1ce
d38a86a905da5cbea86a4ae77747ff15fd5c25f67d9c07315b2ba3d9dc215f5c
d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665
d3a529a2f55a2f0c02cf974f28028cd3a4948ed6486780d68f1496c6d2465b44
d3ef5a5d8f3acdc11f245e42e76c96efecc31d90b4c69e4c8d5556f2692fd591
d467887618aebe445296aa912a3d16e90406208442b13d12bb6b9a94ba47d788
d555fca392acd5f6ff71bc19574806ab99899cb73c48cd0a20fe43c469e219ec
d68ded511b0ec29073be0d212fd6478708778e7175153e06ce973b322f720c5d
d709873b2dd3058fdb02f9325eb522bd13420e9aa57fa9d1c99723ce6947e517
d7f23b706c2051cd14bbfdc75b158a623e575846b2a34cf308709793fb72f5e8
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887
d88eb7dfa5a5960ffb32e82ad1d8fbaff927875188e389f367dce124bce6246a
d8ba6e00e79f5d4ffc5e3f634123c36823648e601c5d6465d27c65e7797d2807
d8c0d51309ed3b00d274af942505dd1d847d031749c9d5da48685de7746a70c0
d8d141e2588d55caf64536a94190dda4a50ef888c3cba56a0600a0a6b290b1e8
d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078
db12238e10df0181b6a1a1d65f4b889a70fecfdaea11d7d166781fa0f15bfbab
db28fe433ca2b3f123fab12f4f5321994e683d29b1c936c0475fd2b654003a52
dbdeba132ce046d3751be6c6f07a66665d6cce5d65930a48d158f4993d95c95a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddb7f0433654edf2cc706e875202f2c5702c0a28d9771887bf515b675e3b2a94
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
df406c79fb8221135cb4e086d2efb95c5aab7ec98fe4026cb8d77c7c02edb89b
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e145e91c2c1cc72d1f75aa5249b9f04909852fdf994b9ecc66af952c49e82bac
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e23aa41677b6c7479e9f2a46fb0e8a85c5ece6c088bb9fa8938fe970fc8493ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c0a69d6de03571afb770c25f2216665c272ff731e3699ca3a2caf80d730f93
e44e09455a039215e492d806ab0bb302d322de38a7bc95f3e5398c78042be815
e504a8f1e20ca3eaf9040377ccfc8dea2b30ff53b09984c6dbf71029dccfb3ae
e565ad49aa2949fa65c14fda459c98b01cd06a710caba259a67dfe57e1e0bc0c
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7
e703ada3c86166f1d759fb794f9d256117c842223b68af1d3e96a17479c1e687
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
e9d4401126316114976a03b5a4cbb6f3afc0c011786c3a78b88c081c84cb17c4
ec06d1dea042e8a925dda7af4f3e285ff3dd7ce3be72844a8c9050075c507249
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecb6dac496818e5be7cd90e371c56c47f61030000872520d6cadc7f345cd5e6f
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2438a41c21a5b9dc27ad88d9a8da6ff8c781c946597c66c5001e146dfe38e9
f047d63f14b397d1bf98dab0f94870d11d4b93a84e3e4be46c1a3a116afc1c3f
f0b0df328f4beec729b564e3a3c894daaadb28185d2b91f33af880e35f671bcd
f1f17fea7cee4a9ae74981b2930b10a3aafd713f4564080def24e5fb8342a338
f3172e5d863d06983bb8b757ac3964d31fabf43b9028cf39c6b926f1042ac94f
f32da7978fb595713f344ab7b119f6c56b4a8471fa2e634830116594dacba4a5
f515ee2f35036e7e375e60d77a4839fab41037ff1d047c4fc05bbef2fcb02364
f5fa0e0261e1b6abfdd17a7767d708ea66aec6a5dca3d7fb50479c1a56090ab2
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
f6ebf5f0869db0aa265cb28fea5e4391cc521999013ea234b525595311feafa9
f71abefcd78fd68407e04fd621bb160475930018d8104a0c974c3f47d5ece6e9
f7266ace550671f9ee12e1e3cf91480093e6e4222d1aa317e0cc9b2f13ce3927
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f83525f16ff835fe5758be6f531ecd5e4efdce465f5935de044f1625a8d0d7b3
f97bf6db89407367c816ade62e16ffed0ffba15c978f5475c2fcb3f3649f3b0d
fa7dcfb7bad66bf0f7e45cebfeeae58e48916a9d7d38884eda50236fb812c338
fabef2a71a1fbb1a908065e2e241e163b8ec00dbdf2a098f6f0411a49546dd4e
facb80d5d3c350600cb817e27f00b0035d63ed77c51eac3cb86dcd25e3fd1918
fb66eb068d2656736193ffde588cb648145440e89dc5673f793c0249dafc11e9
fc12b7cb49c152a52b1a3a29fc12fef3101c7e54ecf620d9c18387bdf316e7d4
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869