Submitted URL: https://upnorthlive.com.admin-eu.cas.ms/
Effective URL: https://upnorthlive.com/
Submission: On April 10 via api from VN

Summary

This website contacted 66 IPs in 10 countries across 80 domains to perform 200 HTTP transactions. The main IP is 152.195.39.7, located in United States and belongs to EDGECAST, US. The main domain is upnorthlive.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on April 23rd 2020. Valid for: 2 years.
This is the only time upnorthlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 51.137.137.121 8075 (MICROSOFT...)
3 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
9 152.195.39.7 15133 (EDGECAST)
5 152.195.39.15 15133 (EDGECAST)
4 192.229.163.105 15133 (EDGECAST)
5 2606:4700::68... 13335 (CLOUDFLAR...)
3 65.9.66.85 ()
1 2a00:1450:400... 15169 (GOOGLE)
9 13.225.74.23 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 104.111.238.139 16625 (AKAMAI-AS)
2 2606:2800:234... 15133 (EDGECAST)
4 52.85.32.122 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 184.30.212.16 20940 (AKAMAI-ASN1)
1 35.244.174.68 15169 (GOOGLE)
2 216.58.212.162 15169 (GOOGLE)
17 52.222.179.8 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.72 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 20.40.202.0 8075 (MICROSOFT...)
1 52.222.179.127 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 52.209.12.92 16509 (AMAZON-02)
1 178.250.0.165 44788 (ASN-CRITE...)
1 18.195.221.58 16509 (AMAZON-02)
2 184.30.24.22 16625 (AKAMAI-AS)
1 104.108.48.61 16625 (AKAMAI-AS)
1 213.19.162.41 26667 (RUBICONPR...)
3 8 185.33.223.178 29990 (ASN-APPNEX)
9 52.21.43.22 14618 (AMAZON-AES)
1 52.13.120.19 16509 (AMAZON-02)
1 34.198.105.228 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2600:9000:214... 16509 (AMAZON-02)
40 54.230.183.51 16509 (AMAZON-02)
2 2 54.174.195.234 14618 (AMAZON-AES)
1 1 46.137.100.162 16509 (AMAZON-02)
1 1 104.244.42.67 13414 (TWITTER)
1 1 208.100.17.172 32748 (STEADFAST)
1 1 208.100.17.190 32748 (STEADFAST)
1 1 154.59.122.74 174 (COGENT-174)
1 1 52.3.51.165 14618 (AMAZON-AES)
1 1 209.240.97.247 40244 (TURNKEY-I...)
5 9 52.206.115.27 14618 (AMAZON-AES)
3 3 46.228.164.11 56396 (TURN)
1 1 54.86.128.41 14618 (AMAZON-AES)
1 1 54.229.183.250 16509 (AMAZON-02)
1 1 34.247.104.176 16509 (AMAZON-02)
1 1 3.212.101.34 14618 (AMAZON-AES)
1 1 13.227.156.67 16509 (AMAZON-02)
1 1 35.241.54.71 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 209.234.224.20 395162 (MOD-PTC)
1 1 52.27.71.113 16509 (AMAZON-02)
1 1 66.81.204.42 40034 (CONFLUENC...)
1 74.121.140.207 30419 (MEDIAMATH...)
1 1 54.67.80.248 16509 (AMAZON-02)
1 1 34.98.64.218 15169 (GOOGLE)
1 104.36.113.45 62713 (AS-PUBMATIC)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 35.201.113.59 15169 (GOOGLE)
2 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 18.159.182.76 16509 (AMAZON-02)
1 1 2600:9000:207... 16509 (AMAZON-02)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 1 107.178.244.119 15169 (GOOGLE)
2 2 72.251.249.13 29791 (VOXEL-DOT...)
1 1 54.191.67.155 16509 (AMAZON-02)
1 1 107.178.246.49 15169 (GOOGLE)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 1 3.212.71.107 14618 (AMAZON-AES)
1 1 199.127.206.102 26120 (RHYTHMONE)
1 1 52.209.235.181 16509 (AMAZON-02)
1 23.235.251.211 19437 (SS-ASH)
1 2 82.196.187.199 25473 (ASN-SYSTE...)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 1 184.30.20.207 16625 (AKAMAI-AS)
1 23.218.208.200 16625 (AKAMAI-AS)
3 2600:9000:207... 16509 (AMAZON-02)
1 1 2a05:d018:24:... 16509 (AMAZON-02)
1 34.212.63.181 16509 (AMAZON-02)
2 7 3.64.73.215 16509 (AMAZON-02)
2 208.100.17.180 32748 (STEADFAST)
2 104.111.230.142 16625 (AKAMAI-AS)
1 151.101.129.108 54113 (FASTLY)
2 9 23.218.208.246 16625 (AKAMAI-AS)
2 54.72.59.228 16509 (AMAZON-02)
5 6 142.250.185.162 15169 (GOOGLE)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
2 4 72.21.206.140 16509 (AMAZON-02)
1 1 70.42.32.191 13789 (INTERNAP-...)
1 69.173.144.138 26667 (RUBICONPR...)
1 37.157.4.28 198622 (ADFORM)
1 169.197.150.7 398989 (DEEPINTENT)
200 66
Apex Domain
Subdomains
Transfer
40 truste.com
preferences-mgr.truste.com
31 KB
27 trustarc.com
consent.trustarc.com
consent-pref.trustarc.com
consent-st.trustarc.com
331 KB
12 amgdgt.com
ad.amgdgt.com
cdn.amgdgt.com
124 KB
12 33across.com
ssc.33across.com
optout.33across.com
ssc-cms.33across.com
6 KB
10 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
129 KB
9 adnxs.com
ib.adnxs.com
acdn.adnxs.com
22 KB
9 sinclairstoryline.com
static-20.sinclairstoryline.com
static-14.sinclairstoryline.com
static-17.sinclairstoryline.com
sinclairstoryline.com
static-22.sinclairstoryline.com
static-21.sinclairstoryline.com
473 KB
9 upnorthlive.com
upnorthlive.com
600 KB
8 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
8 KB
8 3lift.com
tlx.3lift.com
eb2.3lift.com
3 KB
8 googlesyndication.com
pagead2.googlesyndication.com
adf60b992c65a6011be0ced3d07caafa.safeframe.googlesyndication.com
tpc.googlesyndication.com
31 KB
8 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
36 KB
6 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
2 KB
6 rubiconproject.com
ads.rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
126 KB
5 lightboxcdn.com
www.lightboxcdn.com
132 KB
4 twitter.com
platform.twitter.com
syndication.twitter.com
analytics.twitter.com
133 KB
3 turn.com
r.turn.com
ad.turn.com
1018 B
3 media.net
prebid.media.net
oba.media.net
contextual.media.net
9 KB
3 google.de
www.google.de
adservice.google.de
adssettings.google.de
2 KB
3 google.com
www.google.com
adservice.google.com
adssettings.google.com
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 google-analytics.com
www.google-analytics.com
20 KB
3 adlightning.com
tagan.adlightning.com
53 KB
3 azureedge.net
mcasproxy.azureedge.net
71 KB
2 adsrvr.org
match.adsrvr.org
529 B
2 indexww.com
js-sec.indexww.com
2 KB
2 criteo.net
static.criteo.net
51 KB
2 tradedoubler.com
publisher.tradedoubler.com
350 B
2 lijit.com
ap.lijit.com
663 B
2 retargetly.com
api.retargetly.com
894 B
2 pubmatic.com
apps.pubmatic.com
cdn.pubmatic.com
5 KB
2 mathtag.com
www.mathtag.com
pixel.mathtag.com
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com
509 B
1 deepintent.com
match.deepintent.com
44 B
1 adform.net
c1.adform.net
331 B
1 zemanta.com
b1sync.zemanta.com
301 B
1 yahoo.com
pr-bh.ybp.yahoo.com
852 B
1 bing.com
c.bing.com
444 B
1 sharedid.org
id.sharedid.org
214 B
1 tidaltv.com
ingest.tidaltv.com
221 B
1 cpmstar.com
server.cpmstar.com
1 weborama.com
optout.bigsea.weborama.com
204 B
1 unrulymedia.com
optout-service.unrulymedia.com
129 B
1 thrtle.com
optout.thrtle.com
187 B
1 tapad.com
privacy.tapad.com
143 B
1 steelhousemedia.com
optout.steelhousemedia.com
371 B
1 sojern.com
pixel.sojern.com
200 B
1 rfihub.com
oo.rfihub.com
245 B
1 sharethis.com
nai.sharethis.com
456 B
1 w55c.net
i.w55c.net
496 B
1 mediaforge.com
optout.mediaforge.com
410 B
1 quantserve.com
pixel.quantserve.com
223 B
1 contextweb.com
bh.contextweb.com
288 B
1 openx.net
u.openx.net
152 B
1 postrelease.com
jadserve.postrelease.com
396 B
1 knorex.com
partner.knorex.com
348 B
1 wsod.com
ad.wsod.com
383 B
1 eyereturn.com
privacy.eyereturn.com
272 B
1 company-target.com
segments.company-target.com
402 B
1 crsspxl.com
optout.crsspxl.com
349 B
1 ml314.com
ml314.com
413 B
1 bidr.io
optout.prod.bidr.io
369 B
1 apolloprogram.io
apolloprogram.io
235 B
1 alphonso.tv
optout.alphonso.tv
272 B
1 ipredictive.com
my.ipredictive.com
124 B
1 acuityplatform.com
acuityplatform.com
321 B
1 tynt.com
optout.tynt.com
489 B
1 thebrighttag.com
s.thebrighttag.com
390 B
1 app.link
app.link
495 B
1 gstatic.com
fonts.gstatic.com
14 KB
1 truste-svc.net
prefmgr-cookie.truste-svc.net
2 KB
1 userway.org
api.userway.org
813 B
1 yieldmo.com
ads.yieldmo.com
225 B
1 azurewebsites.net
lightboxapi.azurewebsites.net
733 B
1 rlcdn.com
idsync.rlcdn.com
66 B
1 googletagservices.com
www.googletagservices.com
21 KB
1 googletagmanager.com
www.googletagmanager.com
31 KB
1 googleapis.com
fonts.googleapis.com
1 KB
1 cas.ms
upnorthlive.com.admin-eu.cas.ms
836 B
0 mxptint.net Failed
optout.mxptint.net Failed
200 80
Domain Requested by
40 preferences-mgr.truste.com upnorthlive.com.admin-eu.cas.ms
www.mathtag.com
cdn.pubmatic.com
ad.amgdgt.com
17 consent-pref.trustarc.com tagan.adlightning.com
consent-pref.trustarc.com
upnorthlive.com.admin-eu.cas.ms
prefmgr-cookie.truste-svc.net
9 ad.amgdgt.com 5 redirects upnorthlive.com.admin-eu.cas.ms
ad.amgdgt.com
9 ssc.33across.com ads.rubiconproject.com
9 consent.trustarc.com upnorthlive.com
consent.trustarc.com
consent-pref.trustarc.com
9 upnorthlive.com upnorthlive.com
static-21.sinclairstoryline.com
8 ib.adnxs.com 3 redirects ads.rubiconproject.com
eb2.3lift.com
acdn.adnxs.com
7 eb2.3lift.com 2 redirects ads.rubiconproject.com
eb2.3lift.com
6 cm.g.doubleclick.net 5 redirects eb2.3lift.com
5 www.lightboxcdn.com upnorthlive.com
www.lightboxcdn.com
tagan.adlightning.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
ssum-sec.casalemedia.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 c.amazon-adsystem.com static-21.sinclairstoryline.com
c.amazon-adsystem.com
4 sinclairstoryline.com upnorthlive.com
sinclairstoryline.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 cdn.amgdgt.com ad.amgdgt.com
3 tpc.googlesyndication.com tagan.adlightning.com
3 gum.criteo.com 1 redirects tagan.adlightning.com
3 sb.scorecardresearch.com 1 redirects upnorthlive.com
3 www.google-analytics.com upnorthlive.com
www.google-analytics.com
3 tagan.adlightning.com upnorthlive.com
tagan.adlightning.com
3 mcasproxy.azureedge.net upnorthlive.com.admin-eu.cas.ms
mcasproxy.azureedge.net
2 match.adsrvr.org eb2.3lift.com
ssum-sec.casalemedia.com
2 js-sec.indexww.com ads.rubiconproject.com
ssum-sec.casalemedia.com
2 eus.rubiconproject.com ads.rubiconproject.com
eus.rubiconproject.com
2 ssc-cms.33across.com ads.rubiconproject.com
2 static.criteo.net ads.rubiconproject.com
static.criteo.net
2 publisher.tradedoubler.com 1 redirects
2 ap.lijit.com 2 redirects
2 api.retargetly.com 2 redirects
2 r.turn.com 2 redirects
2 beacon.lynx.cognitivlabs.com 2 redirects
2 mug.criteo.com upnorthlive.com
2 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 platform.twitter.com static-21.sinclairstoryline.com
platform.twitter.com
1 match.deepintent.com ssum-sec.casalemedia.com
1 c1.adform.net ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 b1sync.zemanta.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 c.bing.com eb2.3lift.com
1 contextual.media.net ads.rubiconproject.com
1 acdn.adnxs.com ads.rubiconproject.com
1 id.sharedid.org ads.rubiconproject.com
1 ingest.tidaltv.com 1 redirects
1 cdn.pubmatic.com apps.pubmatic.com
1 pixel.mathtag.com 1 redirects
1 server.cpmstar.com
1 optout.bigsea.weborama.com 1 redirects
1 optout-service.unrulymedia.com 1 redirects
1 optout.thrtle.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 privacy.tapad.com 1 redirects
1 optout.steelhousemedia.com 1 redirects
1 pixel.sojern.com 1 redirects
1 oo.rfihub.com 1 redirects
1 nai.sharethis.com 1 redirects
1 i.w55c.net 1 redirects
1 optout.mediaforge.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 bh.contextweb.com 1 redirects
1 apps.pubmatic.com upnorthlive.com.admin-eu.cas.ms
1 u.openx.net 1 redirects
1 jadserve.postrelease.com 1 redirects
1 www.mathtag.com upnorthlive.com.admin-eu.cas.ms
1 oba.media.net 1 redirects
1 partner.knorex.com 1 redirects
1 ad.wsod.com 1 redirects
1 adssettings.google.de 1 redirects
1 adssettings.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 privacy.eyereturn.com 1 redirects
1 segments.company-target.com 1 redirects
1 optout.crsspxl.com 1 redirects
1 ml314.com 1 redirects
1 optout.prod.bidr.io 1 redirects
1 apolloprogram.io 1 redirects
1 optout.alphonso.tv 1 redirects
1 my.ipredictive.com 1 redirects
1 acuityplatform.com 1 redirects
1 optout.tynt.com 1 redirects
1 optout.33across.com 1 redirects
1 analytics.twitter.com 1 redirects
1 s.thebrighttag.com 1 redirects
1 app.link 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 adf60b992c65a6011be0ced3d07caafa.safeframe.googlesyndication.com tagan.adlightning.com
1 adservice.google.com tagan.adlightning.com
1 adservice.google.de tagan.adlightning.com
1 prefmgr-cookie.truste-svc.net upnorthlive.com.admin-eu.cas.ms
1 api.userway.org sinclairstoryline.com
1 fastlane.rubiconproject.com ads.rubiconproject.com
1 htlb.casalemedia.com ads.rubiconproject.com
1 prebid.media.net ads.rubiconproject.com
1 tlx.3lift.com ads.rubiconproject.com
1 bidder.criteo.com ads.rubiconproject.com
1 ads.yieldmo.com ads.rubiconproject.com
1 www.google.de upnorthlive.com
1 www.google.com upnorthlive.com
1 consent-st.trustarc.com consent-pref.trustarc.com
1 lightboxapi.azurewebsites.net www.lightboxcdn.com
1 stats.g.doubleclick.net www.google-analytics.com
1 syndication.twitter.com platform.twitter.com
1 idsync.rlcdn.com upnorthlive.com
1 ads.rubiconproject.com static-21.sinclairstoryline.com
1 www.googletagservices.com static-21.sinclairstoryline.com
1 www.googletagmanager.com upnorthlive.com
1 fonts.googleapis.com static-20.sinclairstoryline.com
1 static-21.sinclairstoryline.com upnorthlive.com
1 static-22.sinclairstoryline.com upnorthlive.com
1 static-17.sinclairstoryline.com upnorthlive.com
1 static-14.sinclairstoryline.com upnorthlive.com
1 static-20.sinclairstoryline.com upnorthlive.com
1 upnorthlive.com.admin-eu.cas.ms
0 optout.mxptint.net Failed upnorthlive.com.admin-eu.cas.ms
200 117

This site contains no links.

Subject Issuer Validity Valid
MCAS
Mcas Root CA
2021-04-09 -
2021-04-10
a day crt.sh
*.azureedge.net
DigiCert SHA2 Secure Server CA
2020-11-21 -
2021-11-30
a year crt.sh
kval.com
DigiCert SHA2 Secure Server CA
2020-04-23 -
2022-05-25
2 years crt.sh
*.sinclairstoryline.com
DigiCert TLS RSA SHA256 2020 CA1
2020-12-03 -
2022-01-03
a year crt.sh
ssl516460.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2021-04-06 -
2021-10-13
6 months crt.sh
*.adlightning.com
Amazon
2020-07-22 -
2021-08-22
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2
2020-05-21 -
2022-07-17
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1
2020-07-17 -
2021-06-02
a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-05 -
2021-11-09
a year crt.sh
c.amazon-adsystem.com
Amazon
2020-08-04 -
2021-08-02
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-04-01 -
2022-04-04
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.azurewebsites.net
Microsoft RSA TLS CA 01
2020-09-28 -
2021-09-28
a year crt.sh
www.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
www.google.de
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-01-30 -
2021-04-28
3 months crt.sh
*.yieldmo.com
Amazon
2020-06-23 -
2021-07-23
a year crt.sh
*.3lift.com
Amazon
2020-07-04 -
2021-08-05
a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2020-02-25 -
2021-05-26
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2019-10-01 -
2021-09-30
2 years crt.sh
api.userway.org
Amazon
2020-12-02 -
2021-12-31
a year crt.sh
*.truste-svc.net
Go Daddy Secure Certificate Authority - G2
2020-04-25 -
2022-06-23
2 years crt.sh
*.google.de
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.truste.com
Amazon
2021-02-16 -
2022-03-17
a year crt.sh
*.amgdgt.com
Amazon
2020-11-22 -
2021-12-21
a year crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA
2020-04-15 -
2022-04-22
2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2020-12-07 -
2021-12-14
a year crt.sh
server.cpmstar.com
Go Daddy Secure Certificate Authority - G2
2020-06-30 -
2022-09-18
2 years crt.sh
*.tradedoubler.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-09 -
2022-02-09
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-01-30 -
2021-04-28
3 months crt.sh
id.sharedid.org
Amazon
2021-01-08 -
2022-02-06
a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3
2021-03-16 -
2022-03-17
a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1
2019-03-07 -
2021-04-19
2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2021-01-19 -
2021-07-19
6 months crt.sh
s.amazon-adsystem.com
Amazon
2020-08-28 -
2021-08-20
a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2019-09-16 -
2021-09-20
2 years crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2020-04-09 -
2022-06-08
2 years crt.sh

This page contains 58 frames:

Primary Page: https://upnorthlive.com/
Frame ID: 5167AD60134548114E3B34E3C4C33DFD
Requests: 85 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/0.196.29/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fupnorthlive.com%2F
Frame ID: A6F5C3F26A1C3725D62755D231B1C261
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.e16c6ecf9d86005b77fc7c17beced5d8.html?origin=https%3A%2F%2Fupnorthlive.com
Frame ID: 469F93ECAF933AA8143D53F30C3FCB07
Requests: 2 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
Frame ID: A66EE19DEDE6150ED50CE1A5B698BCAF
Requests: 21 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Frame ID: CEA367BBF155F8CDCAC4B10B09AD4BB2
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http://sbgi.net/privacy-policy&irm=undefined&from=https://consent.trustarc.com/
Frame ID: B0F75CE7C52D3C13F0826BF7382ED355
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 76083B64899DDF2366DEE28B3D04AB03
Requests: 2 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: 63068779606DBA970436DD4ACA88D883
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/816/1-0
Frame ID: 44C87C15E2A37E6AA85F72117DCDEA79
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/766/1-0
Frame ID: 7ABF45182EEFE571F5C126AB53D092D0
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/519/1/0
Frame ID: A90BFDE392FDF9EDE9A21272738B0D73
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/716/1/AAAAEICgku_YOOTcwFZspu0-QINJyUx8Ln4zfLaF5VIWwZ3eavhu4SWAi7qeySSF0qPNtXhs/
Frame ID: E43498B6CFCA5ADAD7BBF2C7C9D73D2B
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/258/1/58b42ace821f6b36/
Frame ID: 0577616D909BED239289947090CFC664
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/488/1/58b42ace821f6b36/
Frame ID: 464EE99C82B019465E0F23268B870520
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/383/1/xKWWkpwqrq/
Frame ID: DE3DD48B63E1D598CBE49D44E76B944D
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/642/1/adelphic
Frame ID: 61950AF3E809EFD4C11FADE3C72CFF75
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/768/1
Frame ID: A496A0DA5CFEBC243C472C18FDD97FB1
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/636/2/90827426468215186874/
Frame ID: 989EE0F6B55E763075AF5B8F06FB07AA
Requests: 8 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/713/1-2/
Frame ID: 4520B6626169EA8B9D7B289DC1562A88
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/559/1-0/153050528/
Frame ID: 5BF303BE1B8CA50A38FE0AD0978D964C
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/574/1/0b9490d1f38e
Frame ID: 931A263B31233C19841604E1AD434063
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/
Frame ID: 89AE44DF3D7683A492BE77E84F554B6F
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/392/1/253614
Frame ID: 1F0B649BF8F18047F85386A551E3344D
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/762/1-0/
Frame ID: C336D201CB1999385723B681105861FD
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/813/1/0/
Frame ID: 331A82BAB3D8319F703647DA6E855988
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3/
Frame ID: 24E37385499A5B528F74E261BA03A7A3
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/
Frame ID: 53AAF8FFE7F25D11450A8F4BF1078763
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/641/1/a5a11da8-73c7-44af-9dda-b51d94a0d5d8/
Frame ID: 0E5EC9C14492C8F53725BB65579E7423
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/454/1/E96XQIOVFD/
Frame ID: 2EE5F8AC88A109CBE0C6D9DE6BC8EA58
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/807/1-1/fb0rnm5g5tn05v7grfm9umd5o6/
Frame ID: C6040EBF1A8CBA1AF64AA582207B570D
Requests: 2 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/755/3/
Frame ID: 4C6C341CCD5B6D39D4FA6E1B73A98E16
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/765/1/1618015992/
Frame ID: 63CFE19A3F4614624DABCF2F13CC72B2
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/420/1/xETh2Cbamm36rgbcE9Z2cVWmSK7jGAh2gab6/
Frame ID: 33904953AA1B1D435198E4B2C1FB08E1
Requests: 3 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/422/1/kZS0eEwh9qiD
Frame ID: 5305E09EA251966887410D1259C57D24
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/806/1-0/O020392429351618015992768/
Frame ID: 69367474800A6C09E6987DBA7082B180
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/758/1-0/b5962ba7-e3c8-4b51-87f8-2abb250e00cf
Frame ID: C18CA29227C54D74012C26689FA0DFD5
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/497/1-0/0
Frame ID: 2D38B8361906A31C0B59E7C059D15876
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/831/1-1/909786677
Frame ID: 97B296ECAE46CE6D3B80C53331865AF3
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/835/1/42/
Frame ID: 1F9A1EA5260A15B5A31778F0FFCD34E3
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/729/1/dummy_token/
Frame ID: 95F3859CF725D38C17F194FF4087B57A
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/604/1/XloPuglJuvKJvbmS
Frame ID: 2FDAB1B81929976EE2451F7E65F3D732
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/742/1/
Frame ID: 8BF1B434228F5148B2F470DE3C69EB6F
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/375/1/44ca856c-81cf-3854-8aab-9738a11eadc3/
Frame ID: 5E89E7BD19CBDD259D6AE23A45B0CD6E
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/428/1/4a468fed-d6fa-4f75-a6fb-7497f9da8487/
Frame ID: 85C1AD25C0F93B134E206B0681185BDE
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/366/1-0/o8stHZzkEz
Frame ID: 0D96D1B001C98C7F01573A298C36C4D7
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/770/1-0/rbti
Frame ID: F6D955E4A479134B7269E60415F579F0
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/
Frame ID: B40F2A3B27C2D36F1FC5F5837E6D560F
Requests: 1 HTTP requests in this frame

Frame: https://optout.mxptint.net/daastatus.ashx?rd=http://preferences-mgr.truste.com&participant_id=540&action_id=3
Frame ID: B95B228D03A314D3C2910361FDBDBE48
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/747/1-0/csrf
Frame ID: 857BDFA429F089EE4D937ADC15A705EF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=upnorthlive.com
Frame ID: 24C5613BE76E279A3971640FF9DF2A4C
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: DCFB8B83105CFF8B91091A90A86201A6
Requests: 11 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=c0L0awECOr6OoraKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: FEC357C29735BEB2F00815A279DF94C5
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cXBL-QECOr6OoraKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: B6856602538EFFB97A9BD55167F63784
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2F562BFA3E13990C85EA30BF24A4332B
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D267ABBEECA3987A6639E24EDB79C757
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU34Q8WJ&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 0BDCC0487A540C22E20F7F3899BAF72E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 23F6421B63514DDE8F4A8C3E8E939654
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 4B39D54A472C75C2A671B81894D4335C
Requests: 10 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://upnorthlive.com.admin-eu.cas.ms/ Page URL
  2. https://upnorthlive.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

200
Requests

99 %
HTTPS

27 %
IPv6

80
Domains

117
Subdomains

66
IPs

10
Countries

2464 kB
Transfer

6953 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://upnorthlive.com.admin-eu.cas.ms/ Page URL
  2. https://upnorthlive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://sb.scorecardresearch.com/b?c1=2&c2=19578925&ns__t=1618015991225&ns_c=UTF-8&cv=3.5&c8=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&c7=https%3A%2F%2Fupnorthlive.com%2F%3F&c9=https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=19578925&ns__t=1618015991225&ns_c=UTF-8&cv=3.5&c8=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&c7=https%3A%2F%2Fupnorthlive.com%2F%3F&c9=https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F&cs_ak_ss=1
Request Chain 61
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fupnorthlive.com%2F&domain=upnorthlive.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=97f10nxYdXdDcDc0WEtKTC9EVDVUTDRVY2dJVXBKSTQ0WUJERFlKOENKQ1lQN21Kdi9YL3R5c25KazhyTlAvVUJCM0ZlSGs3cFFneGNrM0l6bjN3VVdmUkhXQjI0OXh2ZkJoMVErTkN2RGx6Q2REaCtQYlgxWGRYWVA1Q250Rm43ZXBBMU5zM3hvZitWRWpDY1J3QS9mSG5BTkI2ZlF5d0trblVLQjZhSGtKNlB5UzBVd3JOWCtHdUJLbjkzZ2hLL2tFTGM5N3N5VnQzeEdiZzZHQlkzNXZIZ21RZ3ZIMFhzZk1BaTZzZjJ4cTZFZGZrPXw&cppv=2
Request Chain 110
  • https://app.link/nai-optout?action_id=3&participant_id=816&rd=https://preferences-mgr.truste.com&nocache=0.4846240146080738 HTTP 302
  • https://preferences-mgr.truste.com/token/816/1-0
Request Chain 111
  • https://beacon.lynx.cognitivlabs.com/daa/webchoices?action_id=3&participant_id=766&rd=https://preferences-mgr.truste.com/&nocache=0.41864297959787167 HTTP 302
  • https://preferences-mgr.truste.com//token/766/1-0
Request Chain 112
  • https://s.thebrighttag.com/api/privacy/3fLGmeU/nai?action_id=3&participant_id=519&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.8145193791572358 HTTP 307
  • https://preferences-mgr.truste.com/token/519/1/0
Request Chain 113
  • https://analytics.twitter.com/daa/0/daa_optout_actions?action_id=3&participant_id=716&rd=https://preferences-mgr.truste.com&nocache=0.11421449788949589 HTTP 307
  • https://preferences-mgr.truste.com/token/716/1/AAAAEICgku_YOOTcwFZspu0-QINJyUx8Ln4zfLaF5VIWwZ3eavhu4SWAi7qeySSF0qPNtXhs/
Request Chain 114
  • https://optout.33across.com/api/?action_id=3&participant_id=258&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.06538139145014288 HTTP 302
  • https://preferences-mgr.truste.com/token/258/1/58b42ace821f6b36/
Request Chain 115
  • https://optout.tynt.com/api/?action_id=3&participant_id=488&rd=https://preferences-mgr.truste.com&nocache=0.6576183614530995 HTTP 302
  • https://preferences-mgr.truste.com/token/488/1/58b42ace821f6b36/
Request Chain 116
  • https://acuityplatform.com/Adserver/nai?action_id=3&participant_id=383&rd=https://preferences-mgr.truste.com&nocache=0.44836625930660445 HTTP 302
  • https://preferences-mgr.truste.com/token/383/1/xKWWkpwqrq/
Request Chain 117
  • https://my.ipredictive.com/optout/aboutads?action_id=3&participant_id=642&rd=https://preferences-mgr.truste.com&nocache=0.3188222102175231 HTTP 302
  • https://preferences-mgr.truste.com/token/642/1/adelphic
Request Chain 118
  • https://optout.alphonso.tv/optout_v1?action_id=3&participant_id=768&rd=https://preferences-mgr.truste.com&nocache=0.6205378461417315 HTTP 302
  • https://preferences-mgr.truste.com/token/768/1
Request Chain 119
  • https://ad.amgdgt.com/ads/nai-coop-opt-out?action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405 HTTP 302
  • https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
Request Chain 120
  • https://r.turn.com/r/optout?action_id=3&participant_id=713&rd=https://preferences-mgr.truste.com&nocache=0.2909998417829094 HTTP 302
  • https://preferences-mgr.truste.com/token/713/1-2/
Request Chain 121
  • https://apolloprogram.io/optout?action_id=3&participant_id=559&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.28212396017279096 HTTP 302
  • https://preferences-mgr.truste.com/token/559/1-0/153050528/
Request Chain 122
  • https://optout.prod.bidr.io/optout?action_id=3&participant_id=574&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.4873849742633807 HTTP 302
  • https://preferences-mgr.truste.com/token/574/1/0b9490d1f38e
Request Chain 123
  • https://ml314.com/daaoptout.ashx?action_id=3&participant_id=718&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.9929598322169366 HTTP 302
  • https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/
Request Chain 124
  • https://optout.crsspxl.com/opt-out.php?action_id=3&participant_id=392&rd=https://preferences-mgr.truste.com/&nocache=0.5501910891399684 HTTP 302
  • https://preferences-mgr.truste.com//token/392/1/253614
Request Chain 125
  • https://segments.company-target.com/dnt?action_id=3&participant_id=762&rd=https://preferences-mgr.truste.com&nocache=0.3638758641323159 HTTP 302
  • https://preferences-mgr.truste.com/token/762/1-0/
Request Chain 126
  • https://privacy.eyereturn.com/coop?action_id=3&participant_id=813&rd=https://preferences-mgr.truste.com/&nocache=0.19510148468161792 HTTP 302
  • https://preferences-mgr.truste.com//token/813/1/0/
Request Chain 127
  • https://googleads.g.doubleclick.net/ads/preferences/naioptout?action_id=3&participant_id=804&rd=https://preferences-mgr.truste.com&nocache=0.3706910843929323 HTTP 302
  • https://adssettings.google.com/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3&aboutads_sess=ACi0TCgzuve7mbGA8_B-xCi-B8RHMMBDGKwdsXLc2WRRFA4-BWRWFvCJiMU1odRc5aDoZ9Y9isoF&status=1 HTTP 302
  • https://adssettings.google.de/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3&aboutads_sess=ACi0TCgzuve7mbGA8_B-xCi-B8RHMMBDGKwdsXLc2WRRFA4-BWRWFvCJiMU1odRc5aDoZ9Y9isoF&status=1&ipr=y HTTP 302
  • https://preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3/
Request Chain 128
  • https://ad.wsod.com/coop_api/?action_id=3&participant_id=407&rd=https://preferences-mgr.truste.com/&nocache=0.6212910339735191 HTTP 302
  • https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/
Request Chain 129
  • https://partner.knorex.com/oba/api/aboutads?action_id=3&participant_id=641&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6506654505994021 HTTP 302
  • https://preferences-mgr.truste.com/token/641/1/a5a11da8-73c7-44af-9dda-b51d94a0d5d8/
Request Chain 130
  • https://oba.media.net/nai.php?action_id=3&participant_id=454&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.8208618069712379 HTTP 302
  • https://preferences-mgr.truste.com/token/454/1/E96XQIOVFD/
Request Chain 132
  • https://jadserve.postrelease.com/naioptout?action_id=3&participant_id=755&rd=https://preferences-mgr.truste.com&nocache=0.6300195753410418 HTTP 302
  • https://preferences-mgr.truste.com/token/755/3/
Request Chain 133
  • https://u.openx.net/privacy/daa?action_id=3&participant_id=765&rd=https://preferences-mgr.truste.com&nocache=0.544747758019497 HTTP 302
  • https://preferences-mgr.truste.com/token/765/1/1618015992/
Request Chain 135
  • https://bh.contextweb.com/bh/oba/aboutads/?action_id=3&participant_id=422&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.15411385081511653 HTTP 302
  • https://preferences-mgr.truste.com/token/422/1/kZS0eEwh9qiD
Request Chain 136
  • https://pixel.quantserve.com/optout?action_id=3&participant_id=806&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6304568669858734 HTTP 302
  • https://preferences-mgr.truste.com/token/806/1-0/O020392429351618015992768/
Request Chain 137
  • https://optout.mediaforge.com/nai/mediaforge/optout?action_id=3&participant_id=758&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.7220065886007279 HTTP 302
  • https://preferences-mgr.truste.com/token/758/1-0/b5962ba7-e3c8-4b51-87f8-2abb250e00cf
Request Chain 138
  • https://api.retargetly.com/optout?action_id=3&participant_id=497&rd=https://preferences-mgr.truste.com/&nocache=0.7375084932384992 HTTP 302
  • https://api.retargetly.com/optout?action_id=3&participant_id=497&rd=https%3A%2F%2Fpreferences-mgr.truste.com%2F&nocache=0.7375084932384992&_rlid=258e9fa9-3549-47c2-9e5b-7d393bf33b3b HTTP 302
  • https://preferences-mgr.truste.com//token/497/1-0/0
Request Chain 139
  • https://i.w55c.net/optout/nai?action_id=3&participant_id=831&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.31802074119693 HTTP 302
  • https://preferences-mgr.truste.com/token/831/1-1/909786677
Request Chain 140
  • https://nai.sharethis.com/?action_id=3&participant_id=835&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.9107635042222395 HTTP 302
  • https://preferences-mgr.truste.com/token/835/1/42/
Request Chain 141
  • https://oo.rfihub.com/nai.gif?action_id=3&participant_id=729&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.7469728027786195 HTTP 302
  • https://preferences-mgr.truste.com/token/729/1/dummy_token/
Request Chain 142
  • https://pixel.sojern.com/optout/do?action_id=3&participant_id=604&rd=https://preferences-mgr.truste.com&nocache=0.16242486217168906 HTTP 307
  • https://preferences-mgr.truste.com/token/604/1/XloPuglJuvKJvbmS
Request Chain 143
  • https://ap.lijit.com/cookie_opt_out?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com&nocache=0.6236276668704173 HTTP 302
  • https://ap.lijit.com/check_optout_cookie?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com HTTP 302
  • https://preferences-mgr.truste.com/token/742/1/
Request Chain 144
  • https://optout.steelhousemedia.com/nai?action_id=3&participant_id=375&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.11865885943287324 HTTP 302
  • https://preferences-mgr.truste.com/token/375/1/44ca856c-81cf-3854-8aab-9738a11eadc3/
Request Chain 145
  • https://privacy.tapad.com/daa-coop?action_id=3&participant_id=428&rd=https://preferences-mgr.truste.com&nocache=0.87285952209917 HTTP 303
  • https://preferences-mgr.truste.com/token/428/1/4a468fed-d6fa-4f75-a6fb-7497f9da8487/
Request Chain 146
  • https://pixel.rubiconproject.com/oba/optout/?action_id=3&participant_id=366&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.3363509881467939 HTTP 302
  • https://preferences-mgr.truste.com/token/366/1-0/o8stHZzkEz
Request Chain 147
  • https://optout.thrtle.com/optout?action_id=3&participant_id=770&rd=https://preferences-mgr.truste.com&nocache=0.37617324718308165 HTTP 302
  • https://preferences-mgr.truste.com/token/770/1-0/rbti
Request Chain 148
  • https://optout-service.unrulymedia.com/opt-out?action_id=3&participant_id=783&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6600020666555269 HTTP 302
  • https://preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/
Request Chain 149
  • https://optout.mxptint.net/daaoptout.ashx?action_id=3&participant_id=540&rd=http://preferences-mgr.truste.com&nocache=0.35124559906811004 HTTP 302
  • https://optout.mxptint.net/daastatus.ashx?rd=http://preferences-mgr.truste.com&participant_id=540&action_id=3
Request Chain 150
  • https://optout.bigsea.weborama.com/optout?action_id=3&participant_id=747&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.0033268862255300125 HTTP 302
  • https://preferences-mgr.truste.com/token/747/1-0/csrf
Request Chain 152
  • https://publisher.tradedoubler.com/public/setBlockTargetingCookie.action?nocache=0.33375387040545257 HTTP 302
  • https://publisher.tradedoubler.com/public/targetingCookieInformation.action
Request Chain 157
  • https://pixel.mathtag.com/event/img?mt_id=888&mt_nsync&mm_bnc&redir=https%3A%2F%2Fpreferences-mgr.truste.com%2Ftoken%2F807%2F%5BNAI_OPTOUT%5D-1%2Ffb0rnm5g5tn05v7grfm9umd5o6%2F HTTP 302
  • https://preferences-mgr.truste.com/token/807/1-1/fb0rnm5g5tn05v7grfm9umd5o6/
Request Chain 163
  • https://ad.amgdgt.com/ads/opt-out?op=check&src=MST&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D-419943423911395328%26pf%3Damg%26st%3D HTTP 302
  • https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=-419943423911395328&pf=amg&st=nt HTTP 302
  • https://cdn.amgdgt.com/base/pixels/transparent.gif
Request Chain 164
  • https://r.turn.com/r/optout?src=amobee&type=status&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D5534732271616%26pf%3Dturn%26st%3D HTTP 302
  • https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=5534732271616&pf=turn&st=t HTTP 302
  • https://cdn.amgdgt.com/base/pixels/transparent.gif
Request Chain 165
  • https://ingest.tidaltv.com/opt-out?op=givethestatus&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D7385421516%26pf%3Dvid%26st%3D HTTP 302
  • https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=7385421516&pf=vid&st=nt HTTP 302
  • https://cdn.amgdgt.com/base/pixels/transparent.gif
Request Chain 168
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 176
  • https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBWDgKiowRiGCNfaM1aZWUU&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 179
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAyODY3NjI4OTI0MTQxMDg5Mg%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAyODY3NjI4OTI0MTQxMDg5Mg%3D%3D&google_tc=
Request Chain 181
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2028676289241410892?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-e0Vm8YxE2oTcFNHAgxafn2gtWFETX7BBJZJYUz4qrw--~A&dongle=0883
Request Chain 182
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=943434866460797159&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 183
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2028676289241410892 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2028676289241410892&dcc=t
Request Chain 184
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 187
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 189
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHD2_PGrZHEfrkGs5ZO5PQAABGAAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHD2_PGrZHEfrkGs5ZO5PQAABGAAAAIB&dcc=t
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YHD2_PGrZHEfrkGs5ZO5PQAABGAAAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELP6UjRE3PdkppHSQEXaD8U&google_cver=1
Request Chain 192
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YHD2-PGrZHEfrkGs5ZO5PQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJhw-n1tdVmlS2Kof5j_U30&google_cver=1&gdpr=1
Request Chain 193
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8900624171902418972
Request Chain 195
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=0c305fc9-2663-4e9d-9124-27a5e538edda&expiration=1649551997

200 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
upnorthlive.com.admin-eu.cas.ms/
1012 B
836 B
Document
General
Full URL
https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.137.137.121 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
4b2c7b26bc96741ad437b155a08a1c9041f449315adbce690dc7389b406fd896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
upnorthlive.com.admin-eu.cas.ms
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
server
openresty
date
Sat, 10 Apr 2021 00:53:07 GMT
x-mcas-request-id
e77c05961934db9f78e0cb7189a74a20
expires
Mon, 01-Jan-1990 00:00:00 GMT
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=31536000
x-mcas-upstream-time
n/a
x-mcas-processing-time
2
content-encoding
gzip
x-mcas-cache-status
MISS
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/0.196.29/js/
5 KB
5 KB
Script
General
Full URL
https://mcasproxy.azureedge.net/proxyweb/0.196.29/js/session-context-store-helper.min.js
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726

Request headers

Referer
https://upnorthlive.com.admin-eu.cas.ms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 10 Apr 2021 00:53:07 GMT
last-modified
Thu, 04 Mar 2021 10:58:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
npsIWjlCWsd9fFNnNdaKMw==
etag
0x8D8DEFC64751E17
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3f7fd6b0-801e-0122-4759-137cb7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=3792
x-ms-version
2009-09-19
content-length
4994
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/0.196.29/html/ Frame A6F5
281 B
727 B
Document
General
Full URL
https://mcasproxy.azureedge.net/proxyweb/0.196.29/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fupnorthlive.com%2F
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.196.29/js/session-context-store-helper.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

:method
GET
:authority
mcasproxy.azureedge.net
:scheme
https
:path
/proxyweb/0.196.29/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fupnorthlive.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://upnorthlive.com.admin-eu.cas.ms/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://upnorthlive.com.admin-eu.cas.ms/

Response headers

content-length
281
content-type
text/html
content-md5
vDuuGHIdcY/gQtnraxH9qw==
last-modified
Thu, 04 Mar 2021 10:54:11 GMT
etag
0x8D8DEFBD7F80B80
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
617dcb6b-801e-0087-5259-1301fb000000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin
*
cache-control
public, max-age=7035
date
Sat, 10 Apr 2021 00:53:07 GMT
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/0.196.29/js/ Frame A6F5
64 KB
65 KB
Script
General
Full URL
https://mcasproxy.azureedge.net/proxyweb/0.196.29/js/session-context-restore.min.js
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.196.29/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fupnorthlive.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a55b1cbb17117e8456b5637969d4d6d7ede32d26e4abbce0afcb08476eba2028

Request headers

Referer
https://mcasproxy.azureedge.net/proxyweb/0.196.29/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fupnorthlive.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 10 Apr 2021 00:53:07 GMT
last-modified
Thu, 04 Mar 2021 10:58:06 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
BzcPIa97Vbx2Zexftrl+Xw==
etag
0x8D8DEFC642A72AE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2549c35c-e01e-00d8-4b59-13f305000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1
x-ms-version
2009-09-19
content-length
65920
Primary Request /
upnorthlive.com/
518 KB
519 KB
Document
General
Full URL
https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
8140ad7808211f9a5a88486ee37093f52e4358c6160d794cda8628611a9547a7

Request headers

:method
GET
:authority
upnorthlive.com
:scheme
https
:path
/?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://upnorthlive.com.admin-eu.cas.ms/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://upnorthlive.com.admin-eu.cas.ms/

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
max-age=60
content-type
text/html; charset=UTF-8
date
Sat, 10 Apr 2021 00:53:07 GMT
etag
9d007c50-5598-4ccb-ab81-b91efda21d5a
expires
Sat, 10 Apr 2021 00:54:10 GMT
if-none-match
9d007c50-5598-4ccb-ab81-b91efda21d5a
sbg-11
7.6.2020T1253
sbgi-1
Production
sbgi-10
true
sbgi-5
true
sbgi-6_5
03.13.20T1242
sbgi-6_6
03.13.20T1242
sbgi-6_7
03.13.20T1242
sbgi-7a
03.13.20T1242
sbgi-9
true
sbgi-device
NoSmartphone
sbgi-protocol
https
sbgi-realpath
/renderer/upnorthlive/
sbgi-rendertime
Apr-10-2021 00:53:10
server
Apache/2.4.7 (Ubuntu)
set-cookie
laravel_session=eyJpdiI6Imt1U1kydHV6alludTZOaDUrMUhXS0E9PSIsInZhbHVlIjoiYnZzSjlkXC90Mm1pU3lZV2M4UStHSmJJTCs1ZFlQUERCVEcwTjRrT2QzZm5BdTAyUzMzM2FlY0ROK0JMamNzaFVnTjhjdWQwU0ZnSmNCb05KcXNvdmtnPT0iLCJtYWMiOiI3NjIyZTkyMDQ4Y2IxMGY3ZTM3ZTBmYjQzZWExNTVkNzYxYzNiYzk3ZmM1NWRhNDA1NjY0Y2NlODI4OTM1MmE0In0%3D; expires=Sat, 10-Apr-2021 02:53:10 GMT; Max-Age=7200; path=/; httponly
common.css
static-20.sinclairstoryline.com/resources/assets/common/fonts/open-sans/
630 B
662 B
Stylesheet
General
Full URL
https://static-20.sinclairstoryline.com/resources/assets/common/fonts/open-sans/common.css?_=2021-04-05T18-26Z
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.39.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
b686e3e2a293833a4692aabe20e2e61115fafc0a4df592641e07d0eefb64f484

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:10 GMT
content-encoding
gzip
age
631
x-cache
HIT
sbgi-resource
c
x-amz-request-id
1V9W1FQ3J4B88HNX
x-amz-id-2
Wp3PGCi3jV4mNw7G0lDPHOjpULvhqxqH0VcMnKcX7euJOp/gIblcq4xwFY15ffobssK2+eA1VS4=
accept-ranges
bytes
last-modified
Thu, 12 Apr 2018 21:07:15 GMT
server
ECS (frb/6725)
etag
"96a7ea31ff8f8fce2c4c23e349c39651+gzip"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=3600
content-length
324
content-type
text/css
expires
Sat, 10 Apr 2021 01:53:10 GMT
privacyUtils.js
static-14.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/core/shared/
6 KB
2 KB
Script
General
Full URL
https://static-14.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/core/shared/privacyUtils.js
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.39.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D6) /
Resource Hash
0377374a761dcbc940ce09a8bddca342bf82ab59aa7e03dd290f2db39a4132ac

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:10 GMT
content-encoding
gzip
age
367336
x-cache
HIT
x-amz-replication-status
FAILED
sbgi-resource
b
content-length
2158
x-amz-id-2
CrXvszObT31R8Wu15DZ9dWYj8gTnG5h71sc3Qzkcw3Y3ODhmLmM/O0mdql7GpDumTmnLLOtjanM=
last-modified
Mon, 05 Apr 2021 18:42:45 GMT
server
ECS (frb/67D6)
x-amz-request-id
GAXYHQEJ6J3QVP4K
etag
"b50578d7e22cade8f7196666db297922"
vary
Accept-Encoding
x-amz-version-id
uKAI9tOWB0m5TP3ghYZfqkzY6G.ycyCp
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 10 Apr 2022 00:53:10 GMT
ads.js
static-17.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/core/shared/
347 B
640 B
Script
General
Full URL
https://static-17.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/core/shared/ads.js
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.39.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/675D) /
Resource Hash
1666b41d1d6fb7ba772113768f30b4b59a7494633f656ff4b12fe2a410c6c9ee

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:10 GMT
content-encoding
gzip
age
367336
x-cache
HIT
x-amz-replication-status
FAILED
sbgi-resource
b
content-length
244
x-amz-id-2
/N2wplq/WtxsYuak0KrSOceoy9oMuRUhvS4RbEByoPdrGqSkaaUAR3z58nc5kKMa7vcqXCsoYcU=
last-modified
Mon, 05 Apr 2021 18:42:40 GMT
server
ECS (frb/675D)
x-amz-request-id
GAXY7HSXD5PW4VBS
etag
"05c0c76ac74869e90bd410e8300d42e5"
vary
Accept-Encoding
x-amz-version-id
73Rc7fKg1ejXp491GMAkpoI4APvcJ5y3
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 10 Apr 2022 00:53:10 GMT
player.js
upnorthlive.com/resources/video/players/prod/src/scripts/jwplayer/
7 KB
3 KB
Script
General
Full URL
https://upnorthlive.com/resources/video/players/prod/src/scripts/jwplayer/player.js?_=2021-04-05T18-26Z
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6794) /
Resource Hash
7f48469648e59b2f575ad2ae883c9627e1956540594edc21aacf991f85d84bd3

Request headers

Referer
https://upnorthlive.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:10 GMT
content-encoding
gzip
sbgi-5
true
age
92142
sbgi-13
d
sbgi-7a
03.13.20T1242
sbg-11
7.6.2020T1253
x-cache
HIT
sbgi-6_7
03.13.20T1242
sbgi-qs
_=2021-04-05T18-26Z
sbgi-9
true
content-length
2378
x-amz-id-2
wqYZQTk/gWX/eCI1neZIqofPI8RZkJkzlLxe6MMqsGbKIUgBClwMfQPcwGqx+sqeS6dP9Fk7wtI=
sbgi-protocol
https
sbgi-10
true
last-modified
Wed, 24 Mar 2021 23:19:28 GMT
server
ECS (frb/6794)
etag
"00fb2c21c0e6e80e523134fc454fcfec+gzip"
sbgi-6_6
03.13.20T1242
vary
Accept-Encoding
x-amz-request-id
3P4D04VRHSN6PBAC
access-control-allow-origin
*
sbgi-device
NoSmartphone
cache-control
max-age=604800
x-amz-version-id
SBbuyIXFife8L45vlZo4.9uiU9322DAb
sbgi-1
Production
sbgi-6_5
03.13.20T1242
content-type
application/javascript
expires
Sat, 17 Apr 2021 00:53:10 GMT
widget.js
sinclairstoryline.com/resources/defaults/userway/
1 KB
1 KB
Script
General
Full URL
https://sinclairstoryline.com/resources/defaults/userway/widget.js?2021-04-05T18-26Z
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.105 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D05) /
Resource Hash
8ff62030ec15826d5df76673030a7722e255ccd09fe2de0fb04c5018f5e02689

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
sbgi-ssl-all
0Min
age
21737
x-cache
HIT
sbgi-fm-mb
NIE
content-length
676
x-amz-id-2
oBE+HqNmLoEQfQ3J6+GDEl9T4TS3Q26p6PL+/hY4q0USRh1b2GX/pc/0M1IyB8u0vWukqQvB2Fg=
sbgi-bypass-cache-cookie
SPA
last-modified
Mon, 08 Feb 2021 18:25:06 GMT
server
ECS (nyb/1D05)
cache-control
max-age=3600
etag
"6b60b57afed873c7118f08185b5e2ded+gzip"
vary
Accept-Encoding
x-amz-meta-replication-status
FAILED
x-amz-request-id
7V8RZS81WGJZQ01H
access-control-allow-origin
*
sbgi-security
StorylineApplication
x-amz-version-id
LERj_HbTvhAdKINBta1Q1N.8IrmgQ11H
x-amz-meta-version-id
6n3msFMhAfCO.VxzkWYc3kd2tATtZkdZ
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Apr 2021 01:53:11 GMT
lightbox_sinclair.js
www.lightboxcdn.com/static/
6 KB
3 KB
Script
General
Full URL
https://www.lightboxcdn.com/static/lightbox_sinclair.js
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b0d17e305184462011635445935a531dc59d96d27365188bf15122252ef6c30

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Apr 2021 00:53:10 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
C7dbFkbDxOGaBExAcWWwuA==
age
22504
cf-polished
origSize=7047
x-ms-meta-cbmodifiedtime
Fri, 09 Apr 2021 18:36:20 GMT
last-modified
Fri, 09 Apr 2021 18:37:56 GMT
cf-request-id
095addcc76000097a2e38d8000000001
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
x-ms-request-id
00ae1db9-c01e-00fc-046f-2d6b5e000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
63d7ff272bb597a2-FRA
expires
Sun, 10 Apr 2022 00:53:10 GMT
op.js
tagan.adlightning.com/sinclair/
40 KB
14 KB
Script
General
Full URL
https://tagan.adlightning.com/sinclair/op.js
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.85 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
747bc8ae0549fa92f0014a533d517ba9c0019a02b90a50617450fcf409d2e2d7

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
blATe71MBhTyeWv_g.NlfjNrREqeF_f8
content-encoding
gzip
etag
"36422be4c3b1f92bafede6cd12fbbc82"
age
821
x-cache
Hit from cloudfront
content-length
14247
x-amz-meta-git_commit
49c6f47
last-modified
Fri, 09 Apr 2021 20:47:30 GMT
server
AmazonS3
date
Sat, 10 Apr 2021 00:39:30 GMT
content-type
application/javascript
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
CKJC-Lllg4A143GPl7YbOMLSJMCUJbYdGAA90ql1xXnjCZa2QGFN4Q==
presentations-home_v1.min.css
static-22.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_css/
367 KB
42 KB
Stylesheet
General
Full URL
https://static-22.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_css/presentations-home_v1.min.css
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.39.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6772) /
Resource Hash
d271475996f1116e769492318370e47c2c3bd8b31f76af2bab2398a443025012

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:10 GMT
content-encoding
gzip
age
322463
x-cache
HIT
x-amz-replication-status
FAILED
sbgi-resource
b
content-length
43051
x-amz-id-2
5NGfawS2usayXHOJWqdHwiyrGudP0b3RfaL31VoZW3WjBWdGzhq4zYdCV+7qNw0XM0JfKWYFxZ0=
last-modified
Mon, 05 Apr 2021 18:42:35 GMT
server
ECS (frb/6772)
x-amz-request-id
HA1KCDRMX47FD6RA
etag
"cb25e7b79cc747f3828fc69b800a9e92"
vary
Accept-Encoding
x-amz-version-id
55o3Y.WR_bvyN6cdY0ySjXKOCSc9h3dO
cache-control
max-age=31536000
accept-ranges
bytes
content-type
text/css
expires
Sun, 10 Apr 2022 00:53:10 GMT
presentations-home_v1.min.js
static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/
1 MB
403 KB
Script
General
Full URL
https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.39.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
9d70c582c2d363673895b9ecaca7073d1551922cec23e54741c2aac192180c7d

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:10 GMT
content-encoding
gzip
age
322463
x-cache
HIT
x-amz-replication-status
FAILED
sbgi-resource
b
content-length
411722
x-amz-id-2
1a7aIguDI7ImpdYpaIeGd3/Y9tpqPcw/Z8gippRNi6nI2c9FCD5XJjdyt5FMfCU1PioceSJw/5Q=
last-modified
Mon, 05 Apr 2021 18:42:42 GMT
server
ECS (frb/67BE)
x-amz-request-id
HA1QXGE6FGGQJ4ZM
etag
"d729877d4f0cf67ce9e8a0f7c41d9759"
vary
Accept-Encoding
x-amz-version-id
7ikYQpIK7_W8DKECO8xwe2Uwj9WVq2Nf
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 10 Apr 2022 00:53:10 GMT
css
fonts.googleapis.com/
18 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800
Requested by
Host: static-20.sinclairstoryline.com
URL: https://static-20.sinclairstoryline.com/resources/assets/common/fonts/open-sans/common.css?_=2021-04-05T18-26Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ef50a13371119fd9955296ba0de5395196888719ea9b2954817329b4f4bf66e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://static-20.sinclairstoryline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 22:54:07 GMT
server
ESF
date
Sat, 10 Apr 2021 00:53:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 10 Apr 2021 00:53:10 GMT
notice
consent.trustarc.com/
9 KB
4 KB
Script
General
Full URL
https://consent.trustarc.com/notice?domain=sbgi.net&c=teconsent&text=true&js=nj&noticeType=bb&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irmc=irmlink
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-23.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
4de849272e972f7e1c1e63a27b30431024b425886fc348b69dc7ce13f354fde0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C2
via
1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
cloudfront-viewer-country
DE
content-length
3510
x-xss-protection
1; mode=block
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
x-amz-cf-id
9h17FrVViotmUEJK-qJNadJfvvSN0naQjky2YklqrggY2TfMXP1juA==
expires
Sat, 10 Apr 2021 01:53:10 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
3851
date
Fri, 09 Apr 2021 23:48:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Sat, 10 Apr 2021 01:48:59 GMT
gtm.js
www.googletagmanager.com/
82 KB
31 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W4DLR7K&l=sinclairDigitalGtmData
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be5b8c67c012c59243ec6a8975702e7eb6dce00b045b29a0f0e70dce8c969ec0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31899
x-xss-protection
0
last-modified
Sat, 10 Apr 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Apr 2021 00:53:10 GMT
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Apr 2021 00:53:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Sun, 11 Apr 2021 00:53:10 GMT
player.config.json
upnorthlive.com/resources/video/players/prod/player-configs/config/
3 KB
982 B
Fetch
General
Full URL
https://upnorthlive.com/resources/video/players/prod/player-configs/config/player.config.json
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/resources/video/players/prod/src/scripts/jwplayer/player.js?_=2021-04-05T18-26Z
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6793) /
Resource Hash
bd2b00335c6b8119de2825b310cbc2fbebb2db78ce8fa0df327befc183c453a4

Request headers

Referer
https://upnorthlive.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:10 GMT
content-encoding
gzip
sbgi-5
true
age
92214
sbgi-13
d
sbgi-7a
03.13.20T1242
sbg-11
7.6.2020T1253
x-cache
HIT
sbgi-6_7
03.13.20T1242
sbgi-9
true
content-length
735
x-amz-id-2
jXF9Jo+DLzczrG+Zjgm1zE9bInfU232V44ABbjS0xaX37fOYMb3XUWVUZdv0bapz9fcCyw21TBE=
sbgi-protocol
https
sbgi-10
true
last-modified
Tue, 06 Apr 2021 22:32:23 GMT
server
ECS (frb/6793)
etag
"5ecbfc4d2d6d0a995389ef5a758385c3+gzip"
sbgi-6_6
03.13.20T1242
vary
Accept-Encoding
x-amz-request-id
802QWN93K58GNS4N
access-control-allow-origin
*
sbgi-device
NoSmartphone
cache-control
max-age=604800
x-amz-version-id
BhpRjX1NJDXwEalNMrNTfN1wjd.p_oZD
sbgi-1
Production
sbgi-6_5
03.13.20T1242
content-type
application/json
expires
Sat, 17 Apr 2021 00:53:10 GMT
jwplayer.js
upnorthlive.com/resources/video/players/prod/player-configs/vendor/jwplayer/8.18.4/
112 KB
37 KB
Script
General
Full URL
https://upnorthlive.com/resources/video/players/prod/player-configs/vendor/jwplayer/8.18.4/jwplayer.js
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/resources/video/players/prod/src/scripts/jwplayer/player.js?_=2021-04-05T18-26Z
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6739) /
Resource Hash
929ad20bec867ac8b707cab1390cd2af02c4dde55d0967a6050ccddc29c696fa

Request headers

Referer
https://upnorthlive.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:10 GMT
content-encoding
gzip
sbgi-5
true
age
92214
sbgi-13
d
sbgi-7a
03.13.20T1242
sbg-11
7.6.2020T1253
x-cache
HIT
sbgi-6_7
03.13.20T1242
sbgi-9
true
content-length
37354
x-amz-id-2
/So7uwc5aB8VkCeJA05wlg8UUdSjmE7C89G0rVHN6FyY+o1U5EdkjNQBeYb0YcFwl4PIxeEn3Ps=
sbgi-protocol
https
sbgi-10
true
last-modified
Wed, 27 Jan 2021 18:05:48 GMT
server
ECS (frb/6739)
etag
"6505a92df4a2368b1b7d5e34d60a1240+gzip"
sbgi-6_6
03.13.20T1242
vary
Accept-Encoding
x-amz-request-id
802WWNV6RR5XA16H
access-control-allow-origin
*
sbgi-device
NoSmartphone
cache-control
max-age=604800
x-amz-version-id
_FpsJke6J97y8W1hZBRXI1ybnyKp0eHZ
sbgi-1
Production
sbgi-6_5
03.13.20T1242
content-type
application/javascript
expires
Sat, 17 Apr 2021 00:53:10 GMT
bundle.js
upnorthlive.com/resources/video/players/prod/dist/1.4.16/
173 KB
30 KB
Script
General
Full URL
https://upnorthlive.com/resources/video/players/prod/dist/1.4.16/bundle.js
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/resources/video/players/prod/src/scripts/jwplayer/player.js?_=2021-04-05T18-26Z
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
a8887f5de93bb873789859f8f687910c0d1507c6d6ced9a7ae9ebde454c16e40

Request headers

Referer
https://upnorthlive.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:10 GMT
content-encoding
gzip
sbgi-5
true
age
92214
sbgi-13
d
sbgi-7a
03.13.20T1242
sbg-11
7.6.2020T1253
x-cache
HIT
sbgi-6_7
03.13.20T1242
sbgi-9
true
content-length
30521
x-amz-id-2
4P3DaAOm6mtqPOToXcFI5xjJGujoYeHmI6P+lDE2H+mybwBbg/im1+qZC35KJ6mNcvqLMqDbL5M=
sbgi-protocol
https
sbgi-10
true
last-modified
Tue, 06 Apr 2021 22:47:15 GMT
server
ECS (frb/6738)
etag
"6469c5e0a3e1748e88b98db591a70ecb+gzip"
sbgi-6_6
03.13.20T1242
vary
Accept-Encoding
x-amz-request-id
802M393YN3V0ZZVE
access-control-allow-origin
*
sbgi-device
NoSmartphone
cache-control
max-age=604800
x-amz-version-id
xayV6hw7gGbVoyaq9bDkDWbPwUj2E7Kh
sbgi-1
Production
sbgi-6_5
03.13.20T1242
content-type
application/javascript
expires
Sat, 17 Apr 2021 00:53:10 GMT
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:52:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
14
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Sat, 10 Apr 2021 01:52:56 GMT
widgets.js
platform.twitter.com/
95 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: static-21.sinclairstoryline.com
URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
4804eeb4c4abffc4e7e36b96935ccb9e3ea97651dfbf522589e5c85be933f4e8

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Apr 2021 00:53:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Apr 2021 23:24:36 GMT
Server
ECS (frb/673A)
Age
1402
Etag
"c6906b2e1894558795b131fc4eee41cf+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28673
apstag.js
c.amazon-adsystem.com/aax2/
119 KB
31 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static-21.sinclairstoryline.com
URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-122.ham50.r.cloudfront.net
Software
Server /
Resource Hash
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 22:11:27 GMT
content-encoding
gzip
server
Server
age
9703
etag
9e0e0829d91a39f75ba9ebfdbaf1f5a9
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
GYObFiYQFsAPpwZjonnhqGiTvSP1inUf
x-amz-cf-id
fK5OOMZ3fMDv9nLdEU-3Q5RYioqYwQ5qQ_4yaaRZXOadWBRWPtI93g==
gpt.js
www.googletagservices.com/tag/js/
61 KB
21 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: static-21.sinclairstoryline.com
URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5a36ac4a5dd24ed420fe399ad8ac785f6d324f02751214530ba131f1a2b9c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"838 / 671 of 1000 / last-modified: 1618006165"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20877
x-xss-protection
0
expires
Sat, 10 Apr 2021 00:53:11 GMT
21162_WLOS_WPMI_Sinclair_DM.js
ads.rubiconproject.com/prebid/
421 KB
106 KB
Script
General
Full URL
https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Requested by
Host: static-21.sinclairstoryline.com
URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.212.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-30-212-16.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
59e99e604fc499733fd4dc9d7a2892de11f995834ddd3a9141c968f71f5ecf5e

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Apr 2021 00:53:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Mar 2021 20:47:29 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=12088
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108603
Expires
Sat, 10 Apr 2021 04:14:39 GMT
more
upnorthlive.com/api/rest/audience/
20 KB
5 KB
XHR
General
Full URL
https://upnorthlive.com/api/rest/audience/more?section=upnorthlive.com/news/local&limit=8
Requested by
Host: static-21.sinclairstoryline.com
URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sjc/4E5D) /
Resource Hash
44db3e0e87a37f05946e03c556f652a6bd2b278865b79205df01642427bf3700

Request headers

Accept
application/json, text/plain, */*
Referer
https://upnorthlive.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sbg-tag-location
Found
date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
sbgi-5
true
age
33
sbgi-7a
03.13.20T1242
sbg-11
7.6.2020T1253
x-cache
HIT
sbgi-6_7
03.13.20T1242
sbgi-19
true
sbgi-qs
section=upnorthlive.com/news/local&limit=8
sbgi-9
true
content-length
4671
sbgi-protocol
https
sbgi-10
true
last-modified
Sat, 10 Apr 2021 00:51:38 GMT
server
ECS (sjc/4E5D)
etag
c9e3450b-997b-11eb-a12b-0629df1e01f2
sbgi-6_6
03.13.20T1242
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
sbgi-device
NoSmartphone
cache-control
max-age=60
sbgi-1
Production
sbgi-6_5
03.13.20T1242
expires
Sat, 10 Apr 2021 00:54:11 GMT
more
upnorthlive.com/api/rest/audience/
22 KB
5 KB
XHR
General
Full URL
https://upnorthlive.com/api/rest/audience/more?section=upnorthlive.com/news/coronavirus&limit=8
Requested by
Host: static-21.sinclairstoryline.com
URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sjc/4E30) /
Resource Hash
9b78db6cb4331fe0399147b9c80d6803519842f96c929e6fb0b0ef6a3f11a6ed

Request headers

Accept
application/json, text/plain, */*
Referer
https://upnorthlive.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sbg-tag-location
Found
date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
sbgi-5
true
age
4
sbgi-7a
03.13.20T1242
sbg-11
7.6.2020T1253
x-cache
HIT
sbgi-6_7
03.13.20T1242
sbgi-19
true
sbgi-qs
section=upnorthlive.com/news/coronavirus&limit=8
sbgi-9
true
content-length
4895
sbgi-protocol
https
sbgi-10
true
last-modified
Sat, 10 Apr 2021 00:52:05 GMT
server
ECS (sjc/4E30)
etag
d1b2f1ee-9985-11eb-a12b-0629df1e01f2
sbgi-6_6
03.13.20T1242
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
sbgi-device
NoSmartphone
cache-control
max-age=60
sbgi-1
Production
sbgi-6_5
03.13.20T1242
expires
Sat, 10 Apr 2021 00:54:11 GMT
more
upnorthlive.com/api/rest/audience/
79 B
448 B
XHR
General
Full URL
https://upnorthlive.com/api/rest/audience/more?section=upnorthlive.comhttp://compulse.dailydealbuilder.com/traverse-city-wpbn/deals%20&limit=8
Requested by
Host: static-21.sinclairstoryline.com
URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (sjc/4E8C) /
Resource Hash
7a7775f415fea31da2a36fc90e41377336c6d58d9b3e6e12654ff39637ae826e

Request headers

Accept
application/json, text/plain, */*
Referer
https://upnorthlive.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sbg-tag-location
random
date
Sat, 10 Apr 2021 00:53:11 GMT
sbgi-6_7
03.13.20T1242
sbgi-5
true
age
9
sbgi-7a
03.13.20T1242
sbg-11
7.6.2020T1253
x-cache
HIT
sbgi-19
true
sbgi-qs
section=upnorthlive.comhttp://compulse.dailydealbuilder.com/traverse-city-wpbn/deals%20&limit=8
sbgi-9
true
content-length
79
sbgi-protocol
https
sbgi-10
true
accept-ranges
bytes
last-modified
Sat, 10 Apr 2021 00:53:02 GMT
server
ECS (sjc/4E8C)
etag
3de3e030-f173-4ab0-93ec-21a5b12a69e7
sbgi-6_6
03.13.20T1242
content-type
application/json
access-control-allow-origin
*
sbgi-device
NoSmartphone
cache-control
max-age=60
sbgi-1
Production
sbgi-6_5
03.13.20T1242
expires
Sat, 10 Apr 2021 00:54:11 GMT
sbg-search-dark.svg
upnorthlive.com/resources/defaults/news_3.0/icons/ui/
1 KB
772 B
Image
General
Full URL
https://upnorthlive.com/resources/defaults/news_3.0/icons/ui/sbg-search-dark.svg
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
0fc5c9d54edcdcb5c94263248a92aece199f5399636afd966022f13924640bf7

Request headers

Referer
https://upnorthlive.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
sbgi-5
true
age
92207
sbgi-13
d
sbgi-7a
03.13.20T1242
sbg-11
7.6.2020T1253
x-cache
HIT
sbgi-6_7
03.13.20T1242
sbgi-9
true
content-length
505
x-amz-id-2
jSJ/X3yFXGBHqO2u6/7JDkc7XnT8Co2h5KThwoNCemlkxYZ2vCaZ7aqgsZ6Vbrztrg4Q5c8mcI4=
sbgi-protocol
https
sbgi-10
true
last-modified
Thu, 15 Mar 2018 21:32:07 GMT
server
ECS (frb/67C2)
etag
"862efb8df1ddd592a2c16d71d54fad00+gzip"
sbgi-6_6
03.13.20T1242
vary
Accept-Encoding
x-amz-request-id
6601QWXSE3SYHC16
access-control-allow-origin
*
sbgi-device
NoSmartphone
cache-control
max-age=604800
x-amz-version-id
null
sbgi-1
Production
sbgi-6_5
03.13.20T1242
content-type
image/svg+xml
expires
Sat, 17 Apr 2021 00:53:11 GMT
710259.gif
idsync.rlcdn.com/
0
66 B
Image
General
Full URL
https://idsync.rlcdn.com/710259.gif?partner_uid=b6ee8c35-a919-4e9b-98b3-57f8c81cc16e
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
via
1.1 google
alt-svc
clear
content-length
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=19578925&ns__t=1618015991225&ns_c=UTF-8&cv=3.5&c8=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&c7=https%3A%2F%2Fupnor...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=19578925&ns__t=1618015991225&ns_c=UTF-8&cv=3.5&c8=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&c7=https%3A%2F%2Fupno...
0
528 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=19578925&ns__t=1618015991225&ns_c=UTF-8&cv=3.5&c8=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&c7=https%3A%2F%2Fupnorthlive.com%2F%3F&c9=https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F&cs_ak_ss=1
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:11 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=19578925&ns__t=1618015991225&ns_c=UTF-8&cv=3.5&c8=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&c7=https%3A%2F%2Fupnorthlive.com%2F%3F&c9=https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F&cs_ak_ss=1
Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:11 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
lightbox.js
www.lightboxcdn.com/vendor/d9cd2986-06c3-404c-a269-64794c4812e1/
326 B
451 B
Script
General
Full URL
https://www.lightboxcdn.com/vendor/d9cd2986-06c3-404c-a269-64794c4812e1/lightbox.js?cb=1618015991241
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/static/lightbox_sinclair.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1ab55a824da62adbbcda89e11372c836f1c9bb6eb9fae920b43ff8441528b514

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
717
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
63d7ff294bf497a2-FRA
cf-request-id
095addcdcb000097a2eb27f000000001
v1.7-1745
consent.trustarc.com/asset/notice.js/v/
70 KB
23 KB
Script
General
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-1745
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=sbgi.net&c=teconsent&text=true&js=nj&noticeType=bb&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irmc=irmlink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-23.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
535e3c7d266c5878e9ebfe4acef027d54381cee300a85214f522ce4af1ea4620

Request headers

Origin
https://upnorthlive.com
Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:21:40 GMT
content-encoding
gzip
age
1891
x-cache
Hit from cloudfront
pragma
public
access-control-allow-origin
*
last-modified
Thu, 8 Apr 2021 09:56:16 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript
via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
x-amz-cf-id
aw6CHMwqkbuR3IJP96xJQ28bvqf1yLMrx5QtruvkNGBjIvVDsHbcJg==
expires
Mon, 10 May 2021 00:21:40 GMT
log
consent.trustarc.com/
43 B
383 B
Image
General
Full URL
https://consent.trustarc.com/log?domain=sbgi.net&country=de&state=&behavior=expressed&c=8af6
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-23.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Apr 2021 00:53:11 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
jWhFgHw-XQL1FVFNP0__P4Irz-2wZAwL2yKomjhEMHkW_mKrcA0qrw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
widget_iframe.e16c6ecf9d86005b77fc7c17beced5d8.html
platform.twitter.com/widgets/ Frame 469F
319 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.e16c6ecf9d86005b77fc7c17beced5d8.html?origin=https%3A%2F%2Fupnorthlive.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://upnorthlive.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://upnorthlive.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
85428
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sat, 10 Apr 2021 00:53:11 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Mon, 05 Apr 2021 23:22:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668B)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
pubads_impl_2021040804.js
securepubads.g.doubleclick.net/gpt/
296 KB
104 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 19:24:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106480
x-xss-protection
0
expires
Sat, 10 Apr 2021 00:53:11 GMT
bid
c.amazon-adsystem.com/e/dtb/
23 B
370 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3555&u=https%3A%2F%2Fupnorthlive.com%2F%3F&pr=https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F&pid=1pu90AOZTZGd5&cb=0&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22banner_pos1_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos2_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos3_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos4_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos1_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos2_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos3_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos4_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos5_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22premium_ddb_0%22%2C%22s%22%3A%5B%221570x300%22%2C%221570x30%22%2C%22970x250%22%2C%22970x90%22%5D%7D%2C%7B%22sd%22%3A%22wallpaper_ddb_0%22%2C%22s%22%3A%5B%221x1%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-122.ham50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
via
1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
HAM50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://upnorthlive.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
fsnaynBPnjD_LrHQ6eNaW-P_SRR84hxBwNOxu3CR2JkBBvaFYutEYA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-122.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
64086
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Fri, 09 Apr 2021 07:05:06 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 6c080b1173adbaa14122fac10a76a7c7.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
ejin99FIlUuDh_LHZiIkY35kqcLWkYHhxTGrTA1H5vGczNP7pMK_Vw==
widget_app_base_1612278999697.js
sinclairstoryline.com/resources/defaults/userway/widgetapp/2021-02-02/
77 KB
22 KB
Script
General
Full URL
https://sinclairstoryline.com/resources/defaults/userway/widgetapp/2021-02-02/widget_app_base_1612278999697.js
Requested by
Host: sinclairstoryline.com
URL: https://sinclairstoryline.com/resources/defaults/userway/widget.js?2021-04-05T18-26Z
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.105 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D0D) /
Resource Hash
1a53825329f39e7b0723e96298beb500daad40964d9dfeffbeb08d73686cfcaa

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
sbgi-ssl-all
0Min
age
13169
x-cache
HIT
sbgi-fm-mb
NIE
content-length
21927
x-amz-id-2
55VAgqJEAuccvK1otusWxHWsh5HVhcMhJE+5Ki5aDuEY0HSJ3Rzz7iIU9Lvt4O5wIdKWcaAZkLk=
sbgi-bypass-cache-cookie
SPA
sbgi-t2ag
MB
last-modified
Mon, 08 Feb 2021 18:25:15 GMT
server
ECS (nyb/1D0D)
cache-control
max-age=3600
etag
"028719a81fba10cd481f5ecc4d477fa4+gzip"
vary
Accept-Encoding
x-amz-request-id
BHM6F36TFPK3J5K4
access-control-allow-origin
*
sbgi-security
StorylineApplication
x-amz-version-id
aehjJ1q64S7GP_BXmpdj_tilaAyNMxpO
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Apr 2021 01:53:11 GMT
b-49c6f47-b751c7c8.js
tagan.adlightning.com/sinclair/
69 KB
23 KB
Script
General
Full URL
https://tagan.adlightning.com/sinclair/b-49c6f47-b751c7c8.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.85 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe7194ba101f7c3ec76c6367fe1c8c64add38d5c422ecc135a96fafbc897160

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 20:23:38 GMT
content-encoding
gzip
age
361774
x-cache
Hit from cloudfront
content-length
23075
x-amz-meta-git_commit
49c6f47
last-modified
Mon, 05 Apr 2021 20:22:07 GMT
server
AmazonS3
etag
"4d6d0929d0c1672ca090c81f88448f1e"
x-amz-version-id
xF0d1fnd3Ds_BfIFVB1Z0Z_kkyk9Dpz9
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
TpDtbjHRBg1aFqb8MYl8X3HPbVaOZOdX-T9KvkCpMWvUFKG7gYE2hg==
bl-49c6f47-4dc853a6.js
tagan.adlightning.com/sinclair/
50 KB
16 KB
Script
General
Full URL
https://tagan.adlightning.com/sinclair/bl-49c6f47-4dc853a6.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.85 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d825f9395d9d9ef4ce659f3bdaf62647257cbfed59b499103ce2e11e5e31babb

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:03:56 GMT
content-encoding
gzip
age
13756
x-cache
Hit from cloudfront
content-length
16093
x-amz-meta-git_commit
49c6f47
last-modified
Fri, 09 Apr 2021 20:46:36 GMT
server
AmazonS3
etag
"c4b7245da406428d45a01d3d9d0aca1d"
x-amz-version-id
YpRdllBAA34qpkilygaJlcLQAMZkCAdO
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
VCuczwbhCxkFdBVah1XtQFC7LiH2JLG2qABKXRAwzfdKwD5_3lvUQA==
user.js
www.lightboxcdn.com/vendor/d9cd2986-06c3-404c-a269-64794c4812e1/
635 KB
127 KB
Script
General
Full URL
https://www.lightboxcdn.com/vendor/d9cd2986-06c3-404c-a269-64794c4812e1/user.js?cb=637533257337135497
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/d9cd2986-06c3-404c-a269-64794c4812e1/lightbox.js?cb=1618015991241
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
900deb659d8e49f0613e796f4fe8b23f796b1fb4e827cc258a7f00f099a6ab50

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
L/BN/eZ+gRzFjliQK8MOzA==
age
285217
cf-polished
origSize=1082113
last-modified
Tue, 06 Apr 2021 17:08:54 GMT
cf-request-id
095addce19000097a2e0aae000000001
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
12a70886-d01e-00ac-5b0b-2b7456000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
63d7ff29cc0297a2-FRA
expires
Sun, 10 Apr 2022 00:53:11 GMT
/
consent-pref.trustarc.com/ Frame A66E
5 KB
2 KB
Document
General
Full URL
https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-8.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
consent-pref.trustarc.com
:scheme
https
:path
/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://upnorthlive.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://upnorthlive.com/

Response headers

content-type
text/html; charset=UTF-8
server
nginx
last-modified
Thu, 08 Apr 2021 02:56:00 GMT
x-xss-protection
1; mode=block
x-content-type-options
nosniff
access-control-allow-origin
*
content-encoding
gzip
date
Fri, 09 Apr 2021 16:22:41 GMT
etag
W/"5147-1617850560000"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
754Cbpz4GzTHjO1njXzzEj0Y_TYmW_oQUXyeLrSvywvwL6MJfg7PeQ==
age
30685
transparent.png
consent.trustarc.com/asset/
95 B
468 B
Image
General
Full URL
https://consent.trustarc.com/asset/transparent.png
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-23.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sat, 10 Apr 2021 00:05:10 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
last-modified
Thu, 24 May 2018 00:46:39 GMT
server
nginx
age
2881
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
content-length
95
x-amz-cf-id
wbBFjqnP7GoryQIbBSMzFAp_Tf2i0G8hjVxFr8dz9_UzR5GDbHu9LQ==
expires
Mon, 10 May 2021 00:05:10 GMT
noticemsg
consent.trustarc.com/
43 B
475 B
Image
General
Full URL
https://consent.trustarc.com/noticemsg?action=consent&domain=sbgi.net&behavior=expressed&country=de&language=en&rand=0.9804564233362161
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-23.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
cloudfront-viewer-country
DE
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
x-amz-cf-id
cbKYgLKb47m9aN_-SL_dM4JVYsH0urM94AoxeDQ68B1N4ycWD5tDrw==
expires
Sat, 10 Apr 2021 01:53:11 GMT
trans.png
consent.trustarc.com/asset/
923 B
1 KB
Image
General
Full URL
https://consent.trustarc.com/asset/trans.png
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-23.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
2606b91cca1f76efe9c503aaef5b7956ef6415a9403b8bbc0f5eb857d515bb05

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sat, 10 Apr 2021 00:47:04 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
last-modified
Thu, 24 May 2018 00:46:39 GMT
server
nginx
age
367
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
content-length
923
x-amz-cf-id
WpGsY0CzrMoeFb1R4voVXcUSelSc2qt4rzj6M0Km4YkkG4z5To5bLA==
expires
Mon, 10 May 2021 00:47:04 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:23:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1787
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5863
x-xss-protection
0
server
cafe
etag
12453517290502062038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 10 Apr 2021 01:23:24 GMT
collect
www.google-analytics.com/j/
4 B
70 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=224697501&t=pageview&_s=1&dl=https%3A%2F%2Fupnorthlive.com%2F&dr=https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F&ul=en-us&de=UTF-8&dt=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIhAAAAAC~&jid=888132869&gjid=1955732659&cid=471698960.1618015991&tid=UA-12096981-13&_gid=1609138866.1618015991&_r=1&_slc=1&cd6=home&cd1=Unregistered&cd2=Unsubscribed&cd3=471698960.1618015991&cd4=false&cd7=standard-teaser&z=740965518
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Apr 2021 00:53:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://upnorthlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame 469F
183 B
411 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=054f7bfabc66009cb01e93f8a11c232f31bd2aac
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.e16c6ecf9d86005b77fc7c17beced5d8.html?origin=https%3A%2F%2Fupnorthlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
112
date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
last-modified
Sat, 10 Apr 2021 00:53:11 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
1b566ebadc2f29ff6073735136ebee6d
strict-transport-security
max-age=631138519
content-length
152
collect
stats.g.doubleclick.net/j/
4 B
88 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-12096981-13&cid=471698960.1618015991&jid=888132869&gjid=1955732659&_gid=1609138866.1618015991&_u=aGBAAEIgAAAAAC~&z=1095020802
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 10 Apr 2021 00:53:11 GMT
content-type
text/plain
access-control-allow-origin
https://upnorthlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637533257337135497
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
q4B4xYJoZwx9ikt94o1nCA==
age
285215
cf-polished
origSize=6016
x-ms-meta-cbmodifiedtime
Wed, 10 Apr 2019 18:50:43 GMT
last-modified
Wed, 10 Apr 2019 19:06:17 GMT
cf-request-id
095addce9c000097a2f982e000000001
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-ms-request-id
ac3fb7e2-401e-0003-4f0b-2b56c6000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
63d7ff2a9c1497a2-FRA
expires
Sun, 10 Apr 2022 00:53:11 GMT
z
lightboxapi.azurewebsites.net/z9gd/43195/upnorthlive.com/jsonp/
443 B
733 B
Script
General
Full URL
https://lightboxapi.azurewebsites.net/z9gd/43195/upnorthlive.com/jsonp/z?cb=1618015991460&callback=jQuery17106447108731161806_1618015991444&_=1618015991461
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/d9cd2986-06c3-404c-a269-64794c4812e1/user.js?cb=637533257337135497
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1833036e59f595f3007bd6c8797572b435a64348a7db76e80a2f1b51d3a78edd

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Apr 2021 00:53:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/javascript
t.gif
www.lightboxcdn.com/z9g/
35 B
285 B
Image
General
Full URL
https://www.lightboxcdn.com/z9g/t.gif?c=1618015991450&h=upnorthlive.com&e=p&u=43195
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 10 Apr 2021 00:53:11 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
1818309
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Tue, 26 Feb 2019 00:59:40 GMT
content-length
35
cf-request-id
095addcea8000097a2eeb38000000001
x-ms-lease-status
unlocked
last-modified
Tue, 26 Feb 2019 01:15:02 GMT
server
cloudflare
etag
0x8D69B87D5A1B25F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
fea83bb3-001e-000f-6618-dbb837000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
63d7ff2aac1797a2-FRA
cf-bgj
imgq:85,h2pri
defaultpreferencemanager.nocache.js
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A66E
5 KB
2 KB
Script
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-8.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
ded567f565b246426e50cdff9cea1d2854ddd6e834c2fc632f5344f968558d4a

Request headers

Referer
https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 02:56:18 GMT
server
nginx
x-amz-cf-pop
HAM50-C1
etag
W/"4867-1617850578000"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
wJ4D0c6qoon7RQ6Y4D35QxKqrLLoySs4yjHX00MtfrtFunokeqgLMA==
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
expires
Sat, 10 Apr 2021 00:53:10 GMT
get
consent-st.trustarc.com/ Frame A66E
20 KB
5 KB
Script
General
Full URL
https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-127.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Request headers

Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 31 Mar 2021 04:44:19 GMT
content-encoding
gzip
server
nginx
age
850132
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
HAM50-C1
timing-allow-origin
*
x-amz-cf-id
EatMc6wdecHQuR4CC-kUsWBXiH7wopCzd8Z0G5v771WETFWXX7b5BQ==
via
1.1 b601b11612dbb318dc18b8b7062715df.cloudfront.net (CloudFront)
expires
Fri, 30 Apr 2021 04:44:19 GMT
loading.gif
consent-pref.trustarc.com/images/ Frame A66E
3 KB
3 KB
Image
General
Full URL
https://consent-pref.trustarc.com/images/loading.gif
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-8.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:19:50 GMT
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 02:56:00 GMT
server
nginx
age
52402
etag
W/"2608-1617850560000"
x-cache
Hit from cloudfront
content-type
image/gif
access-control-allow-origin
*
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
content-length
2608
x-xss-protection
1; mode=block
x-amz-cf-id
r7Krhm0Ea86gjlDANcTlEfgWLxPP-dDJ2vTtZQ-ESdeteQjSO3jrjA==
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-12096981-13&cid=471698960.1618015991&jid=888132869&_u=aGBAAEIgAAAAAC~&z=1847570359
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Apr 2021 00:53:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-12096981-13&cid=471698960.1618015991&jid=888132869&_u=aGBAAEIgAAAAAC~&z=1847570359
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Apr 2021 00:53:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fupnorthlive.com%2F&domain=upnorthlive.com&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://upnorthlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://upnorthlive.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1730
date
Sat, 10 Apr 2021 00:53:10 GMT
content-encoding
gzip
vary
Accept-Encoding
bid
c.amazon-adsystem.com/e/dtb/
23 B
370 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3555&u=https%3A%2F%2Fupnorthlive.com%2F%3F&pr=https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F&pid=1pu90AOZTZGd5&cb=1&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22banner_pos1_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos2_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos3_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos4_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos1_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos2_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos3_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos4_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos5_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22premium_ddb_0%22%2C%22s%22%3A%5B%221570x300%22%2C%221570x30%22%2C%22970x250%22%2C%22970x90%22%5D%7D%2C%7B%22sd%22%3A%22wallpaper_ddb_0%22%2C%22s%22%3A%5B%221x1%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-122.ham50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
via
1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
HAM50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://upnorthlive.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
6sz69Nhz_RQ6Fs8gAbsCo1fYjJKfzDk7Y-jwoKqV3GjSGz8eK8Xbig==
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fupnorthlive.com%2F&domain=upnorthlive.com&cw=1
  • https://mug.criteo.com/sid?cpp=97f10nxYdXdDcDc0WEtKTC9EVDVUTDRVY2dJVXBKSTQ0WUJERFlKOENKQ1lQN21Kdi9YL3R5c25KazhyTlAvVUJCM0ZlSGs3cFFneGNrM0l6bjN3VVdmUkhXQjI0OXh2ZkJoMVErTkN2RGx6Q2REaCtQYlgxWGRYWVA1Q2...
350 B
633 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=97f10nxYdXdDcDc0WEtKTC9EVDVUTDRVY2dJVXBKSTQ0WUJERFlKOENKQ1lQN21Kdi9YL3R5c25KazhyTlAvVUJCM0ZlSGs3cFFneGNrM0l6bjN3VVdmUkhXQjI0OXh2ZkJoMVErTkN2RGx6Q2REaCtQYlgxWGRYWVA1Q250Rm43ZXBBMU5zM3hvZitWRWpDY1J3QS9mSG5BTkI2ZlF5d0trblVLQjZhSGtKNlB5UzBVd3JOWCtHdUJLbjkzZ2hLL2tFTGM5N3N5VnQzeEdiZzZHQlkzNXZIZ21RZ3ZIMFhzZk1BaTZzZjJ4cTZFZGZrPXw&cppv=2
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
6dd5817d84d64a910ccbf4eec4cad7c00e948f0ba85483639e3d6d6b4282f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 10 Apr 2021 00:53:10 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2151
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 10 Apr 2021 00:53:11 GMT
location
https://mug.criteo.com/sid?cpp=97f10nxYdXdDcDc0WEtKTC9EVDVUTDRVY2dJVXBKSTQ0WUJERFlKOENKQ1lQN21Kdi9YL3R5c25KazhyTlAvVUJCM0ZlSGs3cFFneGNrM0l6bjN3VVdmUkhXQjI0OXh2ZkJoMVErTkN2RGx6Q2REaCtQYlgxWGRYWVA1Q250Rm43ZXBBMU5zM3hvZitWRWpDY1J3QS9mSG5BTkI2ZlF5d0trblVLQjZhSGtKNlB5UzBVd3JOWCtHdUJLbjkzZ2hLL2tFTGM5N3N5VnQzeEdiZzZHQlkzNXZIZ21RZ3ZIMFhzZk1BaTZzZjJ4cTZFZGZrPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://upnorthlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3773
content-length
482
expires
0
prebid
ads.yieldmo.com/exchange/
0
225 B
XHR
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.29.0&p=%5B%7B%22placement_id%22%3A%22banner_pos1_ddb_0%22%2C%22callback_id%22%3A%222fc689491a8f59%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%2C%7B%22placement_id%22%3A%22banner_pos2_ddb_0%22%2C%22callback_id%22%3A%223c05583efe5095%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%2C%7B%22placement_id%22%3A%22banner_pos3_ddb_0%22%2C%22callback_id%22%3A%22481eb937bad345%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%2C%7B%22placement_id%22%3A%22banner_pos4_ddb_0%22%2C%22callback_id%22%3A%225677a064d886c4%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%2C%7B%22placement_id%22%3A%22rightrail_pos1_ddb_0%22%2C%22callback_id%22%3A%2265639936150ea%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%2C%7B%22placement_id%22%3A%22rightrail_pos2_ddb_0%22%2C%22callback_id%22%3A%22749661af04b2ed%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%2C%7B%22placement_id%22%3A%22rightrail_pos3_ddb_0%22%2C%22callback_id%22%3A%2280170ac3c5e542%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%2C%7B%22placement_id%22%3A%22rightrail_pos4_ddb_0%22%2C%22callback_id%22%3A%229b4570bf883327%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%2C%7B%22placement_id%22%3A%22rightrail_pos5_ddb_0%22%2C%22callback_id%22%3A%221066d9f1a7fc19b%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%5D&page_url=https%3A%2F%2Fupnorthlive.com%2F%3F&bust=1618015991510&pr=https%3A%2F%2Fupnorthlive.com%2F%3F&scrd=1&dnt=false&description=WPBN%20offers%20news%2C%20sports%2C%20weather%20and%20items%20of%20local%20interest%20in%20Traverse%20City%2C%20Michigan%20and%20nearby%20towns%2C%20including%20Frankfort%2C%20Beulah%2C%20Interlochen%2C%20Kingsley%2C%20Garfield%20Township%2C%20Glen%20Arbor%2C%20Suttons%20Bay%2C%20Kalkaska%2C%20Kingsley%20and%20Manton%2C%20Michigan.&title=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.12.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-12-92.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://upnorthlive.com
pragma
no-cache
date
Sat, 10 Apr 2021 00:53:11 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
cdb
bidder.criteo.com/
18 B
250 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=10400161762
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://upnorthlive.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/
19 B
622 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.29.0&referrer=https%3A%2F%2Fupnorthlive.com%2F%3F&tmax=1200
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.221.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-221-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Apr 2021 00:53:11 GMT
x-auction-status
12, 12, 12, 12, 12, 12, 12, 12, 12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://upnorthlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/
330 B
539 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU34Q8WJ
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fc4611877a14e1b951878b90c5f369789b44ecda5d8b3c9ae231df83432fb898

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Apr 2021 00:53:11 GMT
server
nginx
content-type
application/json;charset=ISO-8859-1
access-control-allow-origin
https://upnorthlive.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
330
expires
Sat, 10 Apr 2021 00:53:11 GMT
cygnus
htlb.casalemedia.com/
25 B
373 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=472733&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22417db88e2abde5b%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F%22%2C%22page%22%3A%22https%3A%2F%2Fupnorthlive.com%2F%3F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A9%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A9%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22428ad750905d7dc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472733%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2243866108e21d5b9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472733%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22440ca4ae0025e01%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472733%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224535998b7eb8d1f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472733%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2246ae54eb2ed3a58%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472734%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224755f22d9c7e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472734%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224868e4f1268494a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472734%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224967771cb4c3bd3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472734%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2250cea54d826d4f8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472734%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2251a8ed6e027ed7d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472734%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2252125392e83704c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472734%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22548488ea5f57f61%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472734%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.48.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-48-61.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b4dceaafa67e075e941f080e2fa84378b602fdbaba191913dfd0111eea1ca04b

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[144.76.109.30], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://upnorthlive.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sat, 10 Apr 2021 00:53:11 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
1 KB
9 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21162&site_id=303064&zone_id=1525856%3B1525856%3B1525856%3B1525856%3B1525858%3B1525858%3B1525858%3B1525858%3B1525858&size_id=2%3B2%3B2%3B2%3B15%3B15%3B15%3B15%3B15&alt_size_ids=%3B%3B%3B%3B10%3B10%3B10%3B%3B&p_pos=%3B%3B%3B%3Batf%3Batf%3Batf%3Batf%3Batf&rf=https%3A%2F%2Fupnorthlive.com%2F%3F&tg_i.aupName=WPBN%26banner_pos%26page%3Dhome%3BWPBN%26banner_pos%26page%3Dhome%3BWPBN%26banner_pos%26page%3Dhome%3BWPBN%26banner_pos%26page%3Dhome%3BWPBN%26rightrail_pos%26page%3Dhome%3BWPBN%26rightrail_pos%26page%3Dhome%3BWPBN%26rightrail_pos%26page%3Dhome%3BWPBN%26rightrail_pos%26page%3Dhome%3BWPBN%26rightrail_pos%26page%3Dhome&tg_i.dfp_ad_unit_code=4756%2FWPBN%2FWeb%2Fhome&tg_i.pbadslot=4756%2FWPBN%2FWeb%2Fhome&tk_flint=dmpbjs_v4.29.0&x_source.tid=770f4a32-240e-44ae-aa84-7e9795e225bb%3Ba74387a8-3cb0-4207-b4b5-2bb367fc8fdc%3B08c15665-841f-47b3-a5b5-f460d22aaabd%3B037b1e78-1bae-48ad-a31f-1b1f9b859668%3B61aca6fe-f377-4590-bcc3-877442b359e0%3Bc204185f-d370-44a4-a38a-cce34f82bc2e%3B28bb7fa5-742d-4d2c-acce-84d912878d08%3B4fbe1d0d-fa8f-4da1-921d-98d68ed9e8b3%3Bb7575a99-e005-482e-8b6b-644ecabb8587&p_screen_res=1600x1200&rp_secure=1&slots=9&rand=0.8364949838330555
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
484f8c448bb3aadb57ec2d3836c4471900590d84ab7670d5402e743d81877418

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:11 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://upnorthlive.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
457
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/
50 B
741 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:11 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.39:80
AN-X-Request-Uuid
652de604-0239-4ff6-9a34-bed65f615106
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://upnorthlive.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/
66 B
630 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=cXBL-QECOr6OoraKlId8sQ
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-43-22.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
8d82795f917e756769f17cf910877d2fba99a8452fa30277e9c3e5448ea8a683

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://upnorthlive.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/
66 B
633 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=cXBL-QECOr6OoraKlId8sQ
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-43-22.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
2c2ae74cd960162eb7e7ea977f36e533c9c33a56bce6a5f8398aae1b64d20c8a

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://upnorthlive.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/
66 B
627 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=cXBL-QECOr6OoraKlId8sQ
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-43-22.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
cf397f2edeaa198aa0b9dcd6b6ecb5196e2c7d7feec2a0b582ab00167c3d16c7

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://upnorthlive.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/
66 B
642 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=cXBL-QECOr6OoraKlId8sQ
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-43-22.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
5d6ab03b7edd684c42260cfc1d148cd5b93e3211510f76fa46a222bc710100c1

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://upnorthlive.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/
66 B
632 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=c0L0awECOr6OoraKlId8sQ
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-43-22.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
131f41b108db39cd46531df1395910462310f8e90ebf4b497585febad5dd0861

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://upnorthlive.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/
66 B
628 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=c0L0awECOr6OoraKlId8sQ
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-43-22.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
fa4d3670359e679267952d9e9c3df429eb537919387aabde80ef9de871a2e5fc

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://upnorthlive.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/
66 B
631 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=c0L0awECOr6OoraKlId8sQ
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-43-22.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
c578d93bd6243796ab26121da301fbed5ab6cd4732f64c655b1d61d2c3d718ca

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://upnorthlive.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/
65 B
639 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=c0L0awECOr6OoraKlId8sQ
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-43-22.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
d78fe450f8b2ca0f9ffe638799c566507285b1eea78c36badf86e3b656245ba7

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://upnorthlive.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/
66 B
630 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=c0L0awECOr6OoraKlId8sQ
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-43-22.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
6fe051207d5e3a4069984f25ddd5546ef03cc0ccb60c5d13c6b8ba5609991f1b

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://upnorthlive.com
access-control-allow-credentials
true
Y5xBOvHNhv
api.userway.org/api/tunings/
776 B
813 B
XHR
General
Full URL
https://api.userway.org/api/tunings/Y5xBOvHNhv
Requested by
Host: sinclairstoryline.com
URL: https://sinclairstoryline.com/resources/defaults/userway/widgetapp/2021-02-02/widget_app_base_1612278999697.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.13.120.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-120-19.us-west-2.compute.amazonaws.com
Software
_ / Express
Resource Hash
2835a99da0b9f083bc588b75a135ffc8fc5aa5eeaca1ec837cafadd821717975

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
etag
W/"308-vU/Y9MyXseLon6odlI/aJFmGjms"
server
_
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0
access-control-allow-headers
Authorization,Origin,X-Requested-With,Content-Type,Accept,Cache-Control,If-Modified-Since,Pragma,X-Auth-Language,X-Auth-Token,X-Spl-Token
expires
Sat, 10 Apr 2021 00:53:11 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=97f10nxYdXdDcDc0WEtKTC9EVDVUTDRVY2dJVXBKSTQ0WUJERFlKOENKQ1lQN21Kdi9YL3R5c25KazhyTlAvVUJCM0ZlSGs3cFFneGNrM0l6bjN3VVdmUkhXQjI0OXh2ZkJoMVErTkN2RGx6Q2REaCtQYlgxWGRYWVA1Q250Rm43ZXBBMU5zM3hvZitWRWpDY1J3QS9mSG5BTkI2ZlF5d0trblVLQjZhSGtKNlB5UzBVd3JOWCtHdUJLbjkzZ2hLL2tFTGM5N3N5VnQzeEdiZzZHQlkzNXZIZ21RZ3ZIMFhzZk1BaTZzZjJ4cTZFZGZrPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
989
date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
vary
Accept-Encoding
4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
consent-pref.trustarc.com/defaultpreferencemanager/ Frame CEA3
140 KB
46 KB
Document
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-8.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
3b416a15d3dc9e914a04ddad4ed898c67db545111ec2334b6daec8c651bdfad0

Request headers

:method
GET
:authority
consent-pref.trustarc.com
:scheme
https
:path
/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 08 Apr 2021 10:19:49 GMT
server
nginx
etag
W/"143674-1617850578000"
last-modified
Thu, 08 Apr 2021 02:56:18 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
access-control-allow-origin
*
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
pL_hJLJm7xTwiWjd022ZPEkpomvG9oaYx7V91n4GjcrAJEztns7SoQ==
age
138802
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A66E
969 B
824 B
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-8.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
d4bef2d91bd01eaeba3c9d62545eb98cec13e41bfacdbf28cf1c17bc7f1a35e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
4A62F2686478BAE800EFF19D5EB3C2E8
Referer
https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
HAM50-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
content-disposition
attachment
access-control-allow-origin
*
content-length
465
x-xss-protection
1; mode=block
x-amz-cf-id
vckykbe-rBEX2OV2rva9sXAY46N9GytCZrSiuXNZf5PXljhNr5AaDQ==
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A66E
48 B
389 B
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-8.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
4fe12fff404827bb3cc449c4c426209178b1c861ec48cdaa6858e0fe9f0f7a7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
4A62F2686478BAE800EFF19D5EB3C2E8
Referer
https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
HAM50-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
*
content-disposition
attachment
content-length
48
x-xss-protection
1; mode=block
x-amz-cf-id
Oui3MPDd4CHz1lbRvcGggQUrijxTDDVz5mJwOdhmzoWA1RjrDynqdA==
EuPreferenceManager.css
consent-pref.trustarc.com/ Frame A66E
27 KB
7 KB
Stylesheet
General
Full URL
https://consent-pref.trustarc.com/EuPreferenceManager.css
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-8.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
1ea22ef5cc12712e650ac15269e8e7b75904f47246ce6eb04bf0fcd42f8bed77

Request headers

Referer
https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 02:56:00 GMT
server
nginx
x-amz-cf-pop
HAM50-C1
etag
W/"27745-1617850560000"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
lKrn8EeFUBaTNnAdCbECaEPlfp6uEuilpjvp8gZ5jXGJK1licepK6w==
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
expires
Sat, 10 Apr 2021 00:53:10 GMT
10.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/ Frame A66E
242 KB
84 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/10.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-8.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
0a9073f8a864d021091181726653951f100dfcabb6d1c04d91c4fd0e74a4e35a

Request headers

Referer
https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 10:19:49 GMT
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 02:56:18 GMT
server
nginx
age
138802
etag
W/"248272-1617850578000"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
qpOwi-KnEvBcx_KwZ33oU2paavlY3rHB5Yy8DlyOqN1TdUGKt8xQVw==
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
expires
Thu, 31 Dec 2037 23:55:55 GMT
1.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/ Frame A66E
19 KB
8 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/1.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-8.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
5f20b1d763177090f7027d3a021e2962ac5d18132e3b33f418cc873e991761de

Request headers

Referer
https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 10:19:49 GMT
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 02:56:18 GMT
server
nginx
age
138802
etag
W/"19413-1617850578000"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
5ordSkxiRjiePh_YGq0lCqlUUVlp4b_yUnYABETUwvz5ewtLTFNcMg==
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
expires
Thu, 31 Dec 2037 23:55:55 GMT
cookie_iframe.html
prefmgr-cookie.truste-svc.net/cookie_js/ Frame B0F7
5 KB
2 KB
Document
General
Full URL
https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http://sbgi.net/privacy-policy&irm=undefined&from=https://consent.trustarc.com/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.105.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-105-228.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Request headers

:method
GET
:authority
prefmgr-cookie.truste-svc.net
:scheme
https
:path
/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http://sbgi.net/privacy-policy&irm=undefined&from=https://consent.trustarc.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

date
Sat, 10 Apr 2021 00:53:12 GMT
content-type
text/html; charset=UTF-8
server
nginx
vary
Accept-Encoding
etag
W/"5014-1597208285000"
last-modified
Wed, 12 Aug 2020 04:58:05 GMT
content-encoding
gzip
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A66E
627 B
636 B
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-8.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
2e578b8901bc4b1b3a6aca07e22e4c843356c51b37400ae8276d1396b3eb578d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
4A62F2686478BAE800EFF19D5EB3C2E8
Referer
https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
HAM50-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
content-disposition
attachment
access-control-allow-origin
*
content-length
277
x-xss-protection
1; mode=block
x-amz-cf-id
2pqZ9Pftay7fD8wHvxfXGuvhclLECzeZfpGYh3wW5qnFcmsBvwj0rA==
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A66E
13 KB
4 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-8.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
aecdfb202cfb299b55a857255a27871a3009a9e16d849a08698f52916870d064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
4A62F2686478BAE800EFF19D5EB3C2E8
Referer
https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
HAM50-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
content-disposition
attachment
access-control-allow-origin
*
content-length
4097
x-xss-protection
1; mode=block
x-amz-cf-id
069SlrMndaHbDSKmA2OYinZpuj2smEYutFBfh3TH7bWjyh6x3eC-YA==
get
consent.trustarc.com/ Frame A66E
3 KB
4 KB
Image
General
Full URL
https://consent.trustarc.com/get?name=trustarc-without-truste-logo-xs.png
Requested by
Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-23.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
a7f60c416ef0c514645c9bc69a03326657377f6678019cf7e6a8e813a6606ebb

Request headers

Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sat, 10 Apr 2021 00:33:40 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
server
nginx
age
1171
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
content-length
3312
x-amz-cf-id
n6cQUgbBcMGOSpVasUdCeEp54RLXrUeU7NvSd5k5khvA5Evk5PM81Q==
expires
Mon, 10 May 2021 00:33:40 GMT
integrator.js
adservice.google.de/adsid/
107 B
799 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=upnorthlive.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
553 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=upnorthlive.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
167 KB
22 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3698767973823009&correlator=1250710837300334&output=ldjh&impl=fifs&hxva=1&scor=3736958600952335&eid=31060550%2C31060770%2C21068111%2C44739387&vrg=2021040804&ptt=17&sc=1&sfv=1-0-38&ecs=20210410&iu_parts=4756%2CWPBN%2CWeb%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%2C728x90%2C728x90%2C728x90%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%2C300x250%2C1570x300%7C1570x30%7C970x250%7C970x90%2C1x1&prev_scp=pos%3D1%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D3%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D4%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D3%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D4%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D5%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3Dpremium%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=kw%3D%255Broot%255D%26path%3D%252F%26page%3Dhome&cookie_enabled=1&bc=31&abxe=1&lmt=1618015991&dt=1618015991908&dlt=1618015990784&idt=561&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=3681582998%2C1152490924%2C1662731371%2C2486512665%2C2271141650%2C671115772%2C661556255%2C3104663351%2C1825207828%2C3027385822%2C1237644005&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&ifi=1&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupnorthlive.com%2F%3F&ref=https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=471698960.1618015991&ga_sid=1618015992&ga_hid=224697501&ga_fc=false&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
271f79f960e820927bf1c36a9e69fa9225aea2accc00db4c249ecd46cd80ccab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21561
x-xss-protection
0
google-lineitem-id
4685377161,4685377161,4685377161,4685377161,4685377161,4685377161,4685377161,4685377161,4685377161,4685114612,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234302876,138234256902,138234256548,138234256923,138234302939,138234302285,138234303008,138234256896,138234256524,138234255891,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://upnorthlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
adf60b992c65a6011be0ced3d07caafa.safeframe.googlesyndication.com/safeframe/1-0-38/html/
0
0
Other
General
Full URL
https://adf60b992c65a6011be0ced3d07caafa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://upnorthlive.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
53375
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Sat, 09 Apr 2022 10:03:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040804&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c5f53aff6d441c50735e4c5602ec1ac9542b11a80ee88c629c8362cf45b821b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Apr 2021 00:53:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6582
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sat, 10 Apr 2021 00:53:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7608
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://upnorthlive.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://upnorthlive.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sat, 10 Apr 2021 00:00:06 GMT
expires
Sun, 10 Apr 2022 00:00:06 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3186
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
pagead2.googlesyndication.com/bg/ Frame 7608
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 06:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
65788
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Sat, 09 Apr 2022 06:36:44 GMT
4.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/ Frame A66E
39 KB
13 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/4.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-8.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
b0f77080bf5e1eab5dc36b6cb1bf723099b68ed7ca000f26bd6bcf7ae23765c4

Request headers

Referer
https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 10:19:51 GMT
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 02:56:18 GMT
server
nginx
age
138801
etag
W/"39569-1617850578000"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
OMOpA1tSL2tef-F54eXDTcO86j8Lxa7pTFWwZF3fJmw2OigXnlfc4A==
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
expires
Thu, 31 Dec 2037 23:55:55 GMT
loading.gif
consent-pref.trustarc.com/images/ Frame A66E
3 KB
3 KB
Image
General
Full URL
https://consent-pref.trustarc.com/images/loading.gif
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-8.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:19:50 GMT
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 02:56:00 GMT
server
nginx
age
52403
etag
W/"2608-1617850560000"
x-cache
Hit from cloudfront
content-type
image/gif
access-control-allow-origin
*
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
content-length
2608
x-xss-protection
1; mode=block
x-amz-cf-id
3rkGJXdeeD2VgxzynIq_vByTZp12qXCsQt7cVWNDSSeuWQBzC95hfg==
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A66E
2 KB
1 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-8.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
537d6857eb313c9cc41ce5e1de997f18d9de59db295b4f269af05390d3d9cd87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
4A62F2686478BAE800EFF19D5EB3C2E8
Referer
https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Sat, 10 Apr 2021 00:53:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
HAM50-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
content-disposition
attachment
access-control-allow-origin
*
content-length
713
x-xss-protection
1; mode=block
x-amz-cf-id
Ndcb9b5En5hxDZUtAkcfShw-v2GR6YjtDNMt_c3hPJ32C_dViLT58w==
get
consent.trustarc.com/ Frame A66E
21 KB
22 KB
Image
General
Full URL
https://consent.trustarc.com/get?name=SBG_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-23.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
5c7356876ee608f5a196f1e886f6c01fce8fae3a9aa490992100d2e6e70cef4b

Request headers

Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sat, 10 Apr 2021 00:17:38 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
server
nginx
age
2134
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
content-length
21695
x-amz-cf-id
HytGowrTdqeqAIQBa0erI32BoGZ7EGTWIFMcPdDi1Nj9grarXdkD0g==
expires
Mon, 10 May 2021 00:17:38 GMT
cookie_inneriframe.html
consent-pref.trustarc.com/ Frame 6306
2 KB
1 KB
Document
General
Full URL
https://consent-pref.trustarc.com/cookie_inneriframe.html
Requested by
Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http://sbgi.net/privacy-policy&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-8.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
consent-pref.trustarc.com
:scheme
https
:path
/cookie_inneriframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://prefmgr-cookie.truste-svc.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://prefmgr-cookie.truste-svc.net/

Response headers

content-type
text/html; charset=UTF-8
server
nginx
last-modified
Thu, 08 Apr 2021 02:56:00 GMT
x-xss-protection
1; mode=block
x-content-type-options
nosniff
access-control-allow-origin
*
content-encoding
gzip
date
Fri, 09 Apr 2021 10:19:50 GMT
etag
W/"2008-1617850560000"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
78siRmTYUVH-BBWJxEqHrPNGsCUwduKnsver5GGqXU_11ubC_GEKMw==
age
52403
gen_204
pagead2.googlesyndication.com/pagead/
0
224 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040804&jk=3698767973823009&bg=!goGlgcXNAAY56aLOOek7ACkAdvg8WmQHHvBL23KcqAz7I4kfaUyxkFpX_mRJ5x0ysYTb3DsgpzN9aAIAAACHUgAAAA1oAQcKAFXQBgORNxfyy298Pb7MzDjtinC7Z7KL_gCWCewgGYYavQ6qTwmwLFOY9ksUyIq1a8-ec5G_xcaRJhToX5dfG0jKK-9ob9p05V_cnDjkhEwf-z1ikMFQmQHV7AoBUqG9BX35C5KnRoH4g7VwZ6ceDtWuUUpK531ELk_UzTzgNAZ-tDlgw6j3TGL8aa93agrL1gnde-ABIwBORxXLJ7HWx218QyCJGmeofq7pfYOzlMeMiR5CMRLBSBRJgwX1H2EOfi_nSdwHNbDErQ_BGsX4wuykaFSnqi9N9XstmgOMjDFBFscgFvlPTkB3ewRu02Esg_w6_w_u6k_YH_E8ZGIlr3IRqnFTqtA7f5Yu8Z0hzb6pC0ywDQ3w32fgrDNT0BGa94-i7yvKqj3oNJGCn8ax05vXJAvuEOrBTvoRIpxjp4EyzUGoX7ac9T5r-4HDGCXJOZagId_CgZegelzD4vnjCWqERQ3tATa8uQBbIFyzv_hfNlO_WixCv_BtlpwTSZtA8yEnKgg6Doebue0tzoEd1BFMzHV88SMeXPxG5caDF8IdgYBnnuw2wfgAUO2aVfpDdEa6mYDxBWraWDl18-SNn1i8TrhCRlL4d4mxJolg1mfE8TmOjqmr84MepfMHQ8AZI0p2HqmeVxtfPknc7MhMckFSRxBu5fx-bO2uIRy59UYgK7meyIzchPTnwmhUlqYXa8wvTJV9zMAMLjsB7ldtZieH11egpW7WZZaoaAa97w
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Apr 2021 00:53:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A66E
460 KB
90 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-8.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
10406e8a8da92b579c175776734224be967af1ef702a321e07386dd9fbf616b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
4A62F2686478BAE800EFF19D5EB3C2E8
Referer
https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Sat, 10 Apr 2021 00:53:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
HAM50-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
content-disposition
attachment
access-control-allow-origin
*
content-length
91444
x-xss-protection
1; mode=block
x-amz-cf-id
Ih37f1RV4Acww7YidqRzsjoLKtLNU0PamXvkJeU-JGmvBIUc1hvxtQ==
loader.gif
consent-pref.trustarc.com/images/ Frame A66E
2 KB
2 KB
Image
General
Full URL
https://consent-pref.trustarc.com/images/loader.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-8.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:19:50 GMT
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 02:56:00 GMT
server
nginx
age
52403
etag
W/"1737-1617850560000"
x-cache
Hit from cloudfront
content-type
image/gif
access-control-allow-origin
*
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
content-length
1737
x-xss-protection
1; mode=block
x-amz-cf-id
j-TiMpSMmKdnP-atYZyYKFD3TCFFp9BA6qJQNmh86O4YMqK0UQEx2w==
body_wh.svg
sinclairstoryline.com/resources/defaults/userway/widgetapp/images/
931 B
815 B
Image
General
Full URL
https://sinclairstoryline.com/resources/defaults/userway/widgetapp/images/body_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.105 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D04) /
Resource Hash
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:12 GMT
content-encoding
gzip
sbgi-ssl-all
0Min
age
47535
x-cache
HIT
sbgi-fm-mb
NIE
content-length
499
x-amz-id-2
In19PNTfHsBQjIJPfcLIazfJ7B3jy95zdO8AMQ63o5WnfRHWwniHaLYA7y5l1c0qRnughX6ZlZo=
sbgi-bypass-cache-cookie
SPA
sbgi-t2ag
MB
last-modified
Mon, 08 Feb 2021 18:25:14 GMT
server
ECS (nyb/1D04)
cache-control
max-age=3600
etag
"2ec2767a3bb93656fb9b75c893d7be75+gzip"
vary
Accept-Encoding
x-amz-meta-replication-status
FAILED
x-amz-request-id
VGREXYKETT5PXHNK
access-control-allow-origin
*
sbgi-security
StorylineApplication
x-amz-version-id
nQl5sRsEJEbheL_iOJ7wYUJYmVz__yDQ
x-amz-meta-version-id
qAnohPBcCxyocXuHNNF_62TLMlyHrvhl
accept-ranges
bytes
content-type
image/svg+xml
expires
Sat, 10 Apr 2021 01:53:12 GMT
spin_wh.svg
sinclairstoryline.com/resources/defaults/userway/widgetapp/images/
2 KB
802 B
Image
General
Full URL
https://sinclairstoryline.com/resources/defaults/userway/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.105 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1F) /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:12 GMT
content-encoding
gzip
sbgi-ssl-all
0Min
age
47535
x-cache
HIT
sbgi-fm-mb
NIE
content-length
568
x-amz-id-2
xU7Tb0GB0xy2IXv4wyf0xKqdQKwqV331ZrdqgRwghjQqR3PCfIlVR0rWRlkRaTtzd5tQQhU4Xg0=
sbgi-bypass-cache-cookie
SPA
sbgi-t2ag
MB
last-modified
Mon, 08 Feb 2021 18:25:15 GMT
server
ECS (nyb/1D1F)
cache-control
max-age=3600
etag
"8e0a35946bf39d10f46a1f1653366a0a+gzip"
vary
Accept-Encoding
x-amz-meta-replication-status
FAILED
x-amz-request-id
VGR6BYS6NSSBE20Q
access-control-allow-origin
*
sbgi-security
StorylineApplication
x-amz-version-id
L9ua6mJmNKU5KfZ4zE7wO9MNRc6jAUEg
x-amz-meta-version-id
4vPru6ViciXxe4dOepcM1VHca3QQzOez
accept-ranges
bytes
content-type
image/svg+xml
expires
Sat, 10 Apr 2021 01:53:12 GMT
1-0
preferences-mgr.truste.com/token/816/ Frame 44C8
Redirect Chain
  • https://app.link/nai-optout?action_id=3&participant_id=816&rd=https://preferences-mgr.truste.com&nocache=0.4846240146080738
  • https://preferences-mgr.truste.com/token/816/1-0
550 B
783 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/816/1-0
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
117420691b3b16ce517a899de4b81d60830ae1e8e772fd4d5d1411f30892739e

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/816/1-0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
550
date
Fri, 09 Apr 2021 06:02:13 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
ih9VsD8cmIjJgLjZSPKQGe5TRcCHE-0NoCrdWcW-ctTX03O1iZ-3Og==
age
67859

Redirect headers

Content-Type
text/html; charset=utf-8
Content-Length
140
Connection
keep-alive
Server
openresty
Date
Sat, 10 Apr 2021 00:53:12 GMT
X-Powered-By
Express
P3P
This is not a valid P3P header.
Location
https://preferences-mgr.truste.com/token/816/1-0
Vary
Accept
X-Cache
Miss from cloudfront
Via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
vEZlO0zx52DKYDS6CcjiESCMhk7K-z8q0cthgaxQhu-fxZFW-He8PA==
1-0
preferences-mgr.truste.com//token/766/ Frame 7ABF
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/daa/webchoices?action_id=3&participant_id=766&rd=https://preferences-mgr.truste.com/&nocache=0.41864297959787167
  • https://preferences-mgr.truste.com//token/766/1-0
550 B
783 B
Document
General
Full URL
https://preferences-mgr.truste.com//token/766/1-0
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
a848963d27e6a14c1bafd1821fe96b4e3e946aca4411e02530505d9f5036a884

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
//token/766/1-0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
550
date
Fri, 09 Apr 2021 05:51:52 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
rILkBcXuIquUdNYYtyNqAUDy4j3isp-Rc6wWiCtaW5W9ZFveBh3W3Q==
age
68480

Redirect headers

date
Sat, 10 Apr 2021 00:53:12 GMT
content-length
0
location
https://preferences-mgr.truste.com//token/766/1-0
server
Kestrel
p3p
policyref="https://cognitiv.ai/privacy-policy/"
0
preferences-mgr.truste.com/token/519/1/ Frame A90B
Redirect Chain
  • https://s.thebrighttag.com/api/privacy/3fLGmeU/nai?action_id=3&participant_id=519&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.8145193791572358
  • https://preferences-mgr.truste.com/token/519/1/0
536 B
769 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/519/1/0
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
6e60407537ae8be31f1c4776a6e6ff512a603ef7a1fabc8f6386ff2410b16d31

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/519/1/0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
536
date
Fri, 09 Apr 2021 01:59:58 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
rNyY7HUyTuk1zQHHPTohIhUJQPg1c751wHvkLmbymP3c76ZP1adjHA==
age
82394

Redirect headers

Server
nginx
Date
Sat, 10 Apr 2021 00:53:12 GMT
Content-Length
0
Connection
keep-alive
Location
https://preferences-mgr.truste.com/token/519/1/0
Set-Cookie
btpstkn=7gwJPu9x37vZ4gHzwn54OwAAAXi5RLvA;Version=0;Comment=;SameSite=None;Domain=.s.thebrighttag.com;Secure
X-BT-RequestId
20673c00-9997-11eb-b516-0000ac150a10
P3P
CP=NOI DSP COR NID
/
preferences-mgr.truste.com/token/716/1/AAAAEICgku_YOOTcwFZspu0-QINJyUx8Ln4zfLaF5VIWwZ3eavhu4SWAi7qeySSF0qPNtXhs/ Frame E434
Redirect Chain
  • https://analytics.twitter.com/daa/0/daa_optout_actions?action_id=3&participant_id=716&rd=https://preferences-mgr.truste.com&nocache=0.11421449788949589
  • https://preferences-mgr.truste.com/token/716/1/AAAAEICgku_YOOTcwFZspu0-QINJyUx8Ln4zfLaF5VIWwZ3eavhu4SWAi7qeySSF0qPNtXhs/
678 B
903 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/716/1/AAAAEICgku_YOOTcwFZspu0-QINJyUx8Ln4zfLaF5VIWwZ3eavhu4SWAi7qeySSF0qPNtXhs/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
764144e9b05f681ff2922932c02c587f104171e5757d7869f9d8ea7d568fe7d4

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/716/1/AAAAEICgku_YOOTcwFZspu0-QINJyUx8Ln4zfLaF5VIWwZ3eavhu4SWAi7qeySSF0qPNtXhs/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
678
date
Sat, 10 Apr 2021 00:53:12 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
i_juwU30m5gPDdcCQbmt6fMUtBjP7EIzA0JUhYZutvsrtEGLKvColg==

Redirect headers

cache-control
no-cache, no-store, max-age=0
content-length
0
date
Sat, 10 Apr 2021 00:53:12 GMT
location
https://preferences-mgr.truste.com/token/716/1/AAAAEICgku_YOOTcwFZspu0-QINJyUx8Ln4zfLaF5VIWwZ3eavhu4SWAi7qeySSF0qPNtXhs/
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
server
tsa_o
strict-transport-security
max-age=631138519
x-connection-hash
50b45afbe310bec022df758d53089366
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-response-time
110
x-transaction
0060fb59001bb4a2
x-xss-protection
0
/
preferences-mgr.truste.com/token/258/1/58b42ace821f6b36/ Frame 0577
Redirect Chain
  • https://optout.33across.com/api/?action_id=3&participant_id=258&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.06538139145014288
  • https://preferences-mgr.truste.com/token/258/1/58b42ace821f6b36/
566 B
791 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/258/1/58b42ace821f6b36/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
e95d15ad98d4be356d54b9f78d43fcd0c639c27d19293ce5b8f30c7ce1fb342e

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/258/1/58b42ace821f6b36/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
566
date
Sat, 10 Apr 2021 00:53:13 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
JJ8bMtKkZN70Kwa3fSsP10m39D8gVmRO2KYAYHmJpB6juikCnUZldA==

Redirect headers

date
Sat, 10 Apr 2021 00:53:12 GMT
server
Apache
x-powered-by
PHP/5.4.40
expires
Tue, 01 Jan 1980 1:00:00 GMT
last-modified
Sat, 10 Apr 2021 00:53:12 GMT
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
pragma
no-cache
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
set-cookie
33x_nc_au=b83afeebf82be95b; path=/; SameSite=None; domain=33across.com; secure
location
https://preferences-mgr.truste.com/token/258/1/58b42ace821f6b36/
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
20
content-type
text/html; charset=UTF-8
/
preferences-mgr.truste.com/token/488/1/58b42ace821f6b36/ Frame 464E
Redirect Chain
  • https://optout.tynt.com/api/?action_id=3&participant_id=488&rd=https://preferences-mgr.truste.com&nocache=0.6576183614530995
  • https://preferences-mgr.truste.com/token/488/1/58b42ace821f6b36/
566 B
791 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/488/1/58b42ace821f6b36/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
983e7c47781c01a8459f139d3e578ba0ac947bf6c2940b4f97f546e12b5456e9

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/488/1/58b42ace821f6b36/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
566
date
Sat, 10 Apr 2021 00:53:13 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
JFJSyQqhRDDXOR-7qT9OFQYqiU0i_cH3_8v-sUC_AeMKyiUDigUiAg==

Redirect headers

date
Sat, 10 Apr 2021 00:53:12 GMT
server
Apache
x-powered-by
PHP/5.4.40
expires
Tue, 01 Jan 1980 1:00:00 GMT
last-modified
Sat, 10 Apr 2021 00:53:12 GMT
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
pragma
no-cache
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
set-cookie
33x_nc_au=b83afeebf82be95b; path=/; SameSite=None; domain=tynt.com; secure
location
https://preferences-mgr.truste.com/token/488/1/58b42ace821f6b36/
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
20
content-type
text/html; charset=UTF-8
/
preferences-mgr.truste.com/token/383/1/xKWWkpwqrq/ Frame DE3D
Redirect Chain
  • https://acuityplatform.com/Adserver/nai?action_id=3&participant_id=383&rd=https://preferences-mgr.truste.com&nocache=0.44836625930660445
  • https://preferences-mgr.truste.com/token/383/1/xKWWkpwqrq/
554 B
778 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/383/1/xKWWkpwqrq/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
0f9cc9b3cae7840738dd1595147e5cc5af31706d3d639c312685e0a3762498d0

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/383/1/xKWWkpwqrq/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
554
date
Sat, 10 Apr 2021 00:53:13 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
_yeivz1t08hZGxTXljGVqF-ib7rr_biaFaHc9xfWXfRSz1vgEE-3aA==

Redirect headers

P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Pragma
no-cache
Location
https://preferences-mgr.truste.com/token/383/1/xKWWkpwqrq/
Content-Length
0
Date
Sat, 10 Apr 2021 00:53:12 GMT
adelphic
preferences-mgr.truste.com/token/642/1/ Frame 6195
Redirect Chain
  • https://my.ipredictive.com/optout/aboutads?action_id=3&participant_id=642&rd=https://preferences-mgr.truste.com&nocache=0.3188222102175231
  • https://preferences-mgr.truste.com/token/642/1/adelphic
550 B
774 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/642/1/adelphic
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
2fc144fae13962c0d391f4a75a0ec528c0aadd48b23acfdb0f296ffd7d339adc

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/642/1/adelphic
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
550
date
Fri, 09 Apr 2021 01:43:50 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
oOcW9BUrN5INiJkGhG4hLYKw9FSJwqF2QtS-7jtZLvarheUgoYA4hQ==
age
83363

Redirect headers

date
Sat, 10 Apr 2021 00:53:12 GMT
content-length
0
location
https://preferences-mgr.truste.com/token/642/1/adelphic
server
Apache-Coyote/1.1
p3p
CP="NOI PSA OUR"
1
preferences-mgr.truste.com/token/768/ Frame A496
Redirect Chain
  • https://optout.alphonso.tv/optout_v1?action_id=3&participant_id=768&rd=https://preferences-mgr.truste.com&nocache=0.6205378461417315
  • https://preferences-mgr.truste.com/token/768/1
546 B
779 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/768/1
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
1b26143b592dd06b2c5f2dd1a0f15d4879ba64ba9a1eddcb7f467523f7b39e9f

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/768/1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
546
date
Fri, 09 Apr 2021 04:41:50 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
XiqvvFtliqGVkuRDh5szD2_AH1axV_LEYQdmVHj35jV83N0mG_LvEg==
age
72683

Redirect headers

X-Powered-By
Express
Access-Control-Allow-Origin
*
Vary
Origin, Accept, Accept-Encoding
Location
https://preferences-mgr.truste.com/token/768/1
Content-Type
text/html; charset=utf-8
Content-Length
136
Date
Sat, 10 Apr 2021 00:53:13 GMT
master-opt-out
ad.amgdgt.com/ads/ Frame 989E
Redirect Chain
  • https://ad.amgdgt.com/ads/nai-coop-opt-out?action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
  • https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
2 KB
2 KB
Document
General
Full URL
https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.115.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e0c6b301f5981bd273ccd5790d6052d17b4d1f7e4cae2e8f64ec2a8f87b87ea3

Request headers

Host
ad.amgdgt.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://consent-pref.trustarc.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

Cache-Control
no-cache, no-store
Content-Type
text/html
Date
Sat, 10 Apr 2021 00:53:12 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server
Apache-Coyote/1.1
Content-Length
1697
Connection
keep-alive

Redirect headers

Cache-Control
no-cache, no-store
Date
Sat, 10 Apr 2021 00:53:12 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Location
https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server
Apache-Coyote/1.1
Content-Length
0
Connection
keep-alive
/
preferences-mgr.truste.com/token/713/1-2/ Frame 4520
Redirect Chain
  • https://r.turn.com/r/optout?action_id=3&participant_id=713&rd=https://preferences-mgr.truste.com&nocache=0.2909998417829094
  • https://preferences-mgr.truste.com/token/713/1-2/
550 B
783 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/713/1-2/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
d9802af64401b98446e9674c0f11b5944c2eeb0d513bf444679e7707114286ae

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/713/1-2/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
550
date
Fri, 09 Apr 2021 08:30:04 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
yuNEWspm583nGPak1Y7giCPGhc-T6_MLGd9O1c1jWNjBa9fX8-KExA==
age
58988

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
location
https://preferences-mgr.truste.com/token/713/1-2/
content-length
0
date
Sat, 10 Apr 2021 00:53:12 GMT
/
preferences-mgr.truste.com/token/559/1-0/153050528/ Frame 5BF3
Redirect Chain
  • https://apolloprogram.io/optout?action_id=3&participant_id=559&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.28212396017279096
  • https://preferences-mgr.truste.com/token/559/1-0/153050528/
556 B
782 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/559/1-0/153050528/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
7d67c5c27921c0861baa3d791ae92cead36ca1e13abcf0e2e0ebe9bb37499953

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/559/1-0/153050528/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
556
date
Sat, 10 Apr 2021 00:53:13 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
3zv3Z6EXSc681gnOYf1hw8ESF74Dgwdx89xJpUgxgTLUngNpZAVZkg==

Redirect headers

date
Sat, 10 Apr 2021 00:53:12 GMT
content-type
text/html; charset=utf-8
content-length
162
location
https://preferences-mgr.truste.com/token/559/1-0/153050528/
x-powered-by
Express
set-cookie
atid=153050528; Domain=.apolloprogram.io; Path=/; Expires=Sat, 10 Apr 2021 01:09:12 GMT; HttpOnly; Secure; SameSite=None
vary
Accept
0b9490d1f38e
preferences-mgr.truste.com/token/574/1/ Frame 931A
Redirect Chain
  • https://optout.prod.bidr.io/optout?action_id=3&participant_id=574&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.4873849742633807
  • https://preferences-mgr.truste.com/token/574/1/0b9490d1f38e
558 B
782 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/574/1/0b9490d1f38e
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
7f0e8cd2feb2035c7f3fd212db34ce1919e1b0d9df0a258e2b4b084ad040b312

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/574/1/0b9490d1f38e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
558
date
Fri, 09 Apr 2021 14:15:59 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
GOYi79g7n6V50EewHaZHxzhlrx1qsjedSA3okKjZIlpiyilMlGyujQ==
age
38233

Redirect headers

content-type
text/plain
Date
Sat, 10 Apr 2021 00:53:12 GMT
location
https://preferences-mgr.truste.com/token/574/1/0b9490d1f38e
p3p
We do not support P3P; our privacy policy is at https://www.beeswax.com/privacy.html
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
15
Connection
keep-alive
/
preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/ Frame 89AE
Redirect Chain
  • https://ml314.com/daaoptout.ashx?action_id=3&participant_id=718&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.9929598322169366
  • https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/
574 B
808 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
67175599b4bdf8d3df9fa17e11d12ea2396ad2f6997a70b44e701966b930ec8f

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/718/1/dG9rZW4tYm9tYm9yYQ==/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
574
date
Fri, 09 Apr 2021 06:02:13 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
vogvWNC3wjchCDbSVqIkMw7JRdJRQs6-JZF6qUPEAzw6aPPaifx88g==
age
67859

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Date
Sat, 10 Apr 2021 00:53:11 GMT
Expires
0
Location
https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/
P3P
CP="ALL DSP COR NID"
Pragma
no-cache
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Length
185
Connection
keep-alive
253614
preferences-mgr.truste.com//token/392/1/ Frame 1F0B
Redirect Chain
  • https://optout.crsspxl.com/opt-out.php?action_id=3&participant_id=392&rd=https://preferences-mgr.truste.com/&nocache=0.5501910891399684
  • https://preferences-mgr.truste.com//token/392/1/253614
546 B
771 B
Document
General
Full URL
https://preferences-mgr.truste.com//token/392/1/253614
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
bc1f23151d099b4b2db6c4fe9b1adf9c5e81941fc4a37c00b2dd3f038de0ce6a

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
//token/392/1/253614
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
546
date
Fri, 09 Apr 2021 08:25:59 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
kY7v6sivYNNxfMPSJFYDQA0uWw4Ol7HMoYhSbjeHVongxCKgLdOQhQ==
age
59234

Redirect headers

Date
Sat, 10 Apr 2021 00:53:12 GMT
Server
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
X-Powered-By
PHP/5.4.16
Location
https://preferences-mgr.truste.com//token/392/1/253614
Content-Length
0
Keep-Alive
timeout=5, max=100
Content-Type
text/html; charset=UTF-8
/
preferences-mgr.truste.com/token/762/1-0/ Frame C336
Redirect Chain
  • https://segments.company-target.com/dnt?action_id=3&participant_id=762&rd=https://preferences-mgr.truste.com&nocache=0.3638758641323159
  • https://preferences-mgr.truste.com/token/762/1-0/
550 B
783 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/762/1-0/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
862dc87fba8cf3233eedca7a7b8a3f4a99659743c06233a59193251e0cc63887

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/762/1-0/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
550
date
Fri, 09 Apr 2021 05:16:32 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
gFdJN9UcbcZnSgoy0513wp4rgx_fjb_MhLSQwiE0IjOPXiPWn6Rw6w==
age
70600

Redirect headers

Content-Length
0
Connection
keep-alive
Date
Sat, 10 Apr 2021 00:53:12 GMT
trace-id
833dfcd0beeb6d0f
Vary
Origin
Location
https://preferences-mgr.truste.com/token/762/1-0/
X-Cache
Miss from cloudfront
Via
1.1 c0093508e95ee3f9ebe60485284279c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC51-C1
X-Amz-Cf-Id
nr2mtrAnYzfmK3HFbNHerfuaxfBVm7VBcn4YWjlTP4-kgcxtFdoDqw==
/
preferences-mgr.truste.com//token/813/1/0/ Frame 331A
Redirect Chain
  • https://privacy.eyereturn.com/coop?action_id=3&participant_id=813&rd=https://preferences-mgr.truste.com/&nocache=0.19510148468161792
  • https://preferences-mgr.truste.com//token/813/1/0/
546 B
771 B
Document
General
Full URL
https://preferences-mgr.truste.com//token/813/1/0/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
32e7839121081d59bd1d0d07a78011d28774c8d51facb5b29ce37d2d7554bebc

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
//token/813/1/0/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
546
date
Fri, 09 Apr 2021 03:14:51 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
TR64HuLDV7W9_TBIkCxsfwSUad05l4E8VAKr1PKrNpR-WvuvOf3bxw==
age
77901

Redirect headers

access-control-allow-headers
Origin
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
73
content-type
text/html; charset=utf-8
date
Sat, 10 Apr 2021 00:53:12 GMT
expires
0
location
https://preferences-mgr.truste.com//token/813/1/0/
pragma
no-cache
server
EROO 1.0.1
via
1.1 google
alt-svc
clear
/
preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3/ Frame 24E3
Redirect Chain
  • https://googleads.g.doubleclick.net/ads/preferences/naioptout?action_id=3&participant_id=804&rd=https://preferences-mgr.truste.com&nocache=0.3706910843929323
  • https://adssettings.google.com/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3&aboutads_sess=ACi0TCgzuve7mbGA8_B-xCi-B8R...
  • https://adssettings.google.de/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3&aboutads_sess=ACi0TCgzuve7mbGA8_B-xCi-B8RH...
  • https://preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3/
622 B
847 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
aa7555acbd8369c3dce4727adcbe24260c9dc454062ee54de0caca399a923275

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/804/1/AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
622
date
Sat, 10 Apr 2021 00:53:13 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
hmJcMeP77nnIn3pBOSQWoy70KnC2xYLXzicoACImpwZtBeXvRwG1Lw==

Redirect headers

content-type
application/binary
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info." CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 10 Apr 2021 00:53:12 GMT
location
https://preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3/
cross-origin-resource-policy
same-site
content-security-policy
script-src 'report-sample' 'nonce-TExg5Ypox+msLXDncSPMBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AdsSettingsUi/cspreport;worker-src 'self' script-src 'nonce-TExg5Ypox+msLXDncSPMBQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/AdsSettingsUi/cspreport
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
set-cookie
aboutads_sess997262221=ACi0TCgzuve7mbGA8_B-xCi-B8RHMMBDGKwdsXLc2WRRFA4-BWRWFvCJiMU1odRc5aDoZ9Y9isoF; Path=/ext/nai/; Secure; HttpOnly; SameSite=none NID=213=IE4TKaMF2sF1nzkIm-1zOxcbr8OLtNqnVVOqrgi4P03riYEaL2s6j5gPOm6bJeCw88Hlt4iDpwUnI7DUV_tQFmtQzBcZMRFfHvxOmZ4YSMO7Lfl-HDYjnbMZT51MH2fw6N9JwkNIRGON-8A1PiKzZTW9rzhiOqH5IFVKW3GScE8; expires=Sun, 10-Oct-2021 00:53:12 GMT; path=/; domain=.google.de; Secure; HttpOnly; SameSite=none CONSENT=PENDING+010; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.de
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/ Frame 53AA
Redirect Chain
  • https://ad.wsod.com/coop_api/?action_id=3&participant_id=407&rd=https://preferences-mgr.truste.com/&nocache=0.6212910339735191
  • https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/
546 B
780 B
Document
General
Full URL
https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
2ef794e6984277c05c475b8eef5d63fefef122b5277c4ae2a642d1be51061a58

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
//token/407/1/c452458f4e50cdf9c8a1338016a6289d/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
546
date
Fri, 09 Apr 2021 07:13:11 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
5XQwkmQxYhuU1j0KAHsOGI5vxDj8yWsfzNPvf0_PzjugPKqeOh_xRA==
age
63601

Redirect headers

Server
nginx
Date
Sat, 10 Apr 2021 00:53:13 GMT
Content-Type
text/html
Content-Length
0
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Set-Cookie
ub=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.wsod.com; SameSite=None; secure; httponly
Location
https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/
/
preferences-mgr.truste.com/token/641/1/a5a11da8-73c7-44af-9dda-b51d94a0d5d8/ Frame 0E5E
Redirect Chain
  • https://partner.knorex.com/oba/api/aboutads?action_id=3&participant_id=641&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6506654505994021
  • https://preferences-mgr.truste.com/token/641/1/a5a11da8-73c7-44af-9dda-b51d94a0d5d8/
606 B
831 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/641/1/a5a11da8-73c7-44af-9dda-b51d94a0d5d8/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
bc564ae75ba1345b7bb82cc602475bc3c120e4fa797d04259fdc88de4e8de8e9

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/641/1/a5a11da8-73c7-44af-9dda-b51d94a0d5d8/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
606
date
Sat, 10 Apr 2021 00:53:13 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
amMd42RH5Frza2zKTyMbUKlNH9-95MpHsbvaZePGMoNavvPMr-Jipw==

Redirect headers

date
Sat, 10 Apr 2021 00:53:13 GMT
location
https://preferences-mgr.truste.com/token/641/1/a5a11da8-73c7-44af-9dda-b51d94a0d5d8/
server
nginx/1.19.9
p3p
CP="This is not a P3P policy!"
set-cookie
vertx-web.session=a5a11da8-73c7-44af-9dda-b51d94a0d5d8; Path=/ vertx-web.session=a5a11da8-73c7-44af-9dda-b51d94a0d5d8; Path=/
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
/
preferences-mgr.truste.com/token/454/1/E96XQIOVFD/ Frame 2EE5
Redirect Chain
  • https://oba.media.net/nai.php?action_id=3&participant_id=454&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.8208618069712379
  • https://preferences-mgr.truste.com/token/454/1/E96XQIOVFD/
554 B
779 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/454/1/E96XQIOVFD/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
0cd2d67b020f039e7f25bb2f9af1442a4ee8911166599074e7bce94dbcef5735

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/454/1/E96XQIOVFD/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
554
date
Sat, 10 Apr 2021 00:53:13 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
G6yPeAhyao5_CNe73IpPv9UMh6PF6eqDYMlU75T3PU1EjEfifmFU7g==

Redirect headers

Date
Sat, 10 Apr 2021 00:53:13 GMT
Server
Apache
Strict-Transport-Security
max-age=3600;
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Set-Cookie
token=E96XQIOVFD; path=/; domain=.media.net; secure; SameSite=None
Location
https://preferences-mgr.truste.com/token/454/1/E96XQIOVFD/
Content-Length
0
Keep-Alive
timeout=2, max=120
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Cookie set nai.php
www.mathtag.com/ Frame C604
281 B
786 B
Document
General
Full URL
https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.2992817425046965
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.140.207 Reston, United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
nginx /
Resource Hash
8f4c27880df39d1259644af70d534ca29ec1d19a7c3dbcc4c9764897507a2778

Request headers

Host
www.mathtag.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://consent-pref.trustarc.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

Server
nginx
Date
Sat, 10 Apr 2021 00:57:55 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
238
Connection
keep-alive
Keep-Alive
timeout=360
Referrer-Policy
no-referrer-when-downgrade
Set-Cookie
PHPSESSID=fb0rnm5g5tn05v7grfm9umd5o6; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary
Accept-Encoding
Content-Encoding
gzip
/
preferences-mgr.truste.com/token/755/3/ Frame 4C6C
Redirect Chain
  • https://jadserve.postrelease.com/naioptout?action_id=3&participant_id=755&rd=https://preferences-mgr.truste.com&nocache=0.6300195753410418
  • https://preferences-mgr.truste.com/token/755/3/
546 B
779 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/755/3/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
244c6dae6dcb45d4f8890326398b2e39628b713f4f37f327a492b5b163083d72

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/755/3/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
546
date
Fri, 09 Apr 2021 05:17:05 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
iKezufWUpgPtD8ZYMqvlZFcpJgDdxfItM3R7TniueZlK1BiiWw7NdQ==
age
70568

Redirect headers

date
Sat, 10 Apr 2021 00:53:13 GMT
content-length
0
location
https://preferences-mgr.truste.com/token/755/3/
server
nginx/1.12.1
expires
Mon, 1 Jan 1990 12:00:00 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie
opt_out=1; Domain=.postrelease.com; Expires=Fri, 10-Apr-2026 00:53:13 GMT; Path=/; Secure; SameSite=None;
/
preferences-mgr.truste.com/token/765/1/1618015992/ Frame 63CF
Redirect Chain
  • https://u.openx.net/privacy/daa?action_id=3&participant_id=765&rd=https://preferences-mgr.truste.com&nocache=0.544747758019497
  • https://preferences-mgr.truste.com/token/765/1/1618015992/
554 B
779 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/765/1/1618015992/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
7515ae2c781acc2c7c66d80e897451ad0c9ce8c44397b1892c4e02fc53f3d290

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/765/1/1618015992/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
554
date
Sat, 10 Apr 2021 00:53:12 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
TCW7f2uj_fIEKkun0389iRhQXcCyaemBxt8p4NZ7v3W7zNlgPIK2mw==

Redirect headers

server
OXGW/16.205.50
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://preferences-mgr.truste.com/token/765/1/1618015992/
date
Sat, 10 Apr 2021 00:53:12 GMT
content-length
0
via
1.1 google
alt-svc
clear
Cookie set optout.jsp
apps.pubmatic.com/ Frame 3390
788 B
1 KB
Document
General
Full URL
https://apps.pubmatic.com/optout.jsp?action_id=3&participant_id=420&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.00998808848613808
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.45 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9821ab0c2c0ec5b01063600d74683297ce2374c280142908a947ae553b60a027

Request headers

Host
apps.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://consent-pref.trustarc.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

Date
Sat, 10 Apr 2021 00:53:13 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
route=95297fe76a241cd1103f74c315c9ed87; Max-Age=86400; Path=/; HttpOnly JSESSIONID=3DF8F0A45B5D631AED3C74B4BC57FEEE; Path=/; HttpOnly
Cache-Control
no-cache
Pragma
no-cache
Expires
Wed, 31 Dec 1969 23:59:59 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
PUT, GET, POST
Access-Control-Allow-Headers
X-Forwarded-For, X-app123-XPTO
Content-Encoding
gzip
kZS0eEwh9qiD
preferences-mgr.truste.com/token/422/1/ Frame 5305
Redirect Chain
  • https://bh.contextweb.com/bh/oba/aboutads/?action_id=3&participant_id=422&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.15411385081511653
  • https://preferences-mgr.truste.com/token/422/1/kZS0eEwh9qiD
558 B
783 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/422/1/kZS0eEwh9qiD
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
a177e8ff280682c069e01489261f08a331fcc9f64984afbaa718c8ced5a05c39

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/422/1/kZS0eEwh9qiD
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
558
date
Sat, 10 Apr 2021 00:53:13 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
zxFpmnnoPo_dBguv9KqJVMUSxlS88kwBhWcGA5hpOZ1nthVbb8ue9Q==

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://preferences-mgr.truste.com/token/422/1/kZS0eEwh9qiD
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=ee8068e5fdb385fa; path=/; HttpOnly; Secure; SameSite=None
/
preferences-mgr.truste.com/token/806/1-0/O020392429351618015992768/ Frame 6936
Redirect Chain
  • https://pixel.quantserve.com/optout?action_id=3&participant_id=806&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6304568669858734
  • https://preferences-mgr.truste.com/token/806/1-0/O020392429351618015992768/
588 B
813 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/806/1-0/O020392429351618015992768/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
6c027717a0ba438f610ea737761a64fb46156625f9f4f556d625818b4465fdc9

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/806/1-0/O020392429351618015992768/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
588
date
Sat, 10 Apr 2021 00:53:12 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
pob75tZo2tGIEVLSEk8G0l62jIVZdBNX5spFfluE3D-FvWK6L8WpOA==

Redirect headers

date
Sat, 10 Apr 2021 00:53:12 GMT
content-length
0
cache-control
private, no-cache, no-store, proxy-revalidate
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://preferences-mgr.truste.com/token/806/1-0/O020392429351618015992768/
pragma
no-cache
strict-transport-security
max-age=86400
b5962ba7-e3c8-4b51-87f8-2abb250e00cf
preferences-mgr.truste.com/token/758/1-0/ Frame C18C
Redirect Chain
  • https://optout.mediaforge.com/nai/mediaforge/optout?action_id=3&participant_id=758&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.7220065886007279
  • https://preferences-mgr.truste.com/token/758/1-0/b5962ba7-e3c8-4b51-87f8-2abb250e00cf
610 B
835 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/758/1-0/b5962ba7-e3c8-4b51-87f8-2abb250e00cf
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
a0ad02cbe5da6bc9aeed110115df7118987aca4f140364be57203c0dcf5d5430

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/758/1-0/b5962ba7-e3c8-4b51-87f8-2abb250e00cf
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
610
date
Sat, 10 Apr 2021 00:53:12 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
08FM5t6X-3a4BPJv-NAjuvk7u8UJQuzPJknG8MVbirufDepAHrrfiw==

Redirect headers

p3p
CP="This is not a P3P policy! See http://marketing.rakuten.com/faq-privacy-policy-changes for more info."
x-robots-tag
noindex, nofollow
expires
Tue, 01 Jan 2001 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma
no-cache
set-cookie
mf_token=b5962ba7-e3c8-4b51-87f8-2abb250e00cf; Domain=mediaforge.com; Path=/; Secure; SameSite=None
location
https://preferences-mgr.truste.com/token/758/1-0/b5962ba7-e3c8-4b51-87f8-2abb250e00cf
content-language
en-US
content-length
0
date
Sat, 10 Apr 2021 00:53:12 GMT
via
1.1 google
alt-svc
clear
0
preferences-mgr.truste.com//token/497/1-0/ Frame 2D38
Redirect Chain
  • https://api.retargetly.com/optout?action_id=3&participant_id=497&rd=https://preferences-mgr.truste.com/&nocache=0.7375084932384992
  • https://api.retargetly.com/optout?action_id=3&participant_id=497&rd=https%3A%2F%2Fpreferences-mgr.truste.com%2F&nocache=0.7375084932384992&_rlid=258e9fa9-3549-47c2-9e5b-7d393bf33b3b
  • https://preferences-mgr.truste.com//token/497/1-0/0
550 B
774 B
Document
General
Full URL
https://preferences-mgr.truste.com//token/497/1-0/0
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
06f4208938b42b9634fe6311c817d44aa7dcf2cbbe27c522cfa897ede47c4348

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
//token/497/1-0/0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
550
date
Fri, 09 Apr 2021 07:24:40 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
4D_rtqUZ0ifCneyH4mrGEROeJNOXMScjQXenaijWZrGnJRLOD55L0g==
age
62913

Redirect headers

date
Sat, 10 Apr 2021 00:53:13 GMT
content-type
application/javascript
set-cookie
__cfduid=d89e5b367989159aa23358bd5df1e37251618015992; expires=Mon, 10-May-21 00:53:12 GMT; path=/; domain=.retargetly.com; HttpOnly; SameSite=Lax _rlsnc=0; domain=.retargetly.com; path=/; expires=Sat, 10 Apr 2021 00:53:13 GMT; SameSite=None; Secure
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
pragma
no-cache
expires
0
location
https://preferences-mgr.truste.com//token/497/1-0/0
cf-cache-status
DYNAMIC
cf-request-id
095addd43700001f19923e4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63d7ff3388e01f19-FRA
909786677
preferences-mgr.truste.com/token/831/1-1/ Frame 97B2
Redirect Chain
  • https://i.w55c.net/optout/nai?action_id=3&participant_id=831&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.31802074119693
  • https://preferences-mgr.truste.com/token/831/1-1/909786677
556 B
781 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/831/1-1/909786677
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
908d86d005c71e17e784289ce0fcb55196fdb3be56f89dc3732debed159d9a5b

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/831/1-1/909786677
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
556
date
Sat, 10 Apr 2021 00:53:12 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
7Kv_vpChj-Ap0QIla0YWmI56SmHBMnwSqaXPmFA9RlI87HH-iiYu8Q==

Redirect headers

Cache-Control
no-cache, must-revalidate
Content-Type
text/html;charset=utf-8
Date
Sat, 10 Apr 2021 00:53:12 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://preferences-mgr.truste.com/token/831/1-1/909786677
P3P
policyref="http://w55c.net/w3c/p3p.xml", CP="DSP NOI COR"
Pragma
no-cache
Server
PixelTracking/v2.0.30-639-g719035a#rel-ec2-master i-013d87c18de960209@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Length
0
Connection
keep-alive
/
preferences-mgr.truste.com/token/835/1/42/ Frame 1F9A
Redirect Chain
  • https://nai.sharethis.com/?action_id=3&participant_id=835&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.9107635042222395
  • https://preferences-mgr.truste.com/token/835/1/42/
538 B
764 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/835/1/42/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
3975ae177459f79bf5425cf9922417e008d8e1e9238cb2fd4a79598c8d312d2b

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/835/1/42/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
538
date
Fri, 09 Apr 2021 05:29:51 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
sOSHAYYOMIhp00UW5wRYW_kk_jMv95WTVqQChPHFf7k9qvTZCvQYtw==
age
69801

Redirect headers

Content-Length
0
Connection
keep-alive
Server
CloudFront
Date
Sat, 10 Apr 2021 00:53:12 GMT
P3P
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
Location
https://preferences-mgr.truste.com/token/835/1/42/
X-Cache
LambdaGeneratedResponse from cloudfront
Via
1.1 c25a7e7126dfc9a3b0a377e34949f435.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
X-Amz-Cf-Id
ZFrXMLYjPOjR2kc_7y2RP95G3GrqiBupauxLJKsFOQQeD1UYie8tkw==
/
preferences-mgr.truste.com/token/729/1/dummy_token/ Frame 95F3
Redirect Chain
  • https://oo.rfihub.com/nai.gif?action_id=3&participant_id=729&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.7469728027786195
  • https://preferences-mgr.truste.com/token/729/1/dummy_token/
556 B
780 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/729/1/dummy_token/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
136a6b973440649afe68d466601288842badcc28af82900d4a276fc0a8f4739c

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/729/1/dummy_token/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
556
date
Fri, 09 Apr 2021 08:54:14 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
PViU-iRk7wgLWxO3Xh6TQK2Mz9dRM-hHp1l15itCWIELP8_KeY9cPA==
age
57538

Redirect headers

Date
Sat, 10 Apr 2021 00:53:12 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://preferences-mgr.truste.com/token/729/1/dummy_token/
Content-Length
0
Server
Jetty(9.3.29.v20201019)
XloPuglJuvKJvbmS
preferences-mgr.truste.com/token/604/1/ Frame 2FDA
Redirect Chain
  • https://pixel.sojern.com/optout/do?action_id=3&participant_id=604&rd=https://preferences-mgr.truste.com&nocache=0.16242486217168906
  • https://preferences-mgr.truste.com/token/604/1/XloPuglJuvKJvbmS
566 B
791 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/604/1/XloPuglJuvKJvbmS
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
eef07791a4f3f6d6fd9d45496f4f92e048b285f6fa1a062bf6fbb4d98feb76a9

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/604/1/XloPuglJuvKJvbmS
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
566
date
Sat, 10 Apr 2021 00:53:12 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
l7oSGJO6QwH8CjREVl9MpD44nhR9j1Jah7f9Nq1ry7BAzT3rcGGOag==

Redirect headers

content-type
text/html; charset=utf-8
location
https://preferences-mgr.truste.com/token/604/1/XloPuglJuvKJvbmS
p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
vary
Accept-Encoding
date
Sat, 10 Apr 2021 00:53:12 GMT
content-length
99
via
1.1 google
alt-svc
clear
/
preferences-mgr.truste.com/token/742/1/ Frame 8BF1
Redirect Chain
  • https://ap.lijit.com/cookie_opt_out?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com&nocache=0.6236276668704173
  • https://ap.lijit.com/check_optout_cookie?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com
  • https://preferences-mgr.truste.com/token/742/1/
546 B
779 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/742/1/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
a84d6b5a26df2f5550f066a6f55ffda41c871a58132a2e639c296631e687f59d

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/742/1/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
546
date
Fri, 09 Apr 2021 04:39:30 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
c04RlajkLAtn6l6NXvjCCxQB--GLT6ky0ecAyQTJOZCVNFhaX61VmA==
age
72822

Redirect headers

Server
nginx
Date
Sat, 10 Apr 2021 00:53:12 GMT
Content-Length
0
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://preferences-mgr.truste.com/token/742/1/
X-Powered-By
raptor-daa
X-Sovrn-Pod
ad_ap2ams1
/
preferences-mgr.truste.com/token/375/1/44ca856c-81cf-3854-8aab-9738a11eadc3/ Frame 5E89
Redirect Chain
  • https://optout.steelhousemedia.com/nai?action_id=3&participant_id=375&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.11865885943287324
  • https://preferences-mgr.truste.com/token/375/1/44ca856c-81cf-3854-8aab-9738a11eadc3/
606 B
839 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/375/1/44ca856c-81cf-3854-8aab-9738a11eadc3/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
5a49b9b20ad53280f362f2003a487fe07a4b2511087fe910af63d93de39ea3af

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/375/1/44ca856c-81cf-3854-8aab-9738a11eadc3/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
606
date
Fri, 09 Apr 2021 17:01:51 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
BTLsLtuctLjSu-Wu0Fh1h6s4nSIdQa83ARvnzwvMzGB_smVv_YqBvg==
age
28282

Redirect headers

content-type
text/html;charset=UTF-8
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
location
https://preferences-mgr.truste.com/token/375/1/44ca856c-81cf-3854-8aab-9738a11eadc3/
content-length
0
x-envoy-upstream-service-time
1
date
Sat, 10 Apr 2021 00:53:13 GMT
server
istio-envoy
connection
close
/
preferences-mgr.truste.com/token/428/1/4a468fed-d6fa-4f75-a6fb-7497f9da8487/ Frame 85C1
Redirect Chain
  • https://privacy.tapad.com/daa-coop?action_id=3&participant_id=428&rd=https://preferences-mgr.truste.com&nocache=0.87285952209917
  • https://preferences-mgr.truste.com/token/428/1/4a468fed-d6fa-4f75-a6fb-7497f9da8487/
606 B
831 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/428/1/4a468fed-d6fa-4f75-a6fb-7497f9da8487/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
c248492a5b3a9413082160d736e93d2d3b91e6835e98bf55936aaea3f7790d36

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/428/1/4a468fed-d6fa-4f75-a6fb-7497f9da8487/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
606
date
Sat, 10 Apr 2021 00:53:13 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
GBWLtbUW56GGoE3GDsxBnrRVGkCNcBdcmW2YYNj86y1ATtx8j_I89Q==

Redirect headers

location
https://preferences-mgr.truste.com/token/428/1/4a468fed-d6fa-4f75-a6fb-7497f9da8487/
strict-transport-security
max-age=31536000
content-length
0
date
Sat, 10 Apr 2021 00:53:12 GMT
via
1.1 google
alt-svc
clear
o8stHZzkEz
preferences-mgr.truste.com/token/366/1-0/ Frame 0D96
Redirect Chain
  • https://pixel.rubiconproject.com/oba/optout/?action_id=3&participant_id=366&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.3363509881467939
  • https://preferences-mgr.truste.com/token/366/1-0/o8stHZzkEz
558 B
783 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/366/1-0/o8stHZzkEz
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
edcd3d43899d89d9a4acf9a6ec0877fc33af669a692c1861220a9b5c4b681b95

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/366/1-0/o8stHZzkEz
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
558
date
Sat, 10 Apr 2021 00:53:12 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
Yk3Bl-VLol5wWgATerf7apheLCqwoyR6DDLIFZ8908Q7YoikGsHS8g==

Redirect headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Expires
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Location
https://preferences-mgr.truste.com/token/366/1-0/o8stHZzkEz
content-length
0
set-cookie
o8stHZzkEz=1; Max-Age=3600; Expires=Sat, 10 Apr 2021 01:53:12 GMT; Path=/; Domain=.rubiconproject.com; Secure; SameSite=None
rbti
preferences-mgr.truste.com/token/770/1-0/ Frame F6D9
Redirect Chain
  • https://optout.thrtle.com/optout?action_id=3&participant_id=770&rd=https://preferences-mgr.truste.com&nocache=0.37617324718308165
  • https://preferences-mgr.truste.com/token/770/1-0/rbti
546 B
772 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/770/1-0/rbti
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
355547042271a8468f9fce8d27b789371baf3dba83ce22c12dd39059c20326be

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/770/1-0/rbti
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
546
date
Sat, 10 Apr 2021 00:53:13 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
uRQzuLPJwLe9my-cUNjtLIrSHkzyS3CclfYZHD9USArog9EUhdFA-A==

Redirect headers

date
Sat, 10 Apr 2021 00:53:13 GMT
content-type
text/html; charset=utf-8
content-length
76
location
https://preferences-mgr.truste.com/token/770/1-0/rbti
p3p
CP="NOI OUR BUS UNI COM NAV"
strict-transport-security
max-age=63072000; includeSubDomains
server
/
preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/ Frame B40F
Redirect Chain
  • https://optout-service.unrulymedia.com/opt-out?action_id=3&participant_id=783&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6600020666555269
  • https://preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/
606 B
839 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
cfa76b1c4ea631c14e2bd76a3061da97e0954a6bde16f6e772bace1261f28eb7

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
606
date
Fri, 09 Apr 2021 17:22:59 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
OecDKD5YNklEQEp_2JKceAnL8ixr1w2RZ864Osp2YVIZI-GYH9gk3g==
age
27014

Redirect headers

date
Sat, 10 Apr 2021 00:53:13 GMT
location
https://preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/
server
nginx/1.19.6
vary
Accept-Encoding
content-length
0
daastatus.ashx
optout.mxptint.net/ Frame B95B
Redirect Chain
  • https://optout.mxptint.net/daaoptout.ashx?action_id=3&participant_id=540&rd=http://preferences-mgr.truste.com&nocache=0.35124559906811004
  • https://optout.mxptint.net/daastatus.ashx?rd=http://preferences-mgr.truste.com&participant_id=540&action_id=3
0
0

csrf
preferences-mgr.truste.com/token/747/1-0/ Frame 857B
Redirect Chain
  • https://optout.bigsea.weborama.com/optout?action_id=3&participant_id=747&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.0033268862255300125
  • https://preferences-mgr.truste.com/token/747/1-0/csrf
546 B
770 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/747/1-0/csrf
Requested by
Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
efec5394dfd449bbe933fad5abd3dc6991d17596494f4cd12990a8e35b33e3f9

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/747/1-0/csrf
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

content-length
546
date
Fri, 09 Apr 2021 02:23:40 GMT
server
nginx
x-cache
Hit from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
mVHmnrMcVPn-68g3IWKYjH0GqzF6bSrGDsk7cUfBUobKVotcMcgtvQ==
age
80972

Redirect headers

Date
Sat, 10 Apr 2021 00:53:12 GMT
Location
https://preferences-mgr.truste.com/token/747/1-0/csrf
P3P
CP="This is not a valid P3P header"
Content-Length
0
Connection
keep-alive
optout.aspx
server.cpmstar.com/ Frame A66E
0
0
Image
General
Full URL
https://server.cpmstar.com/optout.aspx?action=opt_out?test=1&nocache=0.1791948895700659
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.235.251.211 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

targetingCookieInformation.action
publisher.tradedoubler.com/public/ Frame A66E
Redirect Chain
  • https://publisher.tradedoubler.com/public/setBlockTargetingCookie.action?nocache=0.33375387040545257
  • https://publisher.tradedoubler.com/public/targetingCookieInformation.action
0
0
Image
General
Full URL
https://publisher.tradedoubler.com/public/targetingCookieInformation.action
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.196.187.199 Sundbyberg, Sweden, ASN25473 (ASN-SYSTEAM EVRY Cloud Services, SE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Date
Sat, 10 Apr 2021 00:53:12 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/plain; charset=UTF-8
Location
https://publisher.tradedoubler.com/public/targetingCookieInformation.action
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Content-Length
20
publishertag.prebid.js
static.criteo.net/js/ld/
80 KB
26 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:12 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sun, 11 Apr 2021 00:53:12 GMT
get
consent.trustarc.com/ Frame A66E
3 KB
4 KB
Image
General
Full URL
https://consent.trustarc.com/get?name=trustarc-without-truste-logo-xs.png
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-23.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
a7f60c416ef0c514645c9bc69a03326657377f6678019cf7e6a8e813a6606ebb

Request headers

Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sat, 10 Apr 2021 00:33:40 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
server
nginx
age
1172
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
content-length
3312
x-amz-cf-id
mwieBokBmcfoIUfjIwYjNvbEmaGNA1_Ev-KPvtYLQ5WBXQmkUBLjbQ==
expires
Mon, 10 May 2021 00:33:40 GMT
syncframe
gum.criteo.com/ Frame 24C5
0
150 B
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=upnorthlive.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=upnorthlive.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://upnorthlive.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://upnorthlive.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1901
date
Sat, 10 Apr 2021 00:53:12 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/
80 KB
26 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:12 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sun, 11 Apr 2021 00:53:12 GMT
/
preferences-mgr.truste.com/token/807/1-1/fb0rnm5g5tn05v7grfm9umd5o6/ Frame C604
Redirect Chain
  • https://pixel.mathtag.com/event/img?mt_id=888&mt_nsync&mm_bnc&redir=https%3A%2F%2Fpreferences-mgr.truste.com%2Ftoken%2F807%2F%5BNAI_OPTOUT%5D-1%2Ffb0rnm5g5tn05v7grfm9umd5o6%2F
  • https://preferences-mgr.truste.com/token/807/1-1/fb0rnm5g5tn05v7grfm9umd5o6/
590 B
815 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/807/1-1/fb0rnm5g5tn05v7grfm9umd5o6/
Requested by
Host: www.mathtag.com
URL: https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.2992817425046965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
bd277ad6d60a7fe60598511497812870cc04813dd27687a719643b11aa0746e1

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/807/1-1/fb0rnm5g5tn05v7grfm9umd5o6/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.2992817425046965
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.2992817425046965

Response headers

content-length
590
date
Sat, 10 Apr 2021 00:53:13 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
YyV6Jxx_xCZSwMsHb-0H2qc2P_7L4MLYxqlCte1AD-afLVWfpoTx5A==

Redirect headers

Content-Type
image/gif
Content-Length
0
Server
MT3 3660 495c301 master cdg-pixel-x29
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://preferences-mgr.truste.com/token/807/1-1/fb0rnm5g5tn05v7grfm9umd5o6/
Expires
Sat, 10 Apr 2021 00:54:10 GMT
Date
Sat, 10 Apr 2021 00:53:13 GMT
Connection
keep-alive
jquery-1.11.1.min.js
ad.amgdgt.com/ads/js/ Frame 989E
94 KB
94 KB
Script
General
Full URL
https://ad.amgdgt.com/ads/js/jquery-1.11.1.min.js
Requested by
Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.115.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Apr 2021 00:53:12 GMT
Last-Modified
Wed, 30 Jan 2019 10:48:44 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
95786
Content-Type
application/javascript
jquery.cookie.js
ad.amgdgt.com/ads/js/ Frame 989E
3 KB
3 KB
Script
General
Full URL
https://ad.amgdgt.com/ads/js/jquery.cookie.js
Requested by
Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.115.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b

Request headers

Referer
https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Apr 2021 00:53:13 GMT
Last-Modified
Wed, 30 Jan 2019 10:48:44 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
3128
Content-Type
application/javascript
optout.js
ad.amgdgt.com/ads/js/ Frame 989E
22 KB
22 KB
Script
General
Full URL
https://ad.amgdgt.com/ads/js/optout.js
Requested by
Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.115.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
13f5ddb50d8506f227f9ed4039d935ccbea8390f52b946c11de4f73a7dabbcc2

Request headers

Referer
https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Apr 2021 00:53:13 GMT
Last-Modified
Wed, 30 Jan 2019 10:48:44 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
22414
Content-Type
application/javascript
optout.js
cdn.pubmatic.com/mgmt/javascripts/ Frame 3390
9 KB
4 KB
Script
General
Full URL
https://cdn.pubmatic.com/mgmt/javascripts/optout.js
Requested by
Host: apps.pubmatic.com
URL: https://apps.pubmatic.com/optout.jsp?action_id=3&participant_id=420&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.00998808848613808
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
55b6f92da77357e33d80dc8799f4819168ebb769fe84e5d62580226e70179e0c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.pubmatic.com

Request headers

Referer
https://apps.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://*.pubmatic.com
Content-Encoding
gzip
Last-Modified
Tue, 16 Mar 2021 06:37:07 GMT
Server
Apache
ETag
"7e0375-257c-5bda1986790ba"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=172800
Date
Sat, 10 Apr 2021 00:53:13 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
3858
Expires
Sat, 10 Apr 2021 11:15:44 GMT
/
preferences-mgr.truste.com/token/420/1/xETh2Cbamm36rgbcE9Z2cVWmSK7jGAh2gab6/ Frame 3390
606 B
831 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/420/1/xETh2Cbamm36rgbcE9Z2cVWmSK7jGAh2gab6/
Requested by
Host: cdn.pubmatic.com
URL: https://cdn.pubmatic.com/mgmt/javascripts/optout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
5fdfd6687de487f1d905e9027e96976d8e64f372760701170354d763cabbfd79

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/420/1/xETh2Cbamm36rgbcE9Z2cVWmSK7jGAh2gab6/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://apps.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://apps.pubmatic.com/

Response headers

content-length
606
date
Sat, 10 Apr 2021 00:53:13 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
RF6jwzez7y9XuiiwIlUeH4w4WYwmjEOcuSN0imUUu2jebw1YNDBpMQ==
transparent.gif
cdn.amgdgt.com/base/pixels/ Frame 989E
Redirect Chain
  • https://ad.amgdgt.com/ads/opt-out?op=check&src=MST&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D-419943423911395328%26pf%3Damg%26st%3D
  • https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=-419943423911395328&pf=amg&st=nt
  • https://cdn.amgdgt.com/base/pixels/transparent.gif
43 B
401 B
Image
General
Full URL
https://cdn.amgdgt.com/base/pixels/transparent.gif
Requested by
Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2070:3000:10:8317:ee40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303

Request headers

Referer
https://ad.amgdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 02:48:28 GMT
via
1.1 017544a774b4ea14958963973ae360f0.cloudfront.net (CloudFront)
last-modified
Wed, 29 Apr 2015 18:15:05 GMT
server
Apache
age
857085
etag
"2b-514e0f55a9e7d"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=2592000
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
43
x-amz-cf-id
kGG3OjW40jrgYX__QQPX7RSiOkxOSxaup1wy6RPeTHbXFOU3JPtNcA==
expires
Fri, 30 Apr 2021 02:48:28 GMT

Redirect headers

Date
Sat, 10 Apr 2021 00:53:13 GMT
Server
Apache-Coyote/1.1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
https://cdn.amgdgt.com/base/pixels/transparent.gif
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
transparent.gif
cdn.amgdgt.com/base/pixels/ Frame 989E
Redirect Chain
  • https://r.turn.com/r/optout?src=amobee&type=status&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D5534732271616%26pf%3Dturn%26st%3D
  • https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=5534732271616&pf=turn&st=t
  • https://cdn.amgdgt.com/base/pixels/transparent.gif
43 B
401 B
Image
General
Full URL
https://cdn.amgdgt.com/base/pixels/transparent.gif
Requested by
Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2070:3000:10:8317:ee40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303

Request headers

Referer
https://ad.amgdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 02:48:28 GMT
via
1.1 017544a774b4ea14958963973ae360f0.cloudfront.net (CloudFront)
last-modified
Wed, 29 Apr 2015 18:15:05 GMT
server
Apache
age
857085
etag
"2b-514e0f55a9e7d"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=2592000
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
43
x-amz-cf-id
C_4y7I2OoyvlR7LpwYtgpIJjlD9PDy90L973rEStLCCzPZvrH4rqpQ==
expires
Fri, 30 Apr 2021 02:48:28 GMT

Redirect headers

Date
Sat, 10 Apr 2021 00:53:13 GMT
Server
Apache-Coyote/1.1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
https://cdn.amgdgt.com/base/pixels/transparent.gif
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
transparent.gif
cdn.amgdgt.com/base/pixels/ Frame 989E
Redirect Chain
  • https://ingest.tidaltv.com/opt-out?op=givethestatus&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D7385421516%26pf%3Dvid%26st%3D
  • https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=7385421516&pf=vid&st=nt
  • https://cdn.amgdgt.com/base/pixels/transparent.gif
43 B
400 B
Image
General
Full URL
https://cdn.amgdgt.com/base/pixels/transparent.gif
Requested by
Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2070:3000:10:8317:ee40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303

Request headers

Referer
https://ad.amgdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 02:48:28 GMT
via
1.1 017544a774b4ea14958963973ae360f0.cloudfront.net (CloudFront)
last-modified
Wed, 29 Apr 2015 18:15:05 GMT
server
Apache
age
857085
etag
"2b-514e0f55a9e7d"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=2592000
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
43
x-amz-cf-id
48o6wQYOZHfnemWLQictFzX10uUw8fy1LL5hGhsJzDbVcBaQu3CqKg==
expires
Fri, 30 Apr 2021 02:48:28 GMT

Redirect headers

Date
Sat, 10 Apr 2021 00:53:13 GMT
Server
Apache-Coyote/1.1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
https://cdn.amgdgt.com/base/pixels/transparent.gif
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
preferences-mgr.truste.com/token/636/2/90827426468215186874/ Frame 989E
574 B
800 B
Document
General
Full URL
https://preferences-mgr.truste.com/token/636/2/90827426468215186874/
Requested by
Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/js/optout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-51.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
6d7bb0de80823f862ba2c4d084fe0d0706e8ff8222073fda68ad601dac340eca

Request headers

:method
GET
:authority
preferences-mgr.truste.com
:scheme
https
:path
/token/636/2/90827426468215186874/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad.amgdgt.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad.amgdgt.com/

Response headers

content-length
574
date
Sat, 10 Apr 2021 00:53:13 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
7TrRD8hhaoKeOBZOE2_xkEZUf88brICZPFevGNZAc6TVBuUm_CNb0A==
id
id.sharedid.org/
0
214 B
XHR
General
Full URL
https://id.sharedid.org/id
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.212.63.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-63-181.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://upnorthlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://upnorthlive.com
pragma
no-cache
date
Sat, 10 Apr 2021 00:53:17 GMT
cache-control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires
0
sync
eb2.3lift.com/ Frame DCFB
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB
Document
General
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-73-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d04a77e4520206ba58e559faa335d72053931f805d397d46c32b85e8b48dce59

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://upnorthlive.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=2028676289241410892
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://upnorthlive.com/

Response headers

date
Sat, 10 Apr 2021 00:53:16 GMT
content-type
text/html; charset=utf-8
content-length
477
set-cookie
sync=CgoIgQIQ-5eTyosvCgoIkQIQ-5eTyosvCgoI4gEQ-5eTyosvCgoIkgIQ-5eTyosvCgoI5gEQ-5eTyosvCgoIhwIQ-5eTyosvCgkIOhD7l5PKiy8KCQgLEPuXk8qLLwoJCF8Q-5eTyosvCgkIHxD7l5PKiy8=; Max-Age=7776000; Expires=Fri, 09 Jul 2021 00:53:16 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=2028676289241410892; Max-Age=7776000; Expires=Fri, 09 Jul 2021 00:53:16 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Sat, 10 Apr 2021 00:53:16 GMT
content-length
0
set-cookie
tluid=2028676289241410892; Max-Age=7776000; Expires=Fri, 09 Jul 2021 00:53:16 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
ssc-cms.33across.com/ps/ Frame FEC3
0
0
Document
General
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=c0L0awECOr6OoraKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.180 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip180.208-100-17.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=c0L0awECOr6OoraKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://upnorthlive.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://upnorthlive.com/

Response headers

x-33x-status
2000208
server
33XP003
date
Sat, 10 Apr 2021 00:53:16 GMT
/
ssc-cms.33across.com/ps/ Frame B685
0
0
Document
General
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cXBL-QECOr6OoraKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.180 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip180.208-100-17.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=cXBL-QECOr6OoraKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://upnorthlive.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://upnorthlive.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Sat, 10 Apr 2021 00:53:16 GMT
usync.html
eus.rubiconproject.com/ Frame 2F56
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://upnorthlive.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://upnorthlive.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Apr 2021 00:53:16 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame D267
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://upnorthlive.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://upnorthlive.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 08 Apr 2021 05:51:50 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 10 Apr 2021 00:53:16 GMT
Age
68484
X-Served-By
cache-lga21934-LGA, cache-fra19171-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 496311
X-Timer
S1618015997.926502,VS0,VE0
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 0BDC
20 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU34Q8WJ&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
07878f5a2df3ad656a53dea5baa59b338a4dd34df4c961b9c322490cc6688d2f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU34Q8WJ&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://upnorthlive.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://upnorthlive.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Tue, 12 Oct 2021 00:53:16 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=127402
expires
Sun, 11 Apr 2021 12:16:38 GMT
date
Sat, 10 Apr 2021 00:53:16 GMT
content-length
7623
ixmatch.html
js-sec.indexww.com/um/ Frame 23F6
2 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://upnorthlive.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://upnorthlive.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sat, 10 Apr 2021 00:53:16 GMT
Content-Length
1151
Connection
keep-alive
usync.js
eus.rubiconproject.com/ Frame 2F56
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
45b8bf05733006e1b2830b351901103a5beb752d6ae4f3ec30f514a089302ca3

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Apr 2021 00:53:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 23:26:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70018
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9420
Expires
Sat, 10 Apr 2021 20:20:14 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 4B39
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dbb3f27adfb228dd352df07465923977f49b06d0f80f282af65f7ceb474dc9e9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YHD2-PGrZHEfrkGs5ZO5PQAA; CMPS=3226
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|45|4|111|8|176
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1562
Expires
Sat, 10 Apr 2021 00:53:16 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:16 GMT
Connection
keep-alive
Set-Cookie
CMID=YHD2-PGrZHEfrkGs5ZO5PQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 10 Apr 2022 00:53:16 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 09 Jul 2021 00:53:16 GMT CMPRO=1120;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 09 Jul 2021 00:53:16 GMT CMRUM3=b06070f6fc05a00&6f6070f6fc05a0&276070f6fc0b40&086070f6fc05a00&e66070f6fc27600&2d6070f6fc05a0&046070f6fc05a0&f16070f6fc05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 10 Apr 2022 00:53:16 GMT CMST=YHD2-GBw9vwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 11 Apr 2021 00:53:16 GMT

Redirect headers

Server
Apache
Content-Length
338
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 10 Apr 2021 00:53:16 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:16 GMT
Connection
keep-alive
Set-Cookie
CMID=YHD2-PGrZHEfrkGs5ZO5PQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 10 Apr 2022 00:53:16 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 09 Jul 2021 00:53:16 GMT
generic
match.adsrvr.org/track/cmf/ Frame DCFB
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.59.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Apr 2021 00:53:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame DCFB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBWDgKiowRiGCNfaM1aZWUU&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBWDgKiowRiGCNfaM1aZWUU&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-73-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 10 Apr 2021 00:53:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBWDgKiowRiGCNfaM1aZWUU&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DCFB
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAyODY3NjI4OTI0MTQxMDg5Mg%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAyODY3NjI4OTI0MTQxMDg5Mg%3D%3D&google_tc=
170 B
201 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAyODY3NjI4OTI0MTQxMDg5Mg%3D%3D&google_tc=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Apr 2021 00:53:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Apr 2021 00:53:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAyODY3NjI4OTI0MTQxMDg5Mg%3D%3D&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.bing.com/ Frame DCFB
42 B
444 B
Image
General
Full URL
https://c.bing.com/c.gif?xid=2028676289241410892&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Apr 2021 00:53:16 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: FA4233D7200E402088F42427645FC555 Ref B: FRAEDGE1318 Ref C: 2021-04-10T00:53:16Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame DCFB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2028676289241410892?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-e0Vm8YxE2oTcFNHAgxafn2gtWFETX7BBJZJYUz4qrw--~A&dongle=0883
37 B
352 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-e0Vm8YxE2oTcFNHAgxafn2gtWFETX7BBJZJYUz4qrw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-73-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 10 Apr 2021 00:53:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-e0Vm8YxE2oTcFNHAgxafn2gtWFETX7BBJZJYUz4qrw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame DCFB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=3335&xuid=943434866460797159&dongle=4d58&gdpr=1&gdpr_consent=
37 B
352 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=943434866460797159&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-73-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:16 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.109:80
AN-X-Request-Uuid
ab74e93f-b6f6-414a-8ffe-fabd82b28f76
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=943434866460797159&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame DCFB
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2028676289241410892
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2028676289241410892&dcc=t
0
0
Image
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2028676289241410892&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:17 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2028676289241410892&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame DCFB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-73-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame DCFB
0
0
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=2028676289241410892
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

setuid
ib.adnxs.com/prebid/ Frame DCFB
0
0
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=2028676289241410892
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

bounce
ib.adnxs.com/ Frame D267
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
816 B
Script
General
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:16 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.49:80
AN-X-Request-Uuid
6405040b-4c85-4cbd-b6de-fa0c92b015af
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:16 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.237:80
AN-X-Request-Uuid
a90821d6-0bfd-4dc1-b10c-7e0196efc205
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 2F56
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
dcm
s.amazon-adsystem.com/ Frame 4B39
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHD2_PGrZHEfrkGs5ZO5PQAABGAAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHD2_PGrZHEfrkGs5ZO5PQAABGAAAAIB&dcc=t
43 B
433 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHD2_PGrZHEfrkGs5ZO5PQAABGAAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:17 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:17 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHD2_PGrZHEfrkGs5ZO5PQAABGAAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 4B39
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YHD2_PGrZHEfrkGs5ZO5PQAABGAAAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELP6UjRE3PdkppHSQEXaD8U&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELP6UjRE3PdkppHSQEXaD8U&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 10 Apr 2021 00:53:17 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Apr 2021 00:53:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELP6UjRE3PdkppHSQEXaD8U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4B39
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YHD2-PGrZHEfrkGs5ZO5PQAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.59.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Apr 2021 00:53:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 4B39
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YHD2-PGrZHEfrkGs5ZO5PQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJhw-n1tdVmlS2Kof5j_U30&google_cver=1&gdpr=1
43 B
1021 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJhw-n1tdVmlS2Kof5j_U30&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 10 Apr 2021 00:53:17 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Apr 2021 00:53:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJhw-n1tdVmlS2Kof5j_U30&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4B39
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8900624171902418972
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8900624171902418972
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 10 Apr 2021 00:53:17 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8900624171902418972
pragma
no-cache
date
Sat, 10 Apr 2021 00:53:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
match
c1.adform.net/serving/cookie/ Frame 4B39
0
331 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Apr 2021 00:53:17 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 4B39
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=0c305fc9-2663-4e9d-9124-27a5e538edda&expiration=1649551997
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=0c305fc9-2663-4e9d-9124-27a5e538edda&expiration=1649551997
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 10 Apr 2021 00:53:17 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=0c305fc9-2663-4e9d-9124-27a5e538edda&expiration=1649551997
date
Sat, 10 Apr 2021 00:53:17 GMT
server
Kestrel
content-length
0
113
match.deepintent.com/usersync/ Frame 4B39
0
44 B
Image
General
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 00:53:16 GMT
content-length
0
server
b
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4B39
43 B
425 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YHD2-PGrZHEfrkGs5ZO5PQAA%261120
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Apr 2021 00:53:17 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1021
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 10 Apr 2021 01:10:18 GMT
async_usersync
ib.adnxs.com/ Frame D267
0
745 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Apr 2021 00:53:17 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.184:80
AN-X-Request-Uuid
9bc6592f-7153-4ffd-b633-f1bd08b3bf7f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
optout.mxptint.net
URL
https://optout.mxptint.net/daastatus.ashx?rd=http://preferences-mgr.truste.com&participant_id=540&action_id=3

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| getPrivacyKVP function| isFullMeasure function| getTrustArc function| getCookieData function| getNoticeBehavior function| formatUSPrivacyString function| writeUSPrivacyString function| getUSPrivacyString function| clearUSPrivacyString function| receiveUSPrivacyMessage function| parseKeyValues function| __uspapi function| setExplicitNoticeGiven object| sinclairDigital boolean| adsBlocked object| sinclairDigitalAnalytics function| toggleAdBlockerFlag string| gaId object| gaOptions boolean| isMedford string| GoogleAnalyticsObject function| ga function| getPageType function| getCookie function| setCustomDimensions object| sinclairDigitalGtmData object| _comscore object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| googletag function| setImmediate function| clearImmediate object| regeneratorRuntime object| adSlotObjects object| headerBidderSlots object| nonHeaderBidderSlots object| sinclairDdb function| sinclairVideo object| __twttrf object| twitterFetcher object| apstag function| udm_ object| ns_p object| COMSCORE object| google_tag_manager object| webpackJsonpjwplayer function| jwplayer object| sinclairVideoJsonp function| sinclairJWPlayer function| _truste_eumap object| truste object| __twttrll object| twttr object| __twttr object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| pbjs function| pbjsChunk object| _pbjsGlobals object| mnet object| UserWayWidgetApp object| q6DfAa function| q6DfAb object| xop function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| g8ysIa function| g8ysIb object| xblacklist object| KOo1Ua function| KOo1Ub function| xblocker number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| DIGIOH_API object| DIGIOH_VARS object| DIGIOH_CUSTOM_JS_GLOBAL object| DIGIOH_CUSTOM_JS_SUPER object| DIGIOH_CUSTOM_JS string| DIGIOH_VENDOR_GUID string| DIGIOH_VENDOR_SHORT_ID string| DIGIOH_KEEN_WRITE_KEY string| DIGIOH_CDN_DOMAIN string| DIGIOH_CLIENT_IP string| DIGIOH_CACHE_VERSION string| DIGIOH_STORAGE_TYPE string| DIGIOH_EMBED_TYPE object| DIGIOH_LIGHTBOX_CONDITIONS object| DIGIOH_LIGHTBOX_RULESETS object| DIGIOH_LIGHTBOX_EFFECTS object| DIGIOH_LIGHTBOX_NAMES object| DIGIOH_LIGHTBOX_IDS object| DIGIOH_VARIATION_TO_BOX_MAP object| DIGIOH_PIXEL_THRESHOLDS object| DIGIOH_PUBLISHED_VARIATIONS_ARR object| DIGIOH_DATA_STORAGE_TYPE_BY_BOX_OBJ object| DIGIOH_PRIMARY_VARIATIONS_ARR object| DIGIOH_EFFECTS_IMAGE_CACHE_ARR object| DIGIOH_SETTINGS_IMAGE_CACHE_ARR object| DIGIOH_LIGHTBOX_MASTER_RULES object| DIGIOH_LIGHTBOX_TEASER_PRELOAD_ARR object| DIGIOH_LIGHTBOX_TEASER_FOLLOW_ME_ARR object| DIGIOH_LIGHTBOX_INLINE_ALWAYS_ARR object| DIGIOH_LIGHTBOX_INLINE_CONDITIONS_ARR object| DIGIOH_LIGHTBOX_INLINE_DEPENDENT_ARR object| DIGIOH_LIGHTBOX_PRELOAD_ARR object| DIGIOH_LIGHTBOX_MOBILE_DEVICE_ARR object| DIGIOH_LIGHTBOX_DESKTOP_DEVICE_ARR object| DIGIOH_LIGHTBOX_UNCATEGORIZED_DEVICE_ARR object| DIGIOH_DYNAMIC_BOXES object| DIGIOH_SPLIT_TESTS_ARR boolean| DIGIOH_USE_BUGSNAG boolean| DIGIOH_USE_CONSOLE boolean| DIGIOH_USE_RESPONSIVE boolean| DIGIOH_USE_REAL_TIME_SUBMISSIONS boolean| DIGIOH_USE_HTTPS_ONLY boolean| DIGIOH_IS_QA boolean| DIGIOH_IS_PREVIEW boolean| DIGIOH_IS_DEV boolean| DIGIOH_KEEN_PV string| DIGIOH_BLIP_LZ object| COUPON_GROUP_POPULATE_OBJ number| ClientJsDomMaxWaitSeconds object| CDP_VARS boolean| USE_LZ object| DIGIOH_WIN_PARENT object| DIGIOH_DOC_PARENT object| DIGIOH_WIN_CHILD object| DIGIOH_LIGHTBOX_ANALYTICS object| DIGIOH_BUGSNAG object| LZString function| JQUERY_DIGIOH boolean| hasRunJquerySelectorGenerator object| JquerySelectorGeneratorPrevBorder string| JquerySelectorGeneratorPrevPath function| runJquerySelectorGenerator object| DIGIOH_STORAGE object| DIGIOH_LOCAL_STORAGE object| DIGIOH_CROSS_DOMAIN object| DIGIOH_COOKIE object| DIGIOH_IS_ANALYTICS_IDENTIFY_DONE object| DeviceAtlas function| DIGIOH_ANALYTICS function| Keen undefined| $ undefined| jQuery object| LIGHTBOX_API boolean| SENT_LIGHTBOX_PV undefined| jQuery17106447108731161806_1618015991444 object| Criteo object| _userway_config boolean| _userway object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| jQuery17106447108731161806 object| GoogleGcLKhOms object| google_image_requests object| UserWay object| criteo_pubtag object| criteo_pubtag_prebid_106 object| Criteo_prebid_106

3 Cookies

Domain/Path Name / Value
prefmgr-cookie.truste-svc.net/ Name: cookie_3rdparty
Value: enabled
.upnorthlive.com/ Name: __gads
Value: ID=00c78ae8976e7356-22c935340bbb00da:T=1618015991:S=ALNI_MaRMHzllCguYZS1yzanLZ5YXkr3-Q
.upnorthlive.com/ Name: xdibx
Value: N4Ig-mBGAeDGCuAnRIBcoAOGAuBnNAjAGwEAcADAQKwCcNBNRNANCBgG6wB22hru-VMTKVa9Rizbtc3XkNaIkAGzQgAFtmwZcqAPS74GLgHtE2NUoCW7AKYA6WMYC2dgIYATJ5a4BaG.AdXXDsnXF0QViVlVXDIvEISCmo6BiYAX1YIGAxEG3Y0UHdXAE9BAG1hJLEGUioAXQzwKGg8mx5BYEasuEt3VUhSUkgAFgB2d2GfACZRqdcfYdgAMyWfSCmiAGYfTaIqOfJ3Jk33Gh9K0RThqk2QNKA__

9 Console Messages

Source Level URL
Text
console-api log URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js(Line 1)
Message:
Auth0 client for: upnorthlive
console-api log URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js(Line 1)
Message:
Auth0 client for: upnorthlive
console-api warning URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js(Line 1)
Message:
Filter(s) 'top_videos_teaser' did not return data.
console-api warning URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js(Line 1)
Message:
Filter(s) 'premium_content_teaser' did not return data.
console-api warning URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js(Line 1)
Message:
Filter(s) 'teaser_4' did not return data.
console-api error URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js(Line 6)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api warning URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js(Line 6)
Message:
fun-hooks: referenced 'adpod' but it was never created
console-api log URL: https://sinclairstoryline.com/resources/defaults/userway/widget.js?2021-04-05T18-26Z(Line 1)
Message:
Loading for: https://upnorthlive.com

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
acuityplatform.com
ad.amgdgt.com
ad.turn.com
ad.wsod.com
adf60b992c65a6011be0ced3d07caafa.safeframe.googlesyndication.com
ads.rubiconproject.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
adssettings.google.com
adssettings.google.de
analytics.twitter.com
ap.lijit.com
api.retargetly.com
api.userway.org
apolloprogram.io
app.link
apps.pubmatic.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cdn.amgdgt.com
cdn.pubmatic.com
cm.g.doubleclick.net
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
contextual.media.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
i.w55c.net
ib.adnxs.com
id.sharedid.org
idsync.rlcdn.com
ingest.tidaltv.com
jadserve.postrelease.com
js-sec.indexww.com
lightboxapi.azurewebsites.net
match.adsrvr.org
match.deepintent.com
mcasproxy.azureedge.net
ml314.com
mug.criteo.com
my.ipredictive.com
nai.sharethis.com
oba.media.net
oo.rfihub.com
optout-service.unrulymedia.com
optout.33across.com
optout.alphonso.tv
optout.bigsea.weborama.com
optout.crsspxl.com
optout.mediaforge.com
optout.mxptint.net
optout.prod.bidr.io
optout.steelhousemedia.com
optout.thrtle.com
optout.tynt.com
pagead2.googlesyndication.com
partner.knorex.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sojern.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid.media.net
preferences-mgr.truste.com
prefmgr-cookie.truste-svc.net
privacy.eyereturn.com
privacy.tapad.com
publisher.tradedoubler.com
r.turn.com
s.amazon-adsystem.com
s.thebrighttag.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
segments.company-target.com
server.cpmstar.com
sinclairstoryline.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static-14.sinclairstoryline.com
static-17.sinclairstoryline.com
static-20.sinclairstoryline.com
static-21.sinclairstoryline.com
static-22.sinclairstoryline.com
static.criteo.net
stats.g.doubleclick.net
syndication.twitter.com
tagan.adlightning.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
upnorthlive.com
upnorthlive.com.admin-eu.cas.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lightboxcdn.com
www.mathtag.com
optout.mxptint.net
104.108.48.61
104.111.230.142
104.111.238.139
104.244.42.67
104.244.42.72
104.36.113.45
107.178.244.119
107.178.246.49
13.225.74.23
13.227.156.67
142.250.185.162
151.101.129.108
152.195.39.15
152.195.39.7
154.59.122.74
169.197.150.7
178.250.0.157
178.250.0.165
18.159.182.76
18.195.221.58
184.30.20.207
184.30.212.16
184.30.24.22
185.33.223.178
192.229.163.105
193.0.160.128
198.148.27.139
199.127.206.102
20.40.202.0
208.100.17.172
208.100.17.180
208.100.17.190
209.234.224.20
209.240.97.247
213.19.162.41
216.58.212.162
23.218.208.200
23.218.208.246
23.235.251.211
2600:9000:2070:3000:10:8317:ee40:93a1
2600:9000:2070:e00:f:805c:9d00:93a1
2600:9000:214f:a600:19:9934:6a80:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:108d
2606:4700::6810:4da5
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:400c:c0b::9a
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:64::210:6bb9
2a05:d018:24:b002:ebbe:4057:3491:6f67
3.212.101.34
3.212.71.107
3.64.73.215
34.198.105.228
34.212.63.181
34.247.104.176
34.98.64.218
35.201.113.59
35.241.54.71
35.244.174.68
37.157.4.28
46.137.100.162
46.228.164.11
51.137.137.121
52.13.120.19
52.206.115.27
52.209.12.92
52.209.235.181
52.21.43.22
52.222.179.127
52.222.179.8
52.27.71.113
52.3.51.165
52.85.32.122
54.174.195.234
54.191.67.155
54.229.183.250
54.230.183.51
54.67.80.248
54.72.59.228
54.86.128.41
65.9.66.85
66.81.204.42
69.173.144.138
69.173.144.139
70.42.32.191
72.21.206.140
72.251.249.13
74.121.140.207
82.196.187.199
0377374a761dcbc940ce09a8bddca342bf82ab59aa7e03dd290f2db39a4132ac
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f4208938b42b9634fe6311c817d44aa7dcf2cbbe27c522cfa897ede47c4348
07878f5a2df3ad656a53dea5baa59b338a4dd34df4c961b9c322490cc6688d2f
0a9073f8a864d021091181726653951f100dfcabb6d1c04d91c4fd0e74a4e35a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0cd2d67b020f039e7f25bb2f9af1442a4ee8911166599074e7bce94dbcef5735
0f9cc9b3cae7840738dd1595147e5cc5af31706d3d639c312685e0a3762498d0
0fc5c9d54edcdcb5c94263248a92aece199f5399636afd966022f13924640bf7
10406e8a8da92b579c175776734224be967af1ef702a321e07386dd9fbf616b8
117420691b3b16ce517a899de4b81d60830ae1e8e772fd4d5d1411f30892739e
131f41b108db39cd46531df1395910462310f8e90ebf4b497585febad5dd0861
136a6b973440649afe68d466601288842badcc28af82900d4a276fc0a8f4739c
13f5ddb50d8506f227f9ed4039d935ccbea8390f52b946c11de4f73a7dabbcc2
1666b41d1d6fb7ba772113768f30b4b59a7494633f656ff4b12fe2a410c6c9ee
1833036e59f595f3007bd6c8797572b435a64348a7db76e80a2f1b51d3a78edd
1a53825329f39e7b0723e96298beb500daad40964d9dfeffbeb08d73686cfcaa
1ab55a824da62adbbcda89e11372c836f1c9bb6eb9fae920b43ff8441528b514
1b26143b592dd06b2c5f2dd1a0f15d4879ba64ba9a1eddcb7f467523f7b39e9f
1ea22ef5cc12712e650ac15269e8e7b75904f47246ce6eb04bf0fcd42f8bed77
244c6dae6dcb45d4f8890326398b2e39628b713f4f37f327a492b5b163083d72
2606b91cca1f76efe9c503aaef5b7956ef6415a9403b8bbc0f5eb857d515bb05
271f79f960e820927bf1c36a9e69fa9225aea2accc00db4c249ecd46cd80ccab
2835a99da0b9f083bc588b75a135ffc8fc5aa5eeaca1ec837cafadd821717975
2c2ae74cd960162eb7e7ea977f36e533c9c33a56bce6a5f8398aae1b64d20c8a
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9
2e578b8901bc4b1b3a6aca07e22e4c843356c51b37400ae8276d1396b3eb578d
2ef50a13371119fd9955296ba0de5395196888719ea9b2954817329b4f4bf66e
2ef794e6984277c05c475b8eef5d63fefef122b5277c4ae2a642d1be51061a58
2fc144fae13962c0d391f4a75a0ec528c0aadd48b23acfdb0f296ffd7d339adc
32e7839121081d59bd1d0d07a78011d28774c8d51facb5b29ce37d2d7554bebc
355547042271a8468f9fce8d27b789371baf3dba83ce22c12dd39059c20326be
3975ae177459f79bf5425cf9922417e008d8e1e9238cb2fd4a79598c8d312d2b
3b416a15d3dc9e914a04ddad4ed898c67db545111ec2334b6daec8c651bdfad0
3c5f53aff6d441c50735e4c5602ec1ac9542b11a80ee88c629c8362cf45b821b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44db3e0e87a37f05946e03c556f652a6bd2b278865b79205df01642427bf3700
45b8bf05733006e1b2830b351901103a5beb752d6ae4f3ec30f514a089302ca3
4804eeb4c4abffc4e7e36b96935ccb9e3ea97651dfbf522589e5c85be933f4e8
484f8c448bb3aadb57ec2d3836c4471900590d84ab7670d5402e743d81877418
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b2c7b26bc96741ad437b155a08a1c9041f449315adbce690dc7389b406fd896
4de849272e972f7e1c1e63a27b30431024b425886fc348b69dc7ce13f354fde0
4fe12fff404827bb3cc449c4c426209178b1c861ec48cdaa6858e0fe9f0f7a7d
535e3c7d266c5878e9ebfe4acef027d54381cee300a85214f522ce4af1ea4620
537d6857eb313c9cc41ce5e1de997f18d9de59db295b4f269af05390d3d9cd87
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55b6f92da77357e33d80dc8799f4819168ebb769fe84e5d62580226e70179e0c
59e99e604fc499733fd4dc9d7a2892de11f995834ddd3a9141c968f71f5ecf5e
5a49b9b20ad53280f362f2003a487fe07a4b2511087fe910af63d93de39ea3af
5c7356876ee608f5a196f1e886f6c01fce8fae3a9aa490992100d2e6e70cef4b
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5d6ab03b7edd684c42260cfc1d148cd5b93e3211510f76fa46a222bc710100c1
5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b
5f20b1d763177090f7027d3a021e2962ac5d18132e3b33f418cc873e991761de
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
5fdfd6687de487f1d905e9027e96976d8e64f372760701170354d763cabbfd79
67175599b4bdf8d3df9fa17e11d12ea2396ad2f6997a70b44e701966b930ec8f
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6c027717a0ba438f610ea737761a64fb46156625f9f4f556d625818b4465fdc9
6d7bb0de80823f862ba2c4d084fe0d0706e8ff8222073fda68ad601dac340eca
6dd5817d84d64a910ccbf4eec4cad7c00e948f0ba85483639e3d6d6b4282f992
6e60407537ae8be31f1c4776a6e6ff512a603ef7a1fabc8f6386ff2410b16d31
6fe051207d5e3a4069984f25ddd5546ef03cc0ccb60c5d13c6b8ba5609991f1b
6fe7194ba101f7c3ec76c6367fe1c8c64add38d5c422ecc135a96fafbc897160
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
747bc8ae0549fa92f0014a533d517ba9c0019a02b90a50617450fcf409d2e2d7
7515ae2c781acc2c7c66d80e897451ad0c9ce8c44397b1892c4e02fc53f3d290
764144e9b05f681ff2922932c02c587f104171e5757d7869f9d8ea7d568fe7d4
7a7775f415fea31da2a36fc90e41377336c6d58d9b3e6e12654ff39637ae826e
7d67c5c27921c0861baa3d791ae92cead36ca1e13abcf0e2e0ebe9bb37499953
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f0e8cd2feb2035c7f3fd212db34ce1919e1b0d9df0a258e2b4b084ad040b312
7f48469648e59b2f575ad2ae883c9627e1956540594edc21aacf991f85d84bd3
8140ad7808211f9a5a88486ee37093f52e4358c6160d794cda8628611a9547a7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862dc87fba8cf3233eedca7a7b8a3f4a99659743c06233a59193251e0cc63887
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d82795f917e756769f17cf910877d2fba99a8452fa30277e9c3e5448ea8a683
8f4c27880df39d1259644af70d534ca29ec1d19a7c3dbcc4c9764897507a2778
8ff62030ec15826d5df76673030a7722e255ccd09fe2de0fb04c5018f5e02689
900deb659d8e49f0613e796f4fe8b23f796b1fb4e827cc258a7f00f099a6ab50
908d86d005c71e17e784289ce0fcb55196fdb3be56f89dc3732debed159d9a5b
929ad20bec867ac8b707cab1390cd2af02c4dde55d0967a6050ccddc29c696fa
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303
9821ab0c2c0ec5b01063600d74683297ce2374c280142908a947ae553b60a027
983e7c47781c01a8459f139d3e578ba0ac947bf6c2940b4f97f546e12b5456e9
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b0d17e305184462011635445935a531dc59d96d27365188bf15122252ef6c30
9b78db6cb4331fe0399147b9c80d6803519842f96c929e6fb0b0ef6a3f11a6ed
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9d70c582c2d363673895b9ecaca7073d1551922cec23e54741c2aac192180c7d
a0ad02cbe5da6bc9aeed110115df7118987aca4f140364be57203c0dcf5d5430
a177e8ff280682c069e01489261f08a331fcc9f64984afbaa718c8ced5a05c39
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a55b1cbb17117e8456b5637969d4d6d7ede32d26e4abbce0afcb08476eba2028
a7f60c416ef0c514645c9bc69a03326657377f6678019cf7e6a8e813a6606ebb
a848963d27e6a14c1bafd1821fe96b4e3e946aca4411e02530505d9f5036a884
a84d6b5a26df2f5550f066a6f55ffda41c871a58132a2e639c296631e687f59d
a8887f5de93bb873789859f8f687910c0d1507c6d6ced9a7ae9ebde454c16e40
aa7555acbd8369c3dce4727adcbe24260c9dc454062ee54de0caca399a923275
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aecdfb202cfb299b55a857255a27871a3009a9e16d849a08698f52916870d064
b0f77080bf5e1eab5dc36b6cb1bf723099b68ed7ca000f26bd6bcf7ae23765c4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726
b4dceaafa67e075e941f080e2fa84378b602fdbaba191913dfd0111eea1ca04b
b686e3e2a293833a4692aabe20e2e61115fafc0a4df592641e07d0eefb64f484
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc1f23151d099b4b2db6c4fe9b1adf9c5e81941fc4a37c00b2dd3f038de0ce6a
bc564ae75ba1345b7bb82cc602475bc3c120e4fa797d04259fdc88de4e8de8e9
bd277ad6d60a7fe60598511497812870cc04813dd27687a719643b11aa0746e1
bd2b00335c6b8119de2825b310cbc2fbebb2db78ce8fa0df327befc183c453a4
be5b8c67c012c59243ec6a8975702e7eb6dce00b045b29a0f0e70dce8c969ec0
bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c248492a5b3a9413082160d736e93d2d3b91e6835e98bf55936aaea3f7790d36
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c578d93bd6243796ab26121da301fbed5ab6cd4732f64c655b1d61d2c3d718ca
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf397f2edeaa198aa0b9dcd6b6ecb5196e2c7d7feec2a0b582ab00167c3d16c7
cfa76b1c4ea631c14e2bd76a3061da97e0954a6bde16f6e772bace1261f28eb7
d04a77e4520206ba58e559faa335d72053931f805d397d46c32b85e8b48dce59
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c
d271475996f1116e769492318370e47c2c3bd8b31f76af2bab2398a443025012
d4bef2d91bd01eaeba3c9d62545eb98cec13e41bfacdbf28cf1c17bc7f1a35e4
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
d78fe450f8b2ca0f9ffe638799c566507285b1eea78c36badf86e3b656245ba7
d825f9395d9d9ef4ce659f3bdaf62647257cbfed59b499103ce2e11e5e31babb
d9802af64401b98446e9674c0f11b5944c2eeb0d513bf444679e7707114286ae
dbb3f27adfb228dd352df07465923977f49b06d0f80f282af65f7ceb474dc9e9
ded567f565b246426e50cdff9cea1d2854ddd6e834c2fc632f5344f968558d4a
e0c6b301f5981bd273ccd5790d6052d17b4d1f7e4cae2e8f64ec2a8f87b87ea3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
e95d15ad98d4be356d54b9f78d43fcd0c639c27d19293ce5b8f30c7ce1fb342e
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
edcd3d43899d89d9a4acf9a6ec0877fc33af669a692c1861220a9b5c4b681b95
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
eef07791a4f3f6d6fd9d45496f4f92e048b285f6fa1a062bf6fbb4d98feb76a9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efec5394dfd449bbe933fad5abd3dc6991d17596494f4cd12990a8e35b33e3f9
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f5a36ac4a5dd24ed420fe399ad8ac785f6d324f02751214530ba131f1a2b9c45
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fa4d3670359e679267952d9e9c3df429eb537919387aabde80ef9de871a2e5fc
fc4611877a14e1b951878b90c5f369789b44ecda5d8b3c9ae231df83432fb898