upnorthlive.com Open in urlscan Pro
152.195.39.7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://upnorthlive.com.admin-eu.cas.ms/
Effective URL:
https://upnorthlive.com/
Submission: On April 10 via api (April 10th 2021, 12:53:23 am UTC) from VN

Summary HTTP 200 Redirects Behaviour Indicators

Summary

This website contacted 66 IPs in 10 countries across 80 domains to perform 200 HTTP transactions. The main IP is 152.195.39.7, located in United States and belongs to EDGECAST, US. The main domain is upnorthlive.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on April 23rd 2020. Valid for: 2 years.

This is the only time upnorthlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	51.137.137.121 51.137.137.121	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:64:... 2a02:26f0:64::210:6bb9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	152.195.39.7 152.195.39.7	15133 (EDGECAST) (EDGECAST)
5	152.195.39.15 152.195.39.15	15133 (EDGECAST) (EDGECAST)
4	192.229.163.105 192.229.163.105	15133 (EDGECAST) (EDGECAST)
5	2606:4700::68... 2606:4700::6810:4da5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	65.9.66.85 65.9.66.85	() ()
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
9	13.225.74.23 13.225.74.23	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1 3	104.111.238.139 104.111.238.139	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
4	52.85.32.122 52.85.32.122	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	184.30.212.16 184.30.212.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
17	52.222.179.8 52.222.179.8	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
1	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.222.179.127 52.222.179.127	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.209.12.92 52.209.12.92	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.195.221.58 18.195.221.58	16509 (AMAZON-02) (AMAZON-02)
2	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.108.48.61 104.108.48.61	16625 (AKAMAI-AS) (AKAMAI-AS)
1	213.19.162.41 213.19.162.41	26667 (RUBICONPR...) (RUBICONPROJECT)
3 8	185.33.223.178 185.33.223.178	29990 (ASN-APPNEX) (ASN-APPNEX)
9	52.21.43.22 52.21.43.22	14618 (AMAZON-AES) (AMAZON-AES)
1	52.13.120.19 52.13.120.19	16509 (AMAZON-02) (AMAZON-02)
1	34.198.105.228 34.198.105.228	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:214... 2600:9000:214f:a600:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
40	54.230.183.51 54.230.183.51	16509 (AMAZON-02) (AMAZON-02)
2 2	54.174.195.234 54.174.195.234	14618 (AMAZON-AES) (AMAZON-AES)
1 1	46.137.100.162 46.137.100.162	16509 (AMAZON-02) (AMAZON-02)
1 1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1 1	208.100.17.172 208.100.17.172	32748 (STEADFAST) (STEADFAST)
1 1	208.100.17.190 208.100.17.190	32748 (STEADFAST) (STEADFAST)
1 1	154.59.122.74 154.59.122.74	174 (COGENT-174) (COGENT-174)
1 1	52.3.51.165 52.3.51.165	14618 (AMAZON-AES) (AMAZON-AES)
1 1	209.240.97.247 209.240.97.247	40244 (TURNKEY-I...) (TURNKEY-INTERNET)
5 9	52.206.115.27 52.206.115.27	14618 (AMAZON-AES) (AMAZON-AES)
3 3	46.228.164.11 46.228.164.11	56396 (TURN) (TURN)
1 1	54.86.128.41 54.86.128.41	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.229.183.250 54.229.183.250	16509 (AMAZON-02) (AMAZON-02)
1 1	34.247.104.176 34.247.104.176	16509 (AMAZON-02) (AMAZON-02)
1 1	3.212.101.34 3.212.101.34	14618 (AMAZON-AES) (AMAZON-AES)
1 1	13.227.156.67 13.227.156.67	16509 (AMAZON-02) (AMAZON-02)
1 1	35.241.54.71 35.241.54.71	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1 1	209.234.224.20 209.234.224.20	395162 (MOD-PTC) (MOD-PTC)
1 1	52.27.71.113 52.27.71.113	16509 (AMAZON-02) (AMAZON-02)
1 1	66.81.204.42 66.81.204.42	40034 (CONFLUENC...) (CONFLUENCE-NETWORK-INC)
1	74.121.140.207 74.121.140.207	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	54.67.80.248 54.67.80.248	16509 (AMAZON-02) (AMAZON-02)
1 1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	104.36.113.45 104.36.113.45	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 1	35.201.113.59 35.201.113.59	15169 (GOOGLE) (GOOGLE)
2 2	2606:4700:10:... 2606:4700:10::6816:108d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	18.159.182.76 18.159.182.76	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:207... 2600:9000:2070:e00:f:805c:9d00:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
2 2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	54.191.67.155 54.191.67.155	16509 (AMAZON-02) (AMAZON-02)
1 1	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	3.212.71.107 3.212.71.107	14618 (AMAZON-AES) (AMAZON-AES)
1 1	199.127.206.102 199.127.206.102	26120 (RHYTHMONE) (RHYTHMONE)
1 1	52.209.235.181 52.209.235.181	16509 (AMAZON-02) (AMAZON-02)
1	23.235.251.211 23.235.251.211	19437 (SS-ASH) (SS-ASH)
1 2	82.196.187.199 82.196.187.199	25473 (ASN-SYSTE...) (ASN-SYSTEAM EVRY Cloud Services)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.218.208.200 23.218.208.200	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2600:9000:207... 2600:9000:2070:3000:10:8317:ee40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:24:... 2a05:d018:24:b002:ebbe:4057:3491:6f67	16509 (AMAZON-02) (AMAZON-02)
1	34.212.63.181 34.212.63.181	16509 (AMAZON-02) (AMAZON-02)
2 7	3.64.73.215 3.64.73.215	16509 (AMAZON-02) (AMAZON-02)
2	208.100.17.180 208.100.17.180	32748 (STEADFAST) (STEADFAST)
2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
2 9	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.72.59.228 54.72.59.228	16509 (AMAZON-02) (AMAZON-02)
5 6	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 4	72.21.206.140 72.21.206.140	16509 (AMAZON-02) (AMAZON-02)
1 1	70.42.32.191 70.42.32.191	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
200	66

1 51.137.137.121 (Cardiff, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

upnorthlive.com.admin-eu.cas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:64::210:6bb9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 152.195.39.7 (United States)

ASN15133 (EDGECAST, US)

upnorthlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.195.39.15 (United States)

ASN15133 (EDGECAST, US)

static-20.sinclairstoryline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-14.sinclairstoryline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-17.sinclairstoryline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-22.sinclairstoryline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-21.sinclairstoryline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.163.105 (United States)

ASN15133 (EDGECAST, US)

sinclairstoryline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:4da5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.66.85 (United States)

ASN- ()

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.225.74.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-23.fra2.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.238.139 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.85.32.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-32-122.ham50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.212.16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 52.222.179.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-8.ham50.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.179.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-127.ham50.r.cloudfront.net

consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.12.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-12-92.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.221.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-221-58.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.48.61 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-48-61.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.41 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.223.178 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.21.43.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-43-22.compute-1.amazonaws.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.13.120.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-13-120-19.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.105.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-105-228.compute-1.amazonaws.com

prefmgr-cookie.truste-svc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adf60b992c65a6011be0ced3d07caafa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:a600:19:9934:6a80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 54.230.183.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-51.ham50.r.cloudfront.net

preferences-mgr.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.174.195.234 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.137.100.162 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States) 1 redirects

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.172 (United States) 1 redirects

ASN32748 (STEADFAST, US)

optout.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.190 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip190.208-100-17.static.steadfastdns.net

optout.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.74 (United States) 1 redirects

ASN174 (COGENT-174, US)

acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.51.165 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

my.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.240.97.247 (Amsterdam, United States) 1 redirects

ASN40244 (TURNKEY-INTERNET, US)

optout.alphonso.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.206.115.27 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)

ad.amgdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.164.11 (United Kingdom) 3 redirects

ASN56396 (TURN, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.86.128.41 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

apolloprogram.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.183.250 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

optout.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.104.176 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.212.101.34 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

optout.crsspxl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.156.67 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-227-156-67.muc51.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.54.71 (United States) 1 redirects

ASN15169 (GOOGLE, US)

privacy.eyereturn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adssettings.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adssettings.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.234.224.20 (United States) 1 redirects

ASN395162 (MOD-PTC, US)

ad.wsod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.27.71.113 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)

partner.knorex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.81.204.42 (Virgin Islands (British)) 1 redirects

ASN40034 (CONFLUENCE-NETWORK-INC, VG)

oba.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.140.207 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)

www.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.67.80.248 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.45 (United States)

ASN62713 (AS-PUBMATIC, US)

apps.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.113.59 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

optout.mediaforge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:108d (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

api.retargetly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.182.76 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2070:e00:f:805c:9d00:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

nai.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

oo.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.244.119 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.191.67.155 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-67-155.us-west-2.compute.amazonaws.com

optout.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.246.49 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

privacy.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.212.71.107 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-71-107.compute-1.amazonaws.com

optout.thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.206.102 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

optout-service.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.235.181 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-235-181.eu-west-1.compute.amazonaws.com

optout.bigsea.weborama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.235.251.211 (Ashburn, United States)

ASN19437 (SS-ASH, US)

server.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.196.187.199 (Sundbyberg, Sweden) 1 redirects

ASN25473 (ASN-SYSTEAM EVRY Cloud Services, SE)

publisher.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com

cdn.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2070:3000:10:8317:ee40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.amgdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:24:b002:ebbe:4057:3491:6f67 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

ingest.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.212.63.181 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-63-181.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.64.73.215 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-73-215.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.100.17.180 (United States)

ASN32748 (STEADFAST, US)
PTR: ip180.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.218.208.246 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.59.228 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.21.206.140 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	truste.com preferences-mgr.truste.com	31 KB
27	trustarc.com consent.trustarc.com consent-pref.trustarc.com consent-st.trustarc.com	331 KB
12	amgdgt.com 5 redirects ad.amgdgt.com cdn.amgdgt.com	124 KB
12	33across.com 1 redirects ssc.33across.com optout.33across.com ssc-cms.33across.com	6 KB
10	doubleclick.net 6 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	129 KB
9	adnxs.com 3 redirects ib.adnxs.com acdn.adnxs.com	22 KB
9	sinclairstoryline.com static-20.sinclairstoryline.com static-14.sinclairstoryline.com static-17.sinclairstoryline.com sinclairstoryline.com static-22.sinclairstoryline.com static-21.sinclairstoryline.com	473 KB
9	upnorthlive.com upnorthlive.com	600 KB
8	casalemedia.com 2 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	8 KB
8	3lift.com 2 redirects tlx.3lift.com eb2.3lift.com	3 KB
8	googlesyndication.com pagead2.googlesyndication.com adf60b992c65a6011be0ced3d07caafa.safeframe.googlesyndication.com tpc.googlesyndication.com	31 KB
8	amazon-adsystem.com 2 redirects c.amazon-adsystem.com s.amazon-adsystem.com	36 KB
6	criteo.com 1 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	2 KB
6	rubiconproject.com 1 redirects ads.rubiconproject.com fastlane.rubiconproject.com pixel.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	126 KB
5	lightboxcdn.com www.lightboxcdn.com	132 KB
4	twitter.com 1 redirects platform.twitter.com syndication.twitter.com analytics.twitter.com	133 KB
3	turn.com 3 redirects r.turn.com ad.turn.com	1018 B
3	media.net 1 redirects prebid.media.net oba.media.net contextual.media.net	9 KB
3	google.de 1 redirects www.google.de adservice.google.de adssettings.google.de	2 KB
3	google.com 1 redirects www.google.com adservice.google.com adssettings.google.com	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	adlightning.com tagan.adlightning.com	53 KB
3	azureedge.net mcasproxy.azureedge.net	71 KB
2	adsrvr.org match.adsrvr.org	529 B
2	indexww.com js-sec.indexww.com	2 KB
2	criteo.net static.criteo.net	51 KB
2	tradedoubler.com 1 redirects publisher.tradedoubler.com	350 B
2	lijit.com 2 redirects ap.lijit.com	663 B
2	retargetly.com 2 redirects api.retargetly.com	894 B
2	pubmatic.com apps.pubmatic.com cdn.pubmatic.com	5 KB
2	mathtag.com 1 redirects www.mathtag.com pixel.mathtag.com	1 KB
2	cognitivlabs.com 2 redirects beacon.lynx.cognitivlabs.com	509 B
1	deepintent.com match.deepintent.com	44 B
1	adform.net c1.adform.net	331 B
1	zemanta.com 1 redirects b1sync.zemanta.com	301 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	852 B
1	bing.com c.bing.com	444 B
1	sharedid.org id.sharedid.org	214 B
1	tidaltv.com 1 redirects ingest.tidaltv.com	221 B
1	cpmstar.com server.cpmstar.com
1	weborama.com 1 redirects optout.bigsea.weborama.com	204 B
1	unrulymedia.com 1 redirects optout-service.unrulymedia.com	129 B
1	thrtle.com 1 redirects optout.thrtle.com	187 B
1	tapad.com 1 redirects privacy.tapad.com	143 B
1	steelhousemedia.com 1 redirects optout.steelhousemedia.com	371 B
1	sojern.com 1 redirects pixel.sojern.com	200 B
1	rfihub.com 1 redirects oo.rfihub.com	245 B
1	sharethis.com 1 redirects nai.sharethis.com	456 B
1	w55c.net 1 redirects i.w55c.net	496 B
1	mediaforge.com 1 redirects optout.mediaforge.com	410 B
1	quantserve.com 1 redirects pixel.quantserve.com	223 B
1	contextweb.com 1 redirects bh.contextweb.com	288 B
1	openx.net 1 redirects u.openx.net	152 B
1	postrelease.com 1 redirects jadserve.postrelease.com	396 B
1	knorex.com 1 redirects partner.knorex.com	348 B
1	wsod.com 1 redirects ad.wsod.com	383 B
1	eyereturn.com 1 redirects privacy.eyereturn.com	272 B
1	company-target.com 1 redirects segments.company-target.com	402 B
1	crsspxl.com 1 redirects optout.crsspxl.com	349 B
1	ml314.com 1 redirects ml314.com	413 B
1	bidr.io 1 redirects optout.prod.bidr.io	369 B
1	apolloprogram.io 1 redirects apolloprogram.io	235 B
1	alphonso.tv 1 redirects optout.alphonso.tv	272 B
1	ipredictive.com 1 redirects my.ipredictive.com	124 B
1	acuityplatform.com 1 redirects acuityplatform.com	321 B
1	tynt.com 1 redirects optout.tynt.com	489 B
1	thebrighttag.com 1 redirects s.thebrighttag.com	390 B
1	app.link 1 redirects app.link	495 B
1	gstatic.com fonts.gstatic.com	14 KB
1	truste-svc.net prefmgr-cookie.truste-svc.net	2 KB
1	userway.org api.userway.org	813 B
1	yieldmo.com ads.yieldmo.com	225 B
1	azurewebsites.net lightboxapi.azurewebsites.net	733 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	googletagservices.com www.googletagservices.com	21 KB
1	googletagmanager.com www.googletagmanager.com	31 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	cas.ms upnorthlive.com.admin-eu.cas.ms	836 B
0	mxptint.net Failed optout.mxptint.net Failed
200	80

	Domain	Requested by
40	preferences-mgr.truste.com	upnorthlive.com.admin-eu.cas.ms www.mathtag.com cdn.pubmatic.com ad.amgdgt.com
17	consent-pref.trustarc.com	tagan.adlightning.com consent-pref.trustarc.com upnorthlive.com.admin-eu.cas.ms prefmgr-cookie.truste-svc.net
9	ad.amgdgt.com	5 redirects upnorthlive.com.admin-eu.cas.ms ad.amgdgt.com
9	ssc.33across.com	ads.rubiconproject.com
9	consent.trustarc.com	upnorthlive.com consent.trustarc.com consent-pref.trustarc.com
9	upnorthlive.com	upnorthlive.com static-21.sinclairstoryline.com
8	ib.adnxs.com	3 redirects ads.rubiconproject.com eb2.3lift.com acdn.adnxs.com
7	eb2.3lift.com	2 redirects ads.rubiconproject.com eb2.3lift.com
6	cm.g.doubleclick.net	5 redirects eb2.3lift.com
5	www.lightboxcdn.com	upnorthlive.com www.lightboxcdn.com tagan.adlightning.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	s.amazon-adsystem.com	2 redirects eb2.3lift.com ssum-sec.casalemedia.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	c.amazon-adsystem.com	static-21.sinclairstoryline.com c.amazon-adsystem.com
4	sinclairstoryline.com	upnorthlive.com sinclairstoryline.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	cdn.amgdgt.com	ad.amgdgt.com
3	tpc.googlesyndication.com	tagan.adlightning.com
3	gum.criteo.com	1 redirects tagan.adlightning.com
3	sb.scorecardresearch.com	1 redirects upnorthlive.com
3	www.google-analytics.com	upnorthlive.com www.google-analytics.com
3	tagan.adlightning.com	upnorthlive.com tagan.adlightning.com
3	mcasproxy.azureedge.net	upnorthlive.com.admin-eu.cas.ms mcasproxy.azureedge.net
2	match.adsrvr.org	eb2.3lift.com ssum-sec.casalemedia.com
2	js-sec.indexww.com	ads.rubiconproject.com ssum-sec.casalemedia.com
2	eus.rubiconproject.com	ads.rubiconproject.com eus.rubiconproject.com
2	ssc-cms.33across.com	ads.rubiconproject.com
2	static.criteo.net	ads.rubiconproject.com static.criteo.net
2	publisher.tradedoubler.com	1 redirects
2	ap.lijit.com	2 redirects
2	api.retargetly.com	2 redirects
2	r.turn.com	2 redirects
2	beacon.lynx.cognitivlabs.com	2 redirects
2	mug.criteo.com	upnorthlive.com
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	platform.twitter.com	static-21.sinclairstoryline.com platform.twitter.com
1	match.deepintent.com	ssum-sec.casalemedia.com
1	c1.adform.net	ssum-sec.casalemedia.com
1	ad.turn.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	b1sync.zemanta.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	contextual.media.net	ads.rubiconproject.com
1	acdn.adnxs.com	ads.rubiconproject.com
1	id.sharedid.org	ads.rubiconproject.com
1	ingest.tidaltv.com	1 redirects
1	cdn.pubmatic.com	apps.pubmatic.com
1	pixel.mathtag.com	1 redirects
1	server.cpmstar.com
1	optout.bigsea.weborama.com	1 redirects
1	optout-service.unrulymedia.com	1 redirects
1	optout.thrtle.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	privacy.tapad.com	1 redirects
1	optout.steelhousemedia.com	1 redirects
1	pixel.sojern.com	1 redirects
1	oo.rfihub.com	1 redirects
1	nai.sharethis.com	1 redirects
1	i.w55c.net	1 redirects
1	optout.mediaforge.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	bh.contextweb.com	1 redirects
1	apps.pubmatic.com	upnorthlive.com.admin-eu.cas.ms
1	u.openx.net	1 redirects
1	jadserve.postrelease.com	1 redirects
1	www.mathtag.com	upnorthlive.com.admin-eu.cas.ms
1	oba.media.net	1 redirects
1	partner.knorex.com	1 redirects
1	ad.wsod.com	1 redirects
1	adssettings.google.de	1 redirects
1	adssettings.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	privacy.eyereturn.com	1 redirects
1	segments.company-target.com	1 redirects
1	optout.crsspxl.com	1 redirects
1	ml314.com	1 redirects
1	optout.prod.bidr.io	1 redirects
1	apolloprogram.io	1 redirects
1	optout.alphonso.tv	1 redirects
1	my.ipredictive.com	1 redirects
1	acuityplatform.com	1 redirects
1	optout.tynt.com	1 redirects
1	optout.33across.com	1 redirects
1	analytics.twitter.com	1 redirects
1	s.thebrighttag.com	1 redirects
1	app.link	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	adf60b992c65a6011be0ced3d07caafa.safeframe.googlesyndication.com	tagan.adlightning.com
1	adservice.google.com	tagan.adlightning.com
1	adservice.google.de	tagan.adlightning.com
1	prefmgr-cookie.truste-svc.net	upnorthlive.com.admin-eu.cas.ms
1	api.userway.org	sinclairstoryline.com
1	fastlane.rubiconproject.com	ads.rubiconproject.com
1	htlb.casalemedia.com	ads.rubiconproject.com
1	prebid.media.net	ads.rubiconproject.com
1	tlx.3lift.com	ads.rubiconproject.com
1	bidder.criteo.com	ads.rubiconproject.com
1	ads.yieldmo.com	ads.rubiconproject.com
1	www.google.de	upnorthlive.com
1	www.google.com	upnorthlive.com
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	syndication.twitter.com	platform.twitter.com
1	idsync.rlcdn.com	upnorthlive.com
1	ads.rubiconproject.com	static-21.sinclairstoryline.com
1	www.googletagservices.com	static-21.sinclairstoryline.com
1	www.googletagmanager.com	upnorthlive.com
1	fonts.googleapis.com	static-20.sinclairstoryline.com
1	static-21.sinclairstoryline.com	upnorthlive.com
1	static-22.sinclairstoryline.com	upnorthlive.com
1	static-17.sinclairstoryline.com	upnorthlive.com
1	static-14.sinclairstoryline.com	upnorthlive.com
1	static-20.sinclairstoryline.com	upnorthlive.com
1	upnorthlive.com.admin-eu.cas.ms
0	optout.mxptint.net Failed	upnorthlive.com.admin-eu.cas.ms
200	117

This site contains no links.

Subject Issuer	Validity	Valid
MCAS Mcas Root CA	`2021-04-09` - `2021-04-10`	a day	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
kval.com DigiCert SHA2 Secure Server CA	`2020-04-23` - `2022-05-25`	2 years	crt.sh
*.sinclairstoryline.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-03` - `2022-01-03`	a year	crt.sh
ssl516460.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-04-06` - `2021-10-13`	6 months	crt.sh
*.adlightning.com Amazon	`2020-07-22` - `2021-08-22`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 01	`2020-09-28` - `2021-09-28`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.yieldmo.com Amazon	`2020-06-23` - `2021-07-23`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
api.userway.org Amazon	`2020-12-02` - `2021-12-31`	a year	crt.sh
*.truste-svc.net Go Daddy Secure Certificate Authority - G2	`2020-04-25` - `2022-06-23`	2 years	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
*.amgdgt.com Amazon	`2020-11-22` - `2021-12-21`	a year	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
server.cpmstar.com Go Daddy Secure Certificate Authority - G2	`2020-06-30` - `2022-09-18`	2 years	crt.sh
*.tradedoubler.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-09` - `2022-02-09`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
id.sharedid.org Amazon	`2021-01-08` - `2022-02-06`	a year	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh

This page contains 58 frames:

Primary Page: https://upnorthlive.com/
Frame ID: 5167AD60134548114E3B34E3C4C33DFD
Requests: 85 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/0.196.29/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fupnorthlive.com%2F
Frame ID: A6F5C3F26A1C3725D62755D231B1C261
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.e16c6ecf9d86005b77fc7c17beced5d8.html?origin=https%3A%2F%2Fupnorthlive.com
Frame ID: 469F93ECAF933AA8143D53F30C3FCB07
Requests: 2 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
Frame ID: A66EE19DEDE6150ED50CE1A5B698BCAF
Requests: 21 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Frame ID: CEA367BBF155F8CDCAC4B10B09AD4BB2
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http://sbgi.net/privacy-policy&irm=undefined&from=https://consent.trustarc.com/
Frame ID: B0F75CE7C52D3C13F0826BF7382ED355
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 76083B64899DDF2366DEE28B3D04AB03
Requests: 2 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: 63068779606DBA970436DD4ACA88D883
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/816/1-0
Frame ID: 44C87C15E2A37E6AA85F72117DCDEA79
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/766/1-0
Frame ID: 7ABF45182EEFE571F5C126AB53D092D0
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/519/1/0
Frame ID: A90BFDE392FDF9EDE9A21272738B0D73
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/716/1/AAAAEICgku_YOOTcwFZspu0-QINJyUx8Ln4zfLaF5VIWwZ3eavhu4SWAi7qeySSF0qPNtXhs/
Frame ID: E43498B6CFCA5ADAD7BBF2C7C9D73D2B
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/258/1/58b42ace821f6b36/
Frame ID: 0577616D909BED239289947090CFC664
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/488/1/58b42ace821f6b36/
Frame ID: 464EE99C82B019465E0F23268B870520
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/383/1/xKWWkpwqrq/
Frame ID: DE3DD48B63E1D598CBE49D44E76B944D
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/642/1/adelphic
Frame ID: 61950AF3E809EFD4C11FADE3C72CFF75
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/768/1
Frame ID: A496A0DA5CFEBC243C472C18FDD97FB1
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/636/2/90827426468215186874/
Frame ID: 989EE0F6B55E763075AF5B8F06FB07AA
Requests: 8 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/713/1-2/
Frame ID: 4520B6626169EA8B9D7B289DC1562A88
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/559/1-0/153050528/
Frame ID: 5BF303BE1B8CA50A38FE0AD0978D964C
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/574/1/0b9490d1f38e
Frame ID: 931A263B31233C19841604E1AD434063
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/
Frame ID: 89AE44DF3D7683A492BE77E84F554B6F
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/392/1/253614
Frame ID: 1F0B649BF8F18047F85386A551E3344D
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/762/1-0/
Frame ID: C336D201CB1999385723B681105861FD
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/813/1/0/
Frame ID: 331A82BAB3D8319F703647DA6E855988
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3/
Frame ID: 24E37385499A5B528F74E261BA03A7A3
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/
Frame ID: 53AAF8FFE7F25D11450A8F4BF1078763
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/641/1/a5a11da8-73c7-44af-9dda-b51d94a0d5d8/
Frame ID: 0E5EC9C14492C8F53725BB65579E7423
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/454/1/E96XQIOVFD/
Frame ID: 2EE5F8AC88A109CBE0C6D9DE6BC8EA58
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/807/1-1/fb0rnm5g5tn05v7grfm9umd5o6/
Frame ID: C6040EBF1A8CBA1AF64AA582207B570D
Requests: 2 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/755/3/
Frame ID: 4C6C341CCD5B6D39D4FA6E1B73A98E16
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/765/1/1618015992/
Frame ID: 63CFE19A3F4614624DABCF2F13CC72B2
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/420/1/xETh2Cbamm36rgbcE9Z2cVWmSK7jGAh2gab6/
Frame ID: 33904953AA1B1D435198E4B2C1FB08E1
Requests: 3 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/422/1/kZS0eEwh9qiD
Frame ID: 5305E09EA251966887410D1259C57D24
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/806/1-0/O020392429351618015992768/
Frame ID: 69367474800A6C09E6987DBA7082B180
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/758/1-0/b5962ba7-e3c8-4b51-87f8-2abb250e00cf
Frame ID: C18CA29227C54D74012C26689FA0DFD5
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/497/1-0/0
Frame ID: 2D38B8361906A31C0B59E7C059D15876
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/831/1-1/909786677
Frame ID: 97B296ECAE46CE6D3B80C53331865AF3
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/835/1/42/
Frame ID: 1F9A1EA5260A15B5A31778F0FFCD34E3
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/729/1/dummy_token/
Frame ID: 95F3859CF725D38C17F194FF4087B57A
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/604/1/XloPuglJuvKJvbmS
Frame ID: 2FDAB1B81929976EE2451F7E65F3D732
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/742/1/
Frame ID: 8BF1B434228F5148B2F470DE3C69EB6F
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/375/1/44ca856c-81cf-3854-8aab-9738a11eadc3/
Frame ID: 5E89E7BD19CBDD259D6AE23A45B0CD6E
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/428/1/4a468fed-d6fa-4f75-a6fb-7497f9da8487/
Frame ID: 85C1AD25C0F93B134E206B0681185BDE
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/366/1-0/o8stHZzkEz
Frame ID: 0D96D1B001C98C7F01573A298C36C4D7
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/770/1-0/rbti
Frame ID: F6D955E4A479134B7269E60415F579F0
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/
Frame ID: B40F2A3B27C2D36F1FC5F5837E6D560F
Requests: 1 HTTP requests in this frame

Frame: https://optout.mxptint.net/daastatus.ashx?rd=http://preferences-mgr.truste.com&participant_id=540&action_id=3
Frame ID: B95B228D03A314D3C2910361FDBDBE48
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/747/1-0/csrf
Frame ID: 857BDFA429F089EE4D937ADC15A705EF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=upnorthlive.com
Frame ID: 24C5613BE76E279A3971640FF9DF2A4C
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: DCFB8B83105CFF8B91091A90A86201A6
Requests: 11 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=c0L0awECOr6OoraKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: FEC357C29735BEB2F00815A279DF94C5
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cXBL-QECOr6OoraKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: B6856602538EFFB97A9BD55167F63784
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2F562BFA3E13990C85EA30BF24A4332B
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D267ABBEECA3987A6639E24EDB79C757
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU34Q8WJ&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 0BDCC0487A540C22E20F7F3899BAF72E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 23F6421B63514DDE8F4A8C3E8E939654
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 4B39D54A472C75C2A671B81894D4335C
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://upnorthlive.com.admin-eu.cas.ms/ Page URL
https://upnorthlive.com/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

200
Requests

99 %
HTTPS

27 %
IPv6

80
Domains

117
Subdomains

66
IPs

10
Countries

2464 kB
Transfer

6953 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://upnorthlive.com.admin-eu.cas.ms/ Page URL
https://upnorthlive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://sb.scorecardresearch.com/b?c1=2&c2=19578925&ns__t=1618015991225&ns_c=UTF-8&cv=3.5&c8=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&c7=https%3A%2F%2Fupnorthlive.com%2F%3F&c9=https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=19578925&ns__t=1618015991225&ns_c=UTF-8&cv=3.5&c8=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&c7=https%3A%2F%2Fupnorthlive.com%2F%3F&c9=https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F&cs_ak_ss=1

Request Chain 61

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fupnorthlive.com%2F&domain=upnorthlive.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=97f10nxYdXdDcDc0WEtKTC9EVDVUTDRVY2dJVXBKSTQ0WUJERFlKOENKQ1lQN21Kdi9YL3R5c25KazhyTlAvVUJCM0ZlSGs3cFFneGNrM0l6bjN3VVdmUkhXQjI0OXh2ZkJoMVErTkN2RGx6Q2REaCtQYlgxWGRYWVA1Q250Rm43ZXBBMU5zM3hvZitWRWpDY1J3QS9mSG5BTkI2ZlF5d0trblVLQjZhSGtKNlB5UzBVd3JOWCtHdUJLbjkzZ2hLL2tFTGM5N3N5VnQzeEdiZzZHQlkzNXZIZ21RZ3ZIMFhzZk1BaTZzZjJ4cTZFZGZrPXw&cppv=2

Request Chain 110

https://app.link/nai-optout?action_id=3&participant_id=816&rd=https://preferences-mgr.truste.com&nocache=0.4846240146080738 HTTP 302
https://preferences-mgr.truste.com/token/816/1-0

Request Chain 111

https://beacon.lynx.cognitivlabs.com/daa/webchoices?action_id=3&participant_id=766&rd=https://preferences-mgr.truste.com/&nocache=0.41864297959787167 HTTP 302
https://preferences-mgr.truste.com//token/766/1-0

Request Chain 112

https://s.thebrighttag.com/api/privacy/3fLGmeU/nai?action_id=3&participant_id=519&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.8145193791572358 HTTP 307
https://preferences-mgr.truste.com/token/519/1/0

Request Chain 113

https://analytics.twitter.com/daa/0/daa_optout_actions?action_id=3&participant_id=716&rd=https://preferences-mgr.truste.com&nocache=0.11421449788949589 HTTP 307
https://preferences-mgr.truste.com/token/716/1/AAAAEICgku_YOOTcwFZspu0-QINJyUx8Ln4zfLaF5VIWwZ3eavhu4SWAi7qeySSF0qPNtXhs/

Request Chain 114

https://optout.33across.com/api/?action_id=3&participant_id=258&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.06538139145014288 HTTP 302
https://preferences-mgr.truste.com/token/258/1/58b42ace821f6b36/

Request Chain 115

https://optout.tynt.com/api/?action_id=3&participant_id=488&rd=https://preferences-mgr.truste.com&nocache=0.6576183614530995 HTTP 302
https://preferences-mgr.truste.com/token/488/1/58b42ace821f6b36/

Request Chain 116

https://acuityplatform.com/Adserver/nai?action_id=3&participant_id=383&rd=https://preferences-mgr.truste.com&nocache=0.44836625930660445 HTTP 302
https://preferences-mgr.truste.com/token/383/1/xKWWkpwqrq/

Request Chain 117

https://my.ipredictive.com/optout/aboutads?action_id=3&participant_id=642&rd=https://preferences-mgr.truste.com&nocache=0.3188222102175231 HTTP 302
https://preferences-mgr.truste.com/token/642/1/adelphic

Request Chain 118

https://optout.alphonso.tv/optout_v1?action_id=3&participant_id=768&rd=https://preferences-mgr.truste.com&nocache=0.6205378461417315 HTTP 302
https://preferences-mgr.truste.com/token/768/1

Request Chain 119

https://ad.amgdgt.com/ads/nai-coop-opt-out?action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405 HTTP 302
https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405

Request Chain 120

https://r.turn.com/r/optout?action_id=3&participant_id=713&rd=https://preferences-mgr.truste.com&nocache=0.2909998417829094 HTTP 302
https://preferences-mgr.truste.com/token/713/1-2/

Request Chain 121

https://apolloprogram.io/optout?action_id=3&participant_id=559&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.28212396017279096 HTTP 302
https://preferences-mgr.truste.com/token/559/1-0/153050528/

Request Chain 122

https://optout.prod.bidr.io/optout?action_id=3&participant_id=574&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.4873849742633807 HTTP 302
https://preferences-mgr.truste.com/token/574/1/0b9490d1f38e

Request Chain 123

https://ml314.com/daaoptout.ashx?action_id=3&participant_id=718&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.9929598322169366 HTTP 302
https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/

Request Chain 124

https://optout.crsspxl.com/opt-out.php?action_id=3&participant_id=392&rd=https://preferences-mgr.truste.com/&nocache=0.5501910891399684 HTTP 302
https://preferences-mgr.truste.com//token/392/1/253614

Request Chain 125

https://segments.company-target.com/dnt?action_id=3&participant_id=762&rd=https://preferences-mgr.truste.com&nocache=0.3638758641323159 HTTP 302
https://preferences-mgr.truste.com/token/762/1-0/

Request Chain 126

https://privacy.eyereturn.com/coop?action_id=3&participant_id=813&rd=https://preferences-mgr.truste.com/&nocache=0.19510148468161792 HTTP 302
https://preferences-mgr.truste.com//token/813/1/0/

Request Chain 127

https://googleads.g.doubleclick.net/ads/preferences/naioptout?action_id=3&participant_id=804&rd=https://preferences-mgr.truste.com&nocache=0.3706910843929323 HTTP 302
https://adssettings.google.com/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3&aboutads_sess=ACi0TCgzuve7mbGA8_B-xCi-B8RHMMBDGKwdsXLc2WRRFA4-BWRWFvCJiMU1odRc5aDoZ9Y9isoF&status=1 HTTP 302
https://adssettings.google.de/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3&aboutads_sess=ACi0TCgzuve7mbGA8_B-xCi-B8RHMMBDGKwdsXLc2WRRFA4-BWRWFvCJiMU1odRc5aDoZ9Y9isoF&status=1&ipr=y HTTP 302
https://preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3/

Request Chain 128

https://ad.wsod.com/coop_api/?action_id=3&participant_id=407&rd=https://preferences-mgr.truste.com/&nocache=0.6212910339735191 HTTP 302
https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/

Request Chain 129

https://partner.knorex.com/oba/api/aboutads?action_id=3&participant_id=641&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6506654505994021 HTTP 302
https://preferences-mgr.truste.com/token/641/1/a5a11da8-73c7-44af-9dda-b51d94a0d5d8/

Request Chain 130

https://oba.media.net/nai.php?action_id=3&participant_id=454&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.8208618069712379 HTTP 302
https://preferences-mgr.truste.com/token/454/1/E96XQIOVFD/

Request Chain 132

https://jadserve.postrelease.com/naioptout?action_id=3&participant_id=755&rd=https://preferences-mgr.truste.com&nocache=0.6300195753410418 HTTP 302
https://preferences-mgr.truste.com/token/755/3/

Request Chain 133

https://u.openx.net/privacy/daa?action_id=3&participant_id=765&rd=https://preferences-mgr.truste.com&nocache=0.544747758019497 HTTP 302
https://preferences-mgr.truste.com/token/765/1/1618015992/

Request Chain 135

https://bh.contextweb.com/bh/oba/aboutads/?action_id=3&participant_id=422&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.15411385081511653 HTTP 302
https://preferences-mgr.truste.com/token/422/1/kZS0eEwh9qiD

Request Chain 136

https://pixel.quantserve.com/optout?action_id=3&participant_id=806&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6304568669858734 HTTP 302
https://preferences-mgr.truste.com/token/806/1-0/O020392429351618015992768/

Request Chain 137

https://optout.mediaforge.com/nai/mediaforge/optout?action_id=3&participant_id=758&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.7220065886007279 HTTP 302
https://preferences-mgr.truste.com/token/758/1-0/b5962ba7-e3c8-4b51-87f8-2abb250e00cf

Request Chain 138

https://api.retargetly.com/optout?action_id=3&participant_id=497&rd=https://preferences-mgr.truste.com/&nocache=0.7375084932384992 HTTP 302
https://api.retargetly.com/optout?action_id=3&participant_id=497&rd=https%3A%2F%2Fpreferences-mgr.truste.com%2F&nocache=0.7375084932384992&_rlid=258e9fa9-3549-47c2-9e5b-7d393bf33b3b HTTP 302
https://preferences-mgr.truste.com//token/497/1-0/0

Request Chain 139

https://i.w55c.net/optout/nai?action_id=3&participant_id=831&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.31802074119693 HTTP 302
https://preferences-mgr.truste.com/token/831/1-1/909786677

Request Chain 140

https://nai.sharethis.com/?action_id=3&participant_id=835&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.9107635042222395 HTTP 302
https://preferences-mgr.truste.com/token/835/1/42/

Request Chain 141

https://oo.rfihub.com/nai.gif?action_id=3&participant_id=729&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.7469728027786195 HTTP 302
https://preferences-mgr.truste.com/token/729/1/dummy_token/

Request Chain 142

https://pixel.sojern.com/optout/do?action_id=3&participant_id=604&rd=https://preferences-mgr.truste.com&nocache=0.16242486217168906 HTTP 307
https://preferences-mgr.truste.com/token/604/1/XloPuglJuvKJvbmS

Request Chain 143

https://ap.lijit.com/cookie_opt_out?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com&nocache=0.6236276668704173 HTTP 302
https://ap.lijit.com/check_optout_cookie?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com HTTP 302
https://preferences-mgr.truste.com/token/742/1/

Request Chain 144

https://optout.steelhousemedia.com/nai?action_id=3&participant_id=375&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.11865885943287324 HTTP 302
https://preferences-mgr.truste.com/token/375/1/44ca856c-81cf-3854-8aab-9738a11eadc3/

Request Chain 145

https://privacy.tapad.com/daa-coop?action_id=3&participant_id=428&rd=https://preferences-mgr.truste.com&nocache=0.87285952209917 HTTP 303
https://preferences-mgr.truste.com/token/428/1/4a468fed-d6fa-4f75-a6fb-7497f9da8487/

Request Chain 146

https://pixel.rubiconproject.com/oba/optout/?action_id=3&participant_id=366&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.3363509881467939 HTTP 302
https://preferences-mgr.truste.com/token/366/1-0/o8stHZzkEz

Request Chain 147

https://optout.thrtle.com/optout?action_id=3&participant_id=770&rd=https://preferences-mgr.truste.com&nocache=0.37617324718308165 HTTP 302
https://preferences-mgr.truste.com/token/770/1-0/rbti

Request Chain 148

https://optout-service.unrulymedia.com/opt-out?action_id=3&participant_id=783&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6600020666555269 HTTP 302
https://preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/

Request Chain 149

https://optout.mxptint.net/daaoptout.ashx?action_id=3&participant_id=540&rd=http://preferences-mgr.truste.com&nocache=0.35124559906811004 HTTP 302
https://optout.mxptint.net/daastatus.ashx?rd=http://preferences-mgr.truste.com&participant_id=540&action_id=3

Request Chain 150

https://optout.bigsea.weborama.com/optout?action_id=3&participant_id=747&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.0033268862255300125 HTTP 302
https://preferences-mgr.truste.com/token/747/1-0/csrf

Request Chain 152

https://publisher.tradedoubler.com/public/setBlockTargetingCookie.action?nocache=0.33375387040545257 HTTP 302
https://publisher.tradedoubler.com/public/targetingCookieInformation.action

Request Chain 157

https://pixel.mathtag.com/event/img?mt_id=888&mt_nsync&mm_bnc&redir=https%3A%2F%2Fpreferences-mgr.truste.com%2Ftoken%2F807%2F%5BNAI_OPTOUT%5D-1%2Ffb0rnm5g5tn05v7grfm9umd5o6%2F HTTP 302
https://preferences-mgr.truste.com/token/807/1-1/fb0rnm5g5tn05v7grfm9umd5o6/

Request Chain 163

https://ad.amgdgt.com/ads/opt-out?op=check&src=MST&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D-419943423911395328%26pf%3Damg%26st%3D HTTP 302
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=-419943423911395328&pf=amg&st=nt HTTP 302
https://cdn.amgdgt.com/base/pixels/transparent.gif

Request Chain 164

https://r.turn.com/r/optout?src=amobee&type=status&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D5534732271616%26pf%3Dturn%26st%3D HTTP 302
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=5534732271616&pf=turn&st=t HTTP 302
https://cdn.amgdgt.com/base/pixels/transparent.gif

Request Chain 165

https://ingest.tidaltv.com/opt-out?op=givethestatus&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D7385421516%26pf%3Dvid%26st%3D HTTP 302
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=7385421516&pf=vid&st=nt HTTP 302
https://cdn.amgdgt.com/base/pixels/transparent.gif

Request Chain 168

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 176

https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBWDgKiowRiGCNfaM1aZWUU&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 179

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAyODY3NjI4OTI0MTQxMDg5Mg%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAyODY3NjI4OTI0MTQxMDg5Mg%3D%3D&google_tc=

Request Chain 181

https://pr-bh.ybp.yahoo.com/sync/triplelift/2028676289241410892?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-e0Vm8YxE2oTcFNHAgxafn2gtWFETX7BBJZJYUz4qrw--~A&dongle=0883

Request Chain 182

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=943434866460797159&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 183

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2028676289241410892 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2028676289241410892&dcc=t

Request Chain 184

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 187

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 189

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHD2_PGrZHEfrkGs5ZO5PQAABGAAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHD2_PGrZHEfrkGs5ZO5PQAABGAAAAIB&dcc=t

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YHD2_PGrZHEfrkGs5ZO5PQAABGAAAAIB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELP6UjRE3PdkppHSQEXaD8U&google_cver=1

Request Chain 192

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YHD2-PGrZHEfrkGs5ZO5PQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJhw-n1tdVmlS2Kof5j_U30&google_cver=1&gdpr=1

Request Chain 193

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8900624171902418972

Request Chain 195

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=0c305fc9-2663-4e9d-9124-27a5e538edda&expiration=1649551997

200 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
upnorthlive.com.admin-eu.cas.ms/ 1012 B
836 B 655ms
23ms Document
text/html 51.137.137.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://upnorthlive.com.admin-eu.cas.ms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.137.137.121 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

4b2c7b26bc96741ad437b155a08a1c9041f449315adbce690dc7389b406fd896

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: upnorthlive.com.admin-eu.cas.ms
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: openresty
date: Sat, 10 Apr 2021 00:53:07 GMT
x-mcas-request-id: e77c05961934db9f78e0cb7189a74a20
expires: Mon, 01-Jan-1990 00:00:00 GMT
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000
x-mcas-upstream-time: n/a
x-mcas-processing-time: 2
content-encoding: gzip
x-mcas-cache-status: MISS

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/0.196.29/js/ 5 KB
5 KB 121ms
7ms Script
application/javascript 2a02:26f0:64::210:6bb9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.196.29/js/session-context-store-helper.min.js
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726

Request headers

Referer: https://upnorthlive.com.admin-eu.cas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 10 Apr 2021 00:53:07 GMT
last-modified: Thu, 04 Mar 2021 10:58:07 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: npsIWjlCWsd9fFNnNdaKMw==
etag: 0x8D8DEFC64751E17
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3f7fd6b0-801e-0122-4759-137cb7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=3792
x-ms-version: 2009-09-19
content-length: 4994

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/0.196.29/html/ Frame A6F5 281 B
727 B 181ms
181ms Document
text/html 2a02:26f0:64::210:6bb9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.196.29/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fupnorthlive.com%2F
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.196.29/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

:method: GET
:authority: mcasproxy.azureedge.net
:scheme: https
:path: /proxyweb/0.196.29/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fupnorthlive.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upnorthlive.com.admin-eu.cas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://upnorthlive.com.admin-eu.cas.ms/

Response headers

content-length: 281
content-type: text/html
content-md5: vDuuGHIdcY/gQtnraxH9qw==
last-modified: Thu, 04 Mar 2021 10:54:11 GMT
etag: 0x8D8DEFBD7F80B80
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 617dcb6b-801e-0087-5259-1301fb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=7035
date: Sat, 10 Apr 2021 00:53:07 GMT

GET
H2 200 session-context-restore.min.js Show response
mcasproxy.azureedge.net/proxyweb/0.196.29/js/ Frame A6F5 64 KB
65 KB 10ms
9ms Script
application/javascript 2a02:26f0:64::210:6bb9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.196.29/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.196.29/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fupnorthlive.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a55b1cbb17117e8456b5637969d4d6d7ede32d26e4abbce0afcb08476eba2028

Request headers

Referer: https://mcasproxy.azureedge.net/proxyweb/0.196.29/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fupnorthlive.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 10 Apr 2021 00:53:07 GMT
last-modified: Thu, 04 Mar 2021 10:58:06 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: BzcPIa97Vbx2Zexftrl+Xw==
etag: 0x8D8DEFC642A72AE
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2549c35c-e01e-00d8-4b59-13f305000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1
x-ms-version: 2009-09-19
content-length: 65920

GET
H2 200 Primary Request / Show response
upnorthlive.com/ 518 KB
519 KB 3295ms
3271ms Document
text/html 152.195.39.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 8140ad7808211f9a5a88486ee37093f52e4358c6160d794cda8628611a9547a7

Request headers

:method: GET
:authority: upnorthlive.com
:scheme: https
:path: /?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://upnorthlive.com.admin-eu.cas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://upnorthlive.com.admin-eu.cas.ms/

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: max-age=60
content-type: text/html; charset=UTF-8
date: Sat, 10 Apr 2021 00:53:07 GMT
etag: 9d007c50-5598-4ccb-ab81-b91efda21d5a
expires: Sat, 10 Apr 2021 00:54:10 GMT
if-none-match: 9d007c50-5598-4ccb-ab81-b91efda21d5a
sbg-11: 7.6.2020T1253
sbgi-1: Production
sbgi-10: true
sbgi-5: true
sbgi-6_5: 03.13.20T1242
sbgi-6_6: 03.13.20T1242
sbgi-6_7: 03.13.20T1242
sbgi-7a: 03.13.20T1242
sbgi-9: true
sbgi-device: NoSmartphone
sbgi-protocol: https
sbgi-realpath: /renderer/upnorthlive/
sbgi-rendertime: Apr-10-2021 00:53:10
server: Apache/2.4.7 (Ubuntu)
set-cookie: laravel_session=eyJpdiI6Imt1U1kydHV6alludTZOaDUrMUhXS0E9PSIsInZhbHVlIjoiYnZzSjlkXC90Mm1pU3lZV2M4UStHSmJJTCs1ZFlQUERCVEcwTjRrT2QzZm5BdTAyUzMzM2FlY0ROK0JMamNzaFVnTjhjdWQwU0ZnSmNCb05KcXNvdmtnPT0iLCJtYWMiOiI3NjIyZTkyMDQ4Y2IxMGY3ZTM3ZTBmYjQzZWExNTVkNzYxYzNiYzk3ZmM1NWRhNDA1NjY0Y2NlODI4OTM1MmE0In0%3D; expires=Sat, 10-Apr-2021 02:53:10 GMT; Max-Age=7200; path=/; httponly

GET
H2 200 common.css
static-20.sinclairstoryline.com/resources/assets/common/fonts/open-sans/ 630 B
662 B 46ms
6ms Stylesheet
text/css 152.195.39.15
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static-20.sinclairstoryline.com/resources/assets/common/fonts/open-sans/common.css?_=2021-04-05T18-26Z
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: b686e3e2a293833a4692aabe20e2e61115fafc0a4df592641e07d0eefb64f484

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:10 GMT
content-encoding: gzip
age: 631
x-cache: HIT
sbgi-resource: c
x-amz-request-id: 1V9W1FQ3J4B88HNX
x-amz-id-2: Wp3PGCi3jV4mNw7G0lDPHOjpULvhqxqH0VcMnKcX7euJOp/gIblcq4xwFY15ffobssK2+eA1VS4=
accept-ranges: bytes
last-modified: Thu, 12 Apr 2018 21:07:15 GMT
server: ECS (frb/6725)
etag: "96a7ea31ff8f8fce2c4c23e349c39651+gzip"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=3600
content-length: 324
content-type: text/css
expires: Sat, 10 Apr 2021 01:53:10 GMT

GET
H2 200 privacyUtils.js Show response
static-14.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/core/shared/ 6 KB
2 KB 33ms
6ms Script
application/javascript 152.195.39.15
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static-14.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/core/shared/privacyUtils.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D6) /
Resource Hash: 0377374a761dcbc940ce09a8bddca342bf82ab59aa7e03dd290f2db39a4132ac

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:10 GMT
content-encoding: gzip
age: 367336
x-cache: HIT
x-amz-replication-status: FAILED
sbgi-resource: b
content-length: 2158
x-amz-id-2: CrXvszObT31R8Wu15DZ9dWYj8gTnG5h71sc3Qzkcw3Y3ODhmLmM/O0mdql7GpDumTmnLLOtjanM=
last-modified: Mon, 05 Apr 2021 18:42:45 GMT
server: ECS (frb/67D6)
x-amz-request-id: GAXYHQEJ6J3QVP4K
etag: "b50578d7e22cade8f7196666db297922"
vary: Accept-Encoding
x-amz-version-id: uKAI9tOWB0m5TP3ghYZfqkzY6G.ycyCp
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 10 Apr 2022 00:53:10 GMT

GET
H2 200 ads.js Show response
static-17.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/core/shared/ 347 B
640 B 34ms
6ms Script
application/javascript 152.195.39.15
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static-17.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/core/shared/ads.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 1666b41d1d6fb7ba772113768f30b4b59a7494633f656ff4b12fe2a410c6c9ee

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:10 GMT
content-encoding: gzip
age: 367336
x-cache: HIT
x-amz-replication-status: FAILED
sbgi-resource: b
content-length: 244
x-amz-id-2: /N2wplq/WtxsYuak0KrSOceoy9oMuRUhvS4RbEByoPdrGqSkaaUAR3z58nc5kKMa7vcqXCsoYcU=
last-modified: Mon, 05 Apr 2021 18:42:40 GMT
server: ECS (frb/675D)
x-amz-request-id: GAXY7HSXD5PW4VBS
etag: "05c0c76ac74869e90bd410e8300d42e5"
vary: Accept-Encoding
x-amz-version-id: 73Rc7fKg1ejXp491GMAkpoI4APvcJ5y3
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 10 Apr 2022 00:53:10 GMT

GET
H2 200 player.js Show response
upnorthlive.com/resources/video/players/prod/src/scripts/jwplayer/ 7 KB
3 KB 7ms
6ms Script
application/javascript 152.195.39.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/resources/video/players/prod/src/scripts/jwplayer/player.js?_=2021-04-05T18-26Z
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6794) /
Resource Hash: 7f48469648e59b2f575ad2ae883c9627e1956540594edc21aacf991f85d84bd3

Request headers

Referer: https://upnorthlive.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:10 GMT
content-encoding: gzip
sbgi-5: true
age: 92142
sbgi-13: d
sbgi-7a: 03.13.20T1242
sbg-11: 7.6.2020T1253
x-cache: HIT
sbgi-6_7: 03.13.20T1242
sbgi-qs: _=2021-04-05T18-26Z
sbgi-9: true
content-length: 2378
x-amz-id-2: wqYZQTk/gWX/eCI1neZIqofPI8RZkJkzlLxe6MMqsGbKIUgBClwMfQPcwGqx+sqeS6dP9Fk7wtI=
sbgi-protocol: https
sbgi-10: true
last-modified: Wed, 24 Mar 2021 23:19:28 GMT
server: ECS (frb/6794)
etag: "00fb2c21c0e6e80e523134fc454fcfec+gzip"
sbgi-6_6: 03.13.20T1242
vary: Accept-Encoding
x-amz-request-id: 3P4D04VRHSN6PBAC
access-control-allow-origin: *
sbgi-device: NoSmartphone
cache-control: max-age=604800
x-amz-version-id: SBbuyIXFife8L45vlZo4.9uiU9322DAb
sbgi-1: Production
sbgi-6_5: 03.13.20T1242
content-type: application/javascript
expires: Sat, 17 Apr 2021 00:53:10 GMT

GET
H2 200 widget.js Show response
sinclairstoryline.com/resources/defaults/userway/ 1 KB
1 KB 367ms
90ms Script
application/javascript 192.229.163.105
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://sinclairstoryline.com/resources/defaults/userway/widget.js?2021-04-05T18-26Z
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.105 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D05) /
Resource Hash: 8ff62030ec15826d5df76673030a7722e255ccd09fe2de0fb04c5018f5e02689

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
sbgi-ssl-all: 0Min
age: 21737
x-cache: HIT
sbgi-fm-mb: NIE
content-length: 676
x-amz-id-2: oBE+HqNmLoEQfQ3J6+GDEl9T4TS3Q26p6PL+/hY4q0USRh1b2GX/pc/0M1IyB8u0vWukqQvB2Fg=
sbgi-bypass-cache-cookie: SPA
last-modified: Mon, 08 Feb 2021 18:25:06 GMT
server: ECS (nyb/1D05)
cache-control: max-age=3600
etag: "6b60b57afed873c7118f08185b5e2ded+gzip"
vary: Accept-Encoding
x-amz-meta-replication-status: FAILED
x-amz-request-id: 7V8RZS81WGJZQ01H
access-control-allow-origin: *
sbgi-security: StorylineApplication
x-amz-version-id: LERj_HbTvhAdKINBta1Q1N.8IrmgQ11H
x-amz-meta-version-id: 6n3msFMhAfCO.VxzkWYc3kd2tATtZkdZ
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 10 Apr 2021 01:53:11 GMT

GET
H2 200 lightbox_sinclair.js Show response
www.lightboxcdn.com/static/ 6 KB
3 KB 37ms
19ms Script
application/x-javascript 2606:4700::6810:4da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/lightbox_sinclair.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b0d17e305184462011635445935a531dc59d96d27365188bf15122252ef6c30

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Apr 2021 00:53:10 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: C7dbFkbDxOGaBExAcWWwuA==
age: 22504
cf-polished: origSize=7047
x-ms-meta-cbmodifiedtime: Fri, 09 Apr 2021 18:36:20 GMT
last-modified: Fri, 09 Apr 2021 18:37:56 GMT
cf-request-id: 095addcc76000097a2e38d8000000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
x-ms-request-id: 00ae1db9-c01e-00fc-046f-2d6b5e000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 63d7ff272bb597a2-FRA
expires: Sun, 10 Apr 2022 00:53:10 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/sinclair/ 40 KB
14 KB 21ms
6ms Script
application/javascript 65.9.66.85

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/op.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.85 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 747bc8ae0549fa92f0014a533d517ba9c0019a02b90a50617450fcf409d2e2d7

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: blATe71MBhTyeWv_g.NlfjNrREqeF_f8
content-encoding: gzip
etag: "36422be4c3b1f92bafede6cd12fbbc82"
age: 821
x-cache: Hit from cloudfront
content-length: 14247
x-amz-meta-git_commit: 49c6f47
last-modified: Fri, 09 Apr 2021 20:47:30 GMT
server: AmazonS3
date: Sat, 10 Apr 2021 00:39:30 GMT
content-type: application/javascript
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: CKJC-Lllg4A143GPl7YbOMLSJMCUJbYdGAA90ql1xXnjCZa2QGFN4Q==

GET
H2 200 presentations-home_v1.min.css
static-22.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_css/ 367 KB
42 KB 37ms
6ms Stylesheet
text/css 152.195.39.15
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static-22.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_css/presentations-home_v1.min.css
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: d271475996f1116e769492318370e47c2c3bd8b31f76af2bab2398a443025012

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:10 GMT
content-encoding: gzip
age: 322463
x-cache: HIT
x-amz-replication-status: FAILED
sbgi-resource: b
content-length: 43051
x-amz-id-2: 5NGfawS2usayXHOJWqdHwiyrGudP0b3RfaL31VoZW3WjBWdGzhq4zYdCV+7qNw0XM0JfKWYFxZ0=
last-modified: Mon, 05 Apr 2021 18:42:35 GMT
server: ECS (frb/6772)
x-amz-request-id: HA1KCDRMX47FD6RA
etag: "cb25e7b79cc747f3828fc69b800a9e92"
vary: Accept-Encoding
x-amz-version-id: 55o3Y.WR_bvyN6cdY0ySjXKOCSc9h3dO
cache-control: max-age=31536000
accept-ranges: bytes
content-type: text/css
expires: Sun, 10 Apr 2022 00:53:10 GMT

GET
H2 200 presentations-home_v1.min.js Show response
static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/ 1 MB
403 KB 42ms
10ms Script
application/javascript 152.195.39.15
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: 9d70c582c2d363673895b9ecaca7073d1551922cec23e54741c2aac192180c7d

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:10 GMT
content-encoding: gzip
age: 322463
x-cache: HIT
x-amz-replication-status: FAILED
sbgi-resource: b
content-length: 411722
x-amz-id-2: 1a7aIguDI7ImpdYpaIeGd3/Y9tpqPcw/Z8gippRNi6nI2c9FCD5XJjdyt5FMfCU1PioceSJw/5Q=
last-modified: Mon, 05 Apr 2021 18:42:42 GMT
server: ECS (frb/67BE)
x-amz-request-id: HA1QXGE6FGGQJ4ZM
etag: "d729877d4f0cf67ce9e8a0f7c41d9759"
vary: Accept-Encoding
x-amz-version-id: 7ikYQpIK7_W8DKECO8xwe2Uwj9WVq2Nf
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 10 Apr 2022 00:53:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 34ms
14ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800

Requested by

Host: static-20.sinclairstoryline.com
URL: https://static-20.sinclairstoryline.com/resources/assets/common/fonts/open-sans/common.css?_=2021-04-05T18-26Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ef50a13371119fd9955296ba0de5395196888719ea9b2954817329b4f4bf66e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://static-20.sinclairstoryline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 22:54:07 GMT
server: ESF
date: Sat, 10 Apr 2021 00:53:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Apr 2021 00:53:10 GMT

GET
H2 200 notice Show response
consent.trustarc.com/ 9 KB
4 KB 58ms
35ms Script
text/javascript 13.225.74.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=sbgi.net&c=teconsent&text=true&js=nj&noticeType=bb&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irmc=irmlink

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.74.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-74-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

4de849272e972f7e1c1e63a27b30431024b425886fc348b69dc7ce13f354fde0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 3510
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
x-amz-cf-id: 9h17FrVViotmUEJK-qJNadJfvvSN0naQjky2YklqrggY2TfMXP1juA==
expires: Sat, 10 Apr 2021 01:53:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 3851
date: Fri, 09 Apr 2021 23:48:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Sat, 10 Apr 2021 01:48:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 82 KB
31 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W4DLR7K&l=sinclairDigitalGtmData

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be5b8c67c012c59243ec6a8975702e7eb6dce00b045b29a0f0e70dce8c969ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31899
x-xss-protection: 0
last-modified: Sat, 10 Apr 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 10 Apr 2021 00:53:10 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 22ms
7ms Script
application/x-javascript 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 00:53:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sun, 11 Apr 2021 00:53:10 GMT

GET
H2 200 player.config.json Show response
upnorthlive.com/resources/video/players/prod/player-configs/config/ 3 KB
982 B 7ms
6ms Fetch
application/json 152.195.39.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/resources/video/players/prod/player-configs/config/player.config.json
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/resources/video/players/prod/src/scripts/jwplayer/player.js?_=2021-04-05T18-26Z
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6793) /
Resource Hash: bd2b00335c6b8119de2825b310cbc2fbebb2db78ce8fa0df327befc183c453a4

Request headers

Referer: https://upnorthlive.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:10 GMT
content-encoding: gzip
sbgi-5: true
age: 92214
sbgi-13: d
sbgi-7a: 03.13.20T1242
sbg-11: 7.6.2020T1253
x-cache: HIT
sbgi-6_7: 03.13.20T1242
sbgi-9: true
content-length: 735
x-amz-id-2: jXF9Jo+DLzczrG+Zjgm1zE9bInfU232V44ABbjS0xaX37fOYMb3XUWVUZdv0bapz9fcCyw21TBE=
sbgi-protocol: https
sbgi-10: true
last-modified: Tue, 06 Apr 2021 22:32:23 GMT
server: ECS (frb/6793)
etag: "5ecbfc4d2d6d0a995389ef5a758385c3+gzip"
sbgi-6_6: 03.13.20T1242
vary: Accept-Encoding
x-amz-request-id: 802QWN93K58GNS4N
access-control-allow-origin: *
sbgi-device: NoSmartphone
cache-control: max-age=604800
x-amz-version-id: BhpRjX1NJDXwEalNMrNTfN1wjd.p_oZD
sbgi-1: Production
sbgi-6_5: 03.13.20T1242
content-type: application/json
expires: Sat, 17 Apr 2021 00:53:10 GMT

GET
H2 200 jwplayer.js Show response
upnorthlive.com/resources/video/players/prod/player-configs/vendor/jwplayer/8.18.4/ 112 KB
37 KB 9ms
6ms Script
application/javascript 152.195.39.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/resources/video/players/prod/player-configs/vendor/jwplayer/8.18.4/jwplayer.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/resources/video/players/prod/src/scripts/jwplayer/player.js?_=2021-04-05T18-26Z
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6739) /
Resource Hash: 929ad20bec867ac8b707cab1390cd2af02c4dde55d0967a6050ccddc29c696fa

Request headers

Referer: https://upnorthlive.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:10 GMT
content-encoding: gzip
sbgi-5: true
age: 92214
sbgi-13: d
sbgi-7a: 03.13.20T1242
sbg-11: 7.6.2020T1253
x-cache: HIT
sbgi-6_7: 03.13.20T1242
sbgi-9: true
content-length: 37354
x-amz-id-2: /So7uwc5aB8VkCeJA05wlg8UUdSjmE7C89G0rVHN6FyY+o1U5EdkjNQBeYb0YcFwl4PIxeEn3Ps=
sbgi-protocol: https
sbgi-10: true
last-modified: Wed, 27 Jan 2021 18:05:48 GMT
server: ECS (frb/6739)
etag: "6505a92df4a2368b1b7d5e34d60a1240+gzip"
sbgi-6_6: 03.13.20T1242
vary: Accept-Encoding
x-amz-request-id: 802WWNV6RR5XA16H
access-control-allow-origin: *
sbgi-device: NoSmartphone
cache-control: max-age=604800
x-amz-version-id: _FpsJke6J97y8W1hZBRXI1ybnyKp0eHZ
sbgi-1: Production
sbgi-6_5: 03.13.20T1242
content-type: application/javascript
expires: Sat, 17 Apr 2021 00:53:10 GMT

GET
H2 200 bundle.js Show response
upnorthlive.com/resources/video/players/prod/dist/1.4.16/ 173 KB
30 KB 8ms
7ms Script
application/javascript 152.195.39.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/resources/video/players/prod/dist/1.4.16/bundle.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/resources/video/players/prod/src/scripts/jwplayer/player.js?_=2021-04-05T18-26Z
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) /
Resource Hash: a8887f5de93bb873789859f8f687910c0d1507c6d6ced9a7ae9ebde454c16e40

Request headers

Referer: https://upnorthlive.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:10 GMT
content-encoding: gzip
sbgi-5: true
age: 92214
sbgi-13: d
sbgi-7a: 03.13.20T1242
sbg-11: 7.6.2020T1253
x-cache: HIT
sbgi-6_7: 03.13.20T1242
sbgi-9: true
content-length: 30521
x-amz-id-2: 4P3DaAOm6mtqPOToXcFI5xjJGujoYeHmI6P+lDE2H+mybwBbg/im1+qZC35KJ6mNcvqLMqDbL5M=
sbgi-protocol: https
sbgi-10: true
last-modified: Tue, 06 Apr 2021 22:47:15 GMT
server: ECS (frb/6738)
etag: "6469c5e0a3e1748e88b98db591a70ecb+gzip"
sbgi-6_6: 03.13.20T1242
vary: Accept-Encoding
x-amz-request-id: 802M393YN3V0ZZVE
access-control-allow-origin: *
sbgi-device: NoSmartphone
cache-control: max-age=604800
x-amz-version-id: xayV6hw7gGbVoyaq9bDkDWbPwUj2E7Kh
sbgi-1: Production
sbgi-6_5: 03.13.20T1242
content-type: application/javascript
expires: Sat, 17 Apr 2021 00:53:10 GMT

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 14
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Sat, 10 Apr 2021 01:52:56 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 26ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: static-21.sinclairstoryline.com
URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 4804eeb4c4abffc4e7e36b96935ccb9e3ea97651dfbf522589e5c85be933f4e8

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 00:53:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Apr 2021 23:24:36 GMT
Server: ECS (frb/673A)
Age: 1402
Etag: "c6906b2e1894558795b131fc4eee41cf+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28673

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 50ms
17ms Script
application/javascript 52.85.32.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static-21.sinclairstoryline.com
URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-32-122.ham50.r.cloudfront.net
Software: Server /
Resource Hash: 2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 22:11:27 GMT
content-encoding: gzip
server: Server
age: 9703
etag: 9e0e0829d91a39f75ba9ebfdbaf1f5a9
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: GYObFiYQFsAPpwZjonnhqGiTvSP1inUf
x-amz-cf-id: fK5OOMZ3fMDv9nLdEU-3Q5RYioqYwQ5qQ_4yaaRZXOadWBRWPtI93g==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 61 KB
21 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: static-21.sinclairstoryline.com
URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5a36ac4a5dd24ed420fe399ad8ac785f6d324f02751214530ba131f1a2b9c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "838 / 671 of 1000 / last-modified: 1618006165"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20877
x-xss-protection: 0
expires: Sat, 10 Apr 2021 00:53:11 GMT

GET
H/1.1 200
OK 21162_WLOS_WPMI_Sinclair_DM.js Show response
ads.rubiconproject.com/prebid/ 421 KB
106 KB 22ms
7ms Script
text/javascript 184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Requested by: Host: static-21.sinclairstoryline.com
URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 59e99e604fc499733fd4dc9d7a2892de11f995834ddd3a9141c968f71f5ecf5e

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 00:53:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 20:47:29 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=12088
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 108603
Expires: Sat, 10 Apr 2021 04:14:39 GMT

GET
H2 200 more Show response
upnorthlive.com/api/rest/audience/ 20 KB
5 KB 160ms
159ms XHR
application/json 152.195.39.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/api/rest/audience/more?section=upnorthlive.com/news/local&limit=8
Requested by: Host: static-21.sinclairstoryline.com
URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (sjc/4E5D) /
Resource Hash: 44db3e0e87a37f05946e03c556f652a6bd2b278865b79205df01642427bf3700

Request headers

Accept: application/json, text/plain, */*
Referer: https://upnorthlive.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sbg-tag-location: Found
date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
sbgi-5: true
age: 33
sbgi-7a: 03.13.20T1242
sbg-11: 7.6.2020T1253
x-cache: HIT
sbgi-6_7: 03.13.20T1242
sbgi-19: true
sbgi-qs: section=upnorthlive.com/news/local&limit=8
sbgi-9: true
content-length: 4671
sbgi-protocol: https
sbgi-10: true
last-modified: Sat, 10 Apr 2021 00:51:38 GMT
server: ECS (sjc/4E5D)
etag: c9e3450b-997b-11eb-a12b-0629df1e01f2
sbgi-6_6: 03.13.20T1242
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
sbgi-device: NoSmartphone
cache-control: max-age=60
sbgi-1: Production
sbgi-6_5: 03.13.20T1242
expires: Sat, 10 Apr 2021 00:54:11 GMT

GET
H2 200 more Show response
upnorthlive.com/api/rest/audience/ 22 KB
5 KB 162ms
162ms XHR
application/json 152.195.39.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/api/rest/audience/more?section=upnorthlive.com/news/coronavirus&limit=8
Requested by: Host: static-21.sinclairstoryline.com
URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (sjc/4E30) /
Resource Hash: 9b78db6cb4331fe0399147b9c80d6803519842f96c929e6fb0b0ef6a3f11a6ed

Request headers

Accept: application/json, text/plain, */*
Referer: https://upnorthlive.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sbg-tag-location: Found
date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
sbgi-5: true
age: 4
sbgi-7a: 03.13.20T1242
sbg-11: 7.6.2020T1253
x-cache: HIT
sbgi-6_7: 03.13.20T1242
sbgi-19: true
sbgi-qs: section=upnorthlive.com/news/coronavirus&limit=8
sbgi-9: true
content-length: 4895
sbgi-protocol: https
sbgi-10: true
last-modified: Sat, 10 Apr 2021 00:52:05 GMT
server: ECS (sjc/4E30)
etag: d1b2f1ee-9985-11eb-a12b-0629df1e01f2
sbgi-6_6: 03.13.20T1242
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
sbgi-device: NoSmartphone
cache-control: max-age=60
sbgi-1: Production
sbgi-6_5: 03.13.20T1242
expires: Sat, 10 Apr 2021 00:54:11 GMT

GET
H2 200 more Show response
upnorthlive.com/api/rest/audience/ 79 B
448 B 164ms
163ms XHR
application/json 152.195.39.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/api/rest/audience/more?section=upnorthlive.comhttp://compulse.dailydealbuilder.com/traverse-city-wpbn/deals%20&limit=8
Requested by: Host: static-21.sinclairstoryline.com
URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (sjc/4E8C) /
Resource Hash: 7a7775f415fea31da2a36fc90e41377336c6d58d9b3e6e12654ff39637ae826e

Request headers

Accept: application/json, text/plain, */*
Referer: https://upnorthlive.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sbg-tag-location: random
date: Sat, 10 Apr 2021 00:53:11 GMT
sbgi-6_7: 03.13.20T1242
sbgi-5: true
age: 9
sbgi-7a: 03.13.20T1242
sbg-11: 7.6.2020T1253
x-cache: HIT
sbgi-19: true
sbgi-qs: section=upnorthlive.comhttp://compulse.dailydealbuilder.com/traverse-city-wpbn/deals%20&limit=8
sbgi-9: true
content-length: 79
sbgi-protocol: https
sbgi-10: true
accept-ranges: bytes
last-modified: Sat, 10 Apr 2021 00:53:02 GMT
server: ECS (sjc/4E8C)
etag: 3de3e030-f173-4ab0-93ec-21a5b12a69e7
sbgi-6_6: 03.13.20T1242
content-type: application/json
access-control-allow-origin: *
sbgi-device: NoSmartphone
cache-control: max-age=60
sbgi-1: Production
sbgi-6_5: 03.13.20T1242
expires: Sat, 10 Apr 2021 00:54:11 GMT

GET
H2 200 sbg-search-dark.svg
upnorthlive.com/resources/defaults/news_3.0/icons/ui/ 1 KB
772 B 7ms
6ms Image
image/svg+xml 152.195.39.7
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/ui/sbg-search-dark.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: 0fc5c9d54edcdcb5c94263248a92aece199f5399636afd966022f13924640bf7

Request headers

Referer: https://upnorthlive.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
sbgi-5: true
age: 92207
sbgi-13: d
sbgi-7a: 03.13.20T1242
sbg-11: 7.6.2020T1253
x-cache: HIT
sbgi-6_7: 03.13.20T1242
sbgi-9: true
content-length: 505
x-amz-id-2: jSJ/X3yFXGBHqO2u6/7JDkc7XnT8Co2h5KThwoNCemlkxYZ2vCaZ7aqgsZ6Vbrztrg4Q5c8mcI4=
sbgi-protocol: https
sbgi-10: true
last-modified: Thu, 15 Mar 2018 21:32:07 GMT
server: ECS (frb/67C2)
etag: "862efb8df1ddd592a2c16d71d54fad00+gzip"
sbgi-6_6: 03.13.20T1242
vary: Accept-Encoding
x-amz-request-id: 6601QWXSE3SYHC16
access-control-allow-origin: *
sbgi-device: NoSmartphone
cache-control: max-age=604800
x-amz-version-id: null
sbgi-1: Production
sbgi-6_5: 03.13.20T1242
content-type: image/svg+xml
expires: Sat, 17 Apr 2021 00:53:11 GMT

GET
H2 451 710259.gif
idsync.rlcdn.com/ 0
66 B 27ms
13ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/710259.gif?partner_uid=b6ee8c35-a919-4e9b-98b3-57f8c81cc16e
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=19578925&ns__t=1618015991225&ns_c=UTF-8&cv=3.5&c8=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&c7=https%3A%2F%2Fupnor...
https://sb.scorecardresearch.com/b2?c1=2&c2=19578925&ns__t=1618015991225&ns_c=UTF-8&cv=3.5&c8=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&c7=https%3A%2F%2Fupno...

0
528 B

17ms
17ms

Image
text/plain

104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=19578925&ns__t=1618015991225&ns_c=UTF-8&cv=3.5&c8=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&c7=https%3A%2F%2Fupnorthlive.com%2F%3F&c9=https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F&cs_ak_ss=1
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:11 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=19578925&ns__t=1618015991225&ns_c=UTF-8&cv=3.5&c8=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&c7=https%3A%2F%2Fupnorthlive.com%2F%3F&c9=https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F&cs_ak_ss=1
Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:11 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/d9cd2986-06c3-404c-a269-64794c4812e1/ 326 B
451 B 17ms
17ms Script
application/javascript 2606:4700::6810:4da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/d9cd2986-06c3-404c-a269-64794c4812e1/lightbox.js?cb=1618015991241
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/static/lightbox_sinclair.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1ab55a824da62adbbcda89e11372c836f1c9bb6eb9fae920b43ff8441528b514

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 717
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 63d7ff294bf497a2-FRA
cf-request-id: 095addcdcb000097a2eb27f000000001

GET
H2 200 v1.7-1745 Show response
consent.trustarc.com/asset/notice.js/v/ 70 KB
23 KB 20ms
6ms Script
text/javascript 13.225.74.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-1745
Requested by: Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=sbgi.net&c=teconsent&text=true&js=nj&noticeType=bb&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irmc=irmlink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-23.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 535e3c7d266c5878e9ebfe4acef027d54381cee300a85214f522ce4af1ea4620

Request headers

Origin: https://upnorthlive.com
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:21:40 GMT
content-encoding: gzip
age: 1891
x-cache: Hit from cloudfront
pragma: public
access-control-allow-origin: *
last-modified: Thu, 8 Apr 2021 09:56:16 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: aw6CHMwqkbuR3IJP96xJQ28bvqf1yLMrx5QtruvkNGBjIvVDsHbcJg==
expires: Mon, 10 May 2021 00:21:40 GMT

GET
H2 200 log
consent.trustarc.com/ 43 B
383 B 34ms
33ms Image
image/gif 13.225.74.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/log?domain=sbgi.net&country=de&state=&behavior=expressed&c=8af6
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-23.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 00:53:11 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: jWhFgHw-XQL1FVFNP0__P4Irz-2wZAwL2yKomjhEMHkW_mKrcA0qrw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK widget_iframe.e16c6ecf9d86005b77fc7c17beced5d8.html Show response
platform.twitter.com/widgets/ Frame 469F 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.e16c6ecf9d86005b77fc7c17beced5d8.html?origin=https%3A%2F%2Fupnorthlive.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://upnorthlive.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://upnorthlive.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 85428
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 10 Apr 2021 00:53:11 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Mon, 05 Apr 2021 23:22:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/668B)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 200 pubads_impl_2021040804.js Show response
securepubads.g.doubleclick.net/gpt/ 296 KB
104 KB 33ms
14ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 19:24:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106480
x-xss-protection: 0
expires: Sat, 10 Apr 2021 00:53:11 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
370 B 140ms
139ms XHR
text/javascript 52.85.32.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3555&u=https%3A%2F%2Fupnorthlive.com%2F%3F&pr=https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F&pid=1pu90AOZTZGd5&cb=0&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22banner_pos1_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos2_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos3_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos4_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos1_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos2_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos3_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos4_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos5_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22premium_ddb_0%22%2C%22s%22%3A%5B%221570x300%22%2C%221570x30%22%2C%22970x250%22%2C%22970x90%22%5D%7D%2C%7B%22sd%22%3A%22wallpaper_ddb_0%22%2C%22s%22%3A%5B%221x1%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-32-122.ham50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
via: 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: HAM50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://upnorthlive.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: fsnaynBPnjD_LrHQ6eNaW-P_SRR84hxBwNOxu3CR2JkBBvaFYutEYA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 50ms
16ms XHR
application/javascript 52.85.32.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-32-122.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 64086
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Fri, 09 Apr 2021 07:05:06 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 6c080b1173adbaa14122fac10a76a7c7.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: ejin99FIlUuDh_LHZiIkY35kqcLWkYHhxTGrTA1H5vGczNP7pMK_Vw==

GET
H2 200 widget_app_base_1612278999697.js Show response
sinclairstoryline.com/resources/defaults/userway/widgetapp/2021-02-02/ 77 KB
22 KB 90ms
90ms Script
application/javascript 192.229.163.105
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://sinclairstoryline.com/resources/defaults/userway/widgetapp/2021-02-02/widget_app_base_1612278999697.js
Requested by: Host: sinclairstoryline.com
URL: https://sinclairstoryline.com/resources/defaults/userway/widget.js?2021-04-05T18-26Z
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.105 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D0D) /
Resource Hash: 1a53825329f39e7b0723e96298beb500daad40964d9dfeffbeb08d73686cfcaa

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
sbgi-ssl-all: 0Min
age: 13169
x-cache: HIT
sbgi-fm-mb: NIE
content-length: 21927
x-amz-id-2: 55VAgqJEAuccvK1otusWxHWsh5HVhcMhJE+5Ki5aDuEY0HSJ3Rzz7iIU9Lvt4O5wIdKWcaAZkLk=
sbgi-bypass-cache-cookie: SPA
sbgi-t2ag: MB
last-modified: Mon, 08 Feb 2021 18:25:15 GMT
server: ECS (nyb/1D0D)
cache-control: max-age=3600
etag: "028719a81fba10cd481f5ecc4d477fa4+gzip"
vary: Accept-Encoding
x-amz-request-id: BHM6F36TFPK3J5K4
access-control-allow-origin: *
sbgi-security: StorylineApplication
x-amz-version-id: aehjJ1q64S7GP_BXmpdj_tilaAyNMxpO
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 10 Apr 2021 01:53:11 GMT

GET
H2 200 b-49c6f47-b751c7c8.js Show response
tagan.adlightning.com/sinclair/ 69 KB
23 KB 8ms
6ms Script
application/javascript 65.9.66.85

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-49c6f47-b751c7c8.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.85 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe7194ba101f7c3ec76c6367fe1c8c64add38d5c422ecc135a96fafbc897160

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 20:23:38 GMT
content-encoding: gzip
age: 361774
x-cache: Hit from cloudfront
content-length: 23075
x-amz-meta-git_commit: 49c6f47
last-modified: Mon, 05 Apr 2021 20:22:07 GMT
server: AmazonS3
etag: "4d6d0929d0c1672ca090c81f88448f1e"
x-amz-version-id: xF0d1fnd3Ds_BfIFVB1Z0Z_kkyk9Dpz9
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: TpDtbjHRBg1aFqb8MYl8X3HPbVaOZOdX-T9KvkCpMWvUFKG7gYE2hg==

GET
H2 200 bl-49c6f47-4dc853a6.js Show response
tagan.adlightning.com/sinclair/ 50 KB
16 KB 7ms
6ms Script
application/javascript 65.9.66.85

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/bl-49c6f47-4dc853a6.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.85 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d825f9395d9d9ef4ce659f3bdaf62647257cbfed59b499103ce2e11e5e31babb

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 21:03:56 GMT
content-encoding: gzip
age: 13756
x-cache: Hit from cloudfront
content-length: 16093
x-amz-meta-git_commit: 49c6f47
last-modified: Fri, 09 Apr 2021 20:46:36 GMT
server: AmazonS3
etag: "c4b7245da406428d45a01d3d9d0aca1d"
x-amz-version-id: YpRdllBAA34qpkilygaJlcLQAMZkCAdO
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: VCuczwbhCxkFdBVah1XtQFC7LiH2JLG2qABKXRAwzfdKwD5_3lvUQA==

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/d9cd2986-06c3-404c-a269-64794c4812e1/ 635 KB
127 KB 37ms
37ms Script
application/javascript 2606:4700::6810:4da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/d9cd2986-06c3-404c-a269-64794c4812e1/user.js?cb=637533257337135497
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/d9cd2986-06c3-404c-a269-64794c4812e1/lightbox.js?cb=1618015991241
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 900deb659d8e49f0613e796f4fe8b23f796b1fb4e827cc258a7f00f099a6ab50

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: L/BN/eZ+gRzFjliQK8MOzA==
age: 285217
cf-polished: origSize=1082113
last-modified: Tue, 06 Apr 2021 17:08:54 GMT
cf-request-id: 095addce19000097a2e0aae000000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 12a70886-d01e-00ac-5b0b-2b7456000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 63d7ff29cc0297a2-FRA
expires: Sun, 10 Apr 2022 00:53:11 GMT

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame A66E 5 KB
2 KB 51ms
16ms Document
text/html 52.222.179.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.179.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-179-8.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: consent-pref.trustarc.com
:scheme: https
:path: /?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upnorthlive.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://upnorthlive.com/

Response headers

content-type: text/html; charset=UTF-8
server: nginx
last-modified: Thu, 08 Apr 2021 02:56:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 09 Apr 2021 16:22:41 GMT
etag: W/"5147-1617850560000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: 754Cbpz4GzTHjO1njXzzEj0Y_TYmW_oQUXyeLrSvywvwL6MJfg7PeQ==
age: 30685

GET
H2 200 transparent.png
consent.trustarc.com/asset/ 95 B
468 B 7ms
6ms Image
image/png 13.225.74.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/asset/transparent.png
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-23.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 10 Apr 2021 00:05:10 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
last-modified: Thu, 24 May 2018 00:46:39 GMT
server: nginx
age: 2881
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
content-length: 95
x-amz-cf-id: wbBFjqnP7GoryQIbBSMzFAp_Tf2i0G8hjVxFr8dz9_UzR5GDbHu9LQ==
expires: Mon, 10 May 2021 00:05:10 GMT

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
475 B 66ms
66ms Image
image/gif 13.225.74.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=sbgi.net&behavior=expressed&country=de&language=en&rand=0.9804564233362161

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.74.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-74-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
x-amz-cf-id: cbKYgLKb47m9aN_-SL_dM4JVYsH0urM94AoxeDQ68B1N4ycWD5tDrw==
expires: Sat, 10 Apr 2021 01:53:11 GMT

GET
H2 200 trans.png
consent.trustarc.com/asset/ 923 B
1 KB 6ms
6ms Image
image/png 13.225.74.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/asset/trans.png
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-23.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 2606b91cca1f76efe9c503aaef5b7956ef6415a9403b8bbc0f5eb857d515bb05

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 10 Apr 2021 00:47:04 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
last-modified: Thu, 24 May 2018 00:46:39 GMT
server: nginx
age: 367
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
content-length: 923
x-amz-cf-id: WpGsY0CzrMoeFb1R4voVXcUSelSc2qt4rzj6M0Km4YkkG4z5To5bLA==
expires: Mon, 10 May 2021 00:47:04 GMT

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5863
x-xss-protection: 0
server: cafe
etag: 12453517290502062038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 10 Apr 2021 01:23:24 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
70 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=224697501&t=pageview&_s=1&dl=https%3A%2F%2Fupnorthlive.com%2F&dr=https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F&ul=en-us&de=UTF-8&dt=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIhAAAAAC~&jid=888132869&gjid=1955732659&cid=471698960.1618015991&tid=UA-12096981-13&_gid=1609138866.1618015991&_r=1&_slc=1&cd6=home&cd1=Unregistered&cd2=Unsubscribed&cd3=471698960.1618015991&cd4=false&cd7=standard-teaser&z=740965518

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 00:53:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://upnorthlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 469F 183 B
411 B 134ms
119ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=054f7bfabc66009cb01e93f8a11c232f31bd2aac

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.e16c6ecf9d86005b77fc7c17beced5d8.html?origin=https%3A%2F%2Fupnorthlive.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 112
date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
last-modified: Sat, 10 Apr 2021 00:53:11 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 1b566ebadc2f29ff6073735136ebee6d
strict-transport-security: max-age=631138519
content-length: 152

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-12096981-13&cid=471698960.1618015991&jid=888132869&gjid=1955732659&_gid=1609138866.1618015991&_u=aGBAAEIgAAAAAC~&z=1095020802

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 10 Apr 2021 00:53:11 GMT
content-type: text/plain
access-control-allow-origin: https://upnorthlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 18ms
18ms Stylesheet
text/css 2606:4700::6810:4da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637533257337135497
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 285215
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
cf-request-id: 095addce9c000097a2f982e000000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: ac3fb7e2-401e-0003-4f0b-2b56c6000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 63d7ff2a9c1497a2-FRA
expires: Sun, 10 Apr 2022 00:53:11 GMT

GET
H/1.1 200
OK z Show response
lightboxapi.azurewebsites.net/z9gd/43195/upnorthlive.com/jsonp/ 443 B
733 B 491ms
115ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/43195/upnorthlive.com/jsonp/z?cb=1618015991460&callback=jQuery17106447108731161806_1618015991444&_=1618015991461
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/d9cd2986-06c3-404c-a269-64794c4812e1/user.js?cb=637533257337135497
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1833036e59f595f3007bd6c8797572b435a64348a7db76e80a2f1b51d3a78edd

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 00:53:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
285 B 16ms
16ms Image
image/gif 2606:4700::6810:4da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1618015991450&h=upnorthlive.com&e=p&u=43195
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 10 Apr 2021 00:53:11 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1818309
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
cf-request-id: 095addcea8000097a2eeb38000000001
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: fea83bb3-001e-000f-6618-dbb837000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63d7ff2aac1797a2-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A66E 5 KB
2 KB 39ms
39ms Script
application/javascript 52.222.179.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-8.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: ded567f565b246426e50cdff9cea1d2854ddd6e834c2fc632f5344f968558d4a

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 02:56:18 GMT
server: nginx
x-amz-cf-pop: HAM50-C1
etag: W/"4867-1617850578000"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: wJ4D0c6qoon7RQ6Y4D35QxKqrLLoySs4yjHX00MtfrtFunokeqgLMA==
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
expires: Sat, 10 Apr 2021 00:53:10 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame A66E 20 KB
5 KB 50ms
15ms Script
text/javascript 52.222.179.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-127.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Request headers

Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Wed, 31 Mar 2021 04:44:19 GMT
content-encoding: gzip
server: nginx
age: 850132
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: HAM50-C1
timing-allow-origin: *
x-amz-cf-id: EatMc6wdecHQuR4CC-kUsWBXiH7wopCzd8Z0G5v771WETFWXX7b5BQ==
via: 1.1 b601b11612dbb318dc18b8b7062715df.cloudfront.net (CloudFront)
expires: Fri, 30 Apr 2021 04:44:19 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame A66E 3 KB
3 KB 16ms
15ms Image
image/gif 52.222.179.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.179.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-179-8.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:19:50 GMT
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 02:56:00 GMT
server: nginx
age: 52402
etag: W/"2608-1617850560000"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-length: 2608
x-xss-protection: 1; mode=block
x-amz-cf-id: r7Krhm0Ea86gjlDANcTlEfgWLxPP-dDJ2vTtZQ-ESdeteQjSO3jrjA==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-12096981-13&cid=471698960.1618015991&jid=888132869&_u=aGBAAEIgAAAAAC~&z=1847570359

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 00:53:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
15ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-12096981-13&cid=471698960.1618015991&jid=888132869&_u=aGBAAEIgAAAAAC~&z=1847570359

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 00:53:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 47ms
15ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fupnorthlive.com%2F&domain=upnorthlive.com&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://upnorthlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://upnorthlive.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1730
date: Sat, 10 Apr 2021 00:53:10 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
370 B 59ms
59ms XHR
text/javascript 52.85.32.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3555&u=https%3A%2F%2Fupnorthlive.com%2F%3F&pr=https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F&pid=1pu90AOZTZGd5&cb=1&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22banner_pos1_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos2_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos3_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22banner_pos4_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos1_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos2_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos3_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos4_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22rightrail_pos5_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22premium_ddb_0%22%2C%22s%22%3A%5B%221570x300%22%2C%221570x30%22%2C%22970x250%22%2C%22970x90%22%5D%7D%2C%7B%22sd%22%3A%22wallpaper_ddb_0%22%2C%22s%22%3A%5B%221x1%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-32-122.ham50.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
via: 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: HAM50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://upnorthlive.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 6sz69Nhz_RQ6Fs8gAbsCo1fYjJKfzDk7Y-jwoKqV3GjSGz8eK8Xbig==

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fupnorthlive.com%2F&domain=upnorthlive.com&cw=1
https://mug.criteo.com/sid?cpp=97f10nxYdXdDcDc0WEtKTC9EVDVUTDRVY2dJVXBKSTQ0WUJERFlKOENKQ1lQN21Kdi9YL3R5c25KazhyTlAvVUJCM0ZlSGs3cFFneGNrM0l6bjN3VVdmUkhXQjI0OXh2ZkJoMVErTkN2RGx6Q2REaCtQYlgxWGRYWVA1Q2...

350 B
633 B

45ms
16ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=97f10nxYdXdDcDc0WEtKTC9EVDVUTDRVY2dJVXBKSTQ0WUJERFlKOENKQ1lQN21Kdi9YL3R5c25KazhyTlAvVUJCM0ZlSGs3cFFneGNrM0l6bjN3VVdmUkhXQjI0OXh2ZkJoMVErTkN2RGx6Q2REaCtQYlgxWGRYWVA1Q250Rm43ZXBBMU5zM3hvZitWRWpDY1J3QS9mSG5BTkI2ZlF5d0trblVLQjZhSGtKNlB5UzBVd3JOWCtHdUJLbjkzZ2hLL2tFTGM5N3N5VnQzeEdiZzZHQlkzNXZIZ21RZ3ZIMFhzZk1BaTZzZjJ4cTZFZGZrPXw&cppv=2

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6dd5817d84d64a910ccbf4eec4cad7c00e948f0ba85483639e3d6d6b4282f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 10 Apr 2021 00:53:10 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2151
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 10 Apr 2021 00:53:11 GMT
location: https://mug.criteo.com/sid?cpp=97f10nxYdXdDcDc0WEtKTC9EVDVUTDRVY2dJVXBKSTQ0WUJERFlKOENKQ1lQN21Kdi9YL3R5c25KazhyTlAvVUJCM0ZlSGs3cFFneGNrM0l6bjN3VVdmUkhXQjI0OXh2ZkJoMVErTkN2RGx6Q2REaCtQYlgxWGRYWVA1Q250Rm43ZXBBMU5zM3hvZitWRWpDY1J3QS9mSG5BTkI2ZlF5d0trblVLQjZhSGtKNlB5UzBVd3JOWCtHdUJLbjkzZ2hLL2tFTGM5N3N5VnQzeEdiZzZHQlkzNXZIZ21RZ3ZIMFhzZk1BaTZzZjJ4cTZFZGZrPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://upnorthlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3773
content-length: 482
expires: 0

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
225 B 99ms
35ms XHR
text/plain 52.209.12.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.29.0&p=%5B%7B%22placement_id%22%3A%22banner_pos1_ddb_0%22%2C%22callback_id%22%3A%222fc689491a8f59%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%2C%7B%22placement_id%22%3A%22banner_pos2_ddb_0%22%2C%22callback_id%22%3A%223c05583efe5095%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%2C%7B%22placement_id%22%3A%22banner_pos3_ddb_0%22%2C%22callback_id%22%3A%22481eb937bad345%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%2C%7B%22placement_id%22%3A%22banner_pos4_ddb_0%22%2C%22callback_id%22%3A%225677a064d886c4%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%2C%7B%22placement_id%22%3A%22rightrail_pos1_ddb_0%22%2C%22callback_id%22%3A%2265639936150ea%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%2C%7B%22placement_id%22%3A%22rightrail_pos2_ddb_0%22%2C%22callback_id%22%3A%22749661af04b2ed%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%2C%7B%22placement_id%22%3A%22rightrail_pos3_ddb_0%22%2C%22callback_id%22%3A%2280170ac3c5e542%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%2C%7B%22placement_id%22%3A%22rightrail_pos4_ddb_0%22%2C%22callback_id%22%3A%229b4570bf883327%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%2C%7B%22placement_id%22%3A%22rightrail_pos5_ddb_0%22%2C%22callback_id%22%3A%221066d9f1a7fc19b%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222675509707325513893%22%7D%5D&page_url=https%3A%2F%2Fupnorthlive.com%2F%3F&bust=1618015991510&pr=https%3A%2F%2Fupnorthlive.com%2F%3F&scrd=1&dnt=false&description=WPBN%20offers%20news%2C%20sports%2C%20weather%20and%20items%20of%20local%20interest%20in%20Traverse%20City%2C%20Michigan%20and%20nearby%20towns%2C%20including%20Frankfort%2C%20Beulah%2C%20Interlochen%2C%20Kingsley%2C%20Garfield%20Township%2C%20Glen%20Arbor%2C%20Suttons%20Bay%2C%20Kalkaska%2C%20Kingsley%20and%20Manton%2C%20Michigan.&title=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.12.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-12-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://upnorthlive.com
pragma: no-cache
date: Sat, 10 Apr 2021 00:53:11 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
250 B 53ms
21ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=10400161762
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upnorthlive.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 44

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
622 B 24ms
7ms XHR
application/json 18.195.221.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.29.0&referrer=https%3A%2F%2Fupnorthlive.com%2F%3F&tmax=1200

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.195.221.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-195-221-58.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 00:53:11 GMT
x-auction-status: 12, 12, 12, 12, 12, 12, 12, 12, 12
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://upnorthlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 330 B
539 B 37ms
22ms XHR
application/json 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU34Q8WJ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-22.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fc4611877a14e1b951878b90c5f369789b44ecda5d8b3c9ae231df83432fb898

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 00:53:11 GMT
server: nginx
content-type: application/json;charset=ISO-8859-1
access-control-allow-origin: https://upnorthlive.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 330
expires: Sat, 10 Apr 2021 00:53:11 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
373 B 29ms
14ms XHR
application/json 104.108.48.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=472733&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22417db88e2abde5b%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F%22%2C%22page%22%3A%22https%3A%2F%2Fupnorthlive.com%2F%3F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A9%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A9%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22428ad750905d7dc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472733%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2243866108e21d5b9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472733%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22440ca4ae0025e01%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472733%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224535998b7eb8d1f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472733%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2246ae54eb2ed3a58%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472734%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224755f22d9c7e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472734%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224868e4f1268494a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472734%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224967771cb4c3bd3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472734%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2250cea54d826d4f8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472734%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2251a8ed6e027ed7d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472734%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2252125392e83704c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472734%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22548488ea5f57f61%22%2C%22ext%22%3A%7B%22siteID%22%3A%22472734%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.48.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-48-61.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b4dceaafa67e075e941f080e2fa84378b602fdbaba191913dfd0111eea1ca04b

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[144.76.109.30], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://upnorthlive.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 12
expires: Sat, 10 Apr 2021 00:53:11 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 1 KB
9 KB 79ms
37ms XHR
application/json 213.19.162.41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21162&site_id=303064&zone_id=1525856%3B1525856%3B1525856%3B1525856%3B1525858%3B1525858%3B1525858%3B1525858%3B1525858&size_id=2%3B2%3B2%3B2%3B15%3B15%3B15%3B15%3B15&alt_size_ids=%3B%3B%3B%3B10%3B10%3B10%3B%3B&p_pos=%3B%3B%3B%3Batf%3Batf%3Batf%3Batf%3Batf&rf=https%3A%2F%2Fupnorthlive.com%2F%3F&tg_i.aupName=WPBN%26banner_pos%26page%3Dhome%3BWPBN%26banner_pos%26page%3Dhome%3BWPBN%26banner_pos%26page%3Dhome%3BWPBN%26banner_pos%26page%3Dhome%3BWPBN%26rightrail_pos%26page%3Dhome%3BWPBN%26rightrail_pos%26page%3Dhome%3BWPBN%26rightrail_pos%26page%3Dhome%3BWPBN%26rightrail_pos%26page%3Dhome%3BWPBN%26rightrail_pos%26page%3Dhome&tg_i.dfp_ad_unit_code=4756%2FWPBN%2FWeb%2Fhome&tg_i.pbadslot=4756%2FWPBN%2FWeb%2Fhome&tk_flint=dmpbjs_v4.29.0&x_source.tid=770f4a32-240e-44ae-aa84-7e9795e225bb%3Ba74387a8-3cb0-4207-b4b5-2bb367fc8fdc%3B08c15665-841f-47b3-a5b5-f460d22aaabd%3B037b1e78-1bae-48ad-a31f-1b1f9b859668%3B61aca6fe-f377-4590-bcc3-877442b359e0%3Bc204185f-d370-44a4-a38a-cce34f82bc2e%3B28bb7fa5-742d-4d2c-acce-84d912878d08%3B4fbe1d0d-fa8f-4da1-921d-98d68ed9e8b3%3Bb7575a99-e005-482e-8b6b-644ecabb8587&p_screen_res=1600x1200&rp_secure=1&slots=9&rand=0.8364949838330555
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 484f8c448bb3aadb57ec2d3836c4471900590d84ab7670d5402e743d81877418

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:11 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://upnorthlive.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 457
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 50 B
741 B 38ms
12ms XHR
application/json 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:11 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.39:80
AN-X-Request-Uuid: 652de604-0239-4ff6-9a34-bed65f615106
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://upnorthlive.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
630 B 276ms
88ms XHR
application/json 52.21.43.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cXBL-QECOr6OoraKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-43-22.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 8d82795f917e756769f17cf910877d2fba99a8452fa30277e9c3e5448ea8a683

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upnorthlive.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
633 B 277ms
89ms XHR
application/json 52.21.43.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cXBL-QECOr6OoraKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-43-22.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 2c2ae74cd960162eb7e7ea977f36e533c9c33a56bce6a5f8398aae1b64d20c8a

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upnorthlive.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
627 B 276ms
89ms XHR
application/json 52.21.43.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cXBL-QECOr6OoraKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-43-22.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: cf397f2edeaa198aa0b9dcd6b6ecb5196e2c7d7feec2a0b582ab00167c3d16c7

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upnorthlive.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
642 B 363ms
176ms XHR
application/json 52.21.43.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cXBL-QECOr6OoraKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-43-22.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 5d6ab03b7edd684c42260cfc1d148cd5b93e3211510f76fa46a222bc710100c1

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upnorthlive.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
632 B 359ms
172ms XHR
application/json 52.21.43.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=c0L0awECOr6OoraKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-43-22.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 131f41b108db39cd46531df1395910462310f8e90ebf4b497585febad5dd0861

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upnorthlive.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
628 B 358ms
172ms XHR
application/json 52.21.43.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=c0L0awECOr6OoraKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-43-22.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: fa4d3670359e679267952d9e9c3df429eb537919387aabde80ef9de871a2e5fc

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upnorthlive.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
631 B 358ms
172ms XHR
application/json 52.21.43.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=c0L0awECOr6OoraKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-43-22.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: c578d93bd6243796ab26121da301fbed5ab6cd4732f64c655b1d61d2c3d718ca

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upnorthlive.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
639 B 275ms
89ms XHR
application/json 52.21.43.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=c0L0awECOr6OoraKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-43-22.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: d78fe450f8b2ca0f9ffe638799c566507285b1eea78c36badf86e3b656245ba7

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upnorthlive.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
630 B 359ms
173ms XHR
application/json 52.21.43.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=c0L0awECOr6OoraKlId8sQ
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-43-22.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 6fe051207d5e3a4069984f25ddd5546ef03cc0ccb60c5d13c6b8ba5609991f1b

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upnorthlive.com
access-control-allow-credentials: true

POST
H2 200 Y5xBOvHNhv Show response
api.userway.org/api/tunings/ 776 B
813 B 497ms
166ms XHR
application/json 52.13.120.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/Y5xBOvHNhv
Requested by: Host: sinclairstoryline.com
URL: https://sinclairstoryline.com/resources/defaults/userway/widgetapp/2021-02-02/widget_app_base_1612278999697.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.13.120.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-13-120-19.us-west-2.compute.amazonaws.com
Software: _ / Express
Resource Hash: 2835a99da0b9f083bc588b75a135ffc8fc5aa5eeaca1ec837cafadd821717975

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
etag: W/"308-vU/Y9MyXseLon6odlI/aJFmGjms"
server: _
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-headers: Authorization,Origin,X-Requested-With,Content-Type,Accept,Cache-Control,If-Modified-Since,Pragma,X-Auth-Language,X-Auth-Token,X-Spl-Token
expires: Sat, 10 Apr 2021 00:53:11 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 49ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 989
date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 4A62F2686478BAE800EFF19D5EB3C2E8.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame CEA3 140 KB
46 KB 17ms
17ms Document
text/html 52.222.179.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-8.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 3b416a15d3dc9e914a04ddad4ed898c67db545111ec2334b6daec8c651bdfad0

Request headers

:method: GET
:authority: consent-pref.trustarc.com
:scheme: https
:path: /defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 08 Apr 2021 10:19:49 GMT
server: nginx
etag: W/"143674-1617850578000"
last-modified: Thu, 08 Apr 2021 02:56:18 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: pL_hJLJm7xTwiWjd022ZPEkpomvG9oaYx7V91n4GjcrAJEztns7SoQ==
age: 138802

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A66E 969 B
824 B 61ms
61ms XHR
application/json 52.222.179.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.179.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-179-8.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

d4bef2d91bd01eaeba3c9d62545eb98cec13e41bfacdbf28cf1c17bc7f1a35e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 4A62F2686478BAE800EFF19D5EB3C2E8
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 465
x-xss-protection: 1; mode=block
x-amz-cf-id: vckykbe-rBEX2OV2rva9sXAY46N9GytCZrSiuXNZf5PXljhNr5AaDQ==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A66E 48 B
389 B 39ms
39ms XHR
application/json 52.222.179.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.179.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-179-8.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

4fe12fff404827bb3cc449c4c426209178b1c861ec48cdaa6858e0fe9f0f7a7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 4A62F2686478BAE800EFF19D5EB3C2E8
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
content-disposition: attachment
content-length: 48
x-xss-protection: 1; mode=block
x-amz-cf-id: Oui3MPDd4CHz1lbRvcGggQUrijxTDDVz5mJwOdhmzoWA1RjrDynqdA==

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame A66E 27 KB
7 KB 39ms
38ms Stylesheet
text/css 52.222.179.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/EuPreferenceManager.css
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-8.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 1ea22ef5cc12712e650ac15269e8e7b75904f47246ce6eb04bf0fcd42f8bed77

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 02:56:00 GMT
server: nginx
x-amz-cf-pop: HAM50-C1
etag: W/"27745-1617850560000"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: lKrn8EeFUBaTNnAdCbECaEPlfp6uEuilpjvp8gZ5jXGJK1licepK6w==
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
expires: Sat, 10 Apr 2021 00:53:10 GMT

GET
H2 200 10.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/ Frame A66E 242 KB
84 KB 17ms
17ms XHR
application/javascript 52.222.179.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/10.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-8.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 0a9073f8a864d021091181726653951f100dfcabb6d1c04d91c4fd0e74a4e35a

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 10:19:49 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 02:56:18 GMT
server: nginx
age: 138802
etag: W/"248272-1617850578000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: qpOwi-KnEvBcx_KwZ33oU2paavlY3rHB5Yy8DlyOqN1TdUGKt8xQVw==
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/ Frame A66E 19 KB
8 KB 16ms
15ms XHR
application/javascript 52.222.179.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/1.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-8.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 5f20b1d763177090f7027d3a021e2962ac5d18132e3b33f418cc873e991761de

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 10:19:49 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 02:56:18 GMT
server: nginx
age: 138802
etag: W/"19413-1617850578000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: 5ordSkxiRjiePh_YGq0lCqlUUVlp4b_yUnYABETUwvz5ewtLTFNcMg==
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame B0F7 5 KB
2 KB 290ms
96ms Document
text/html 34.198.105.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http://sbgi.net/privacy-policy&irm=undefined&from=https://consent.trustarc.com/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.105.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-105-228.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Request headers

:method: GET
:authority: prefmgr-cookie.truste-svc.net
:scheme: https
:path: /cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http://sbgi.net/privacy-policy&irm=undefined&from=https://consent.trustarc.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

date: Sat, 10 Apr 2021 00:53:12 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
etag: W/"5014-1597208285000"
last-modified: Wed, 12 Aug 2020 04:58:05 GMT
content-encoding: gzip

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A66E 627 B
636 B 39ms
39ms XHR
application/json 52.222.179.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.179.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-179-8.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

2e578b8901bc4b1b3a6aca07e22e4c843356c51b37400ae8276d1396b3eb578d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 4A62F2686478BAE800EFF19D5EB3C2E8
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 277
x-xss-protection: 1; mode=block
x-amz-cf-id: 2pqZ9Pftay7fD8wHvxfXGuvhclLECzeZfpGYh3wW5qnFcmsBvwj0rA==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A66E 13 KB
4 KB 40ms
40ms XHR
application/json 52.222.179.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.179.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-179-8.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

aecdfb202cfb299b55a857255a27871a3009a9e16d849a08698f52916870d064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 4A62F2686478BAE800EFF19D5EB3C2E8
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 4097
x-xss-protection: 1; mode=block
x-amz-cf-id: 069SlrMndaHbDSKmA2OYinZpuj2smEYutFBfh3TH7bWjyh6x3eC-YA==

GET
H2 200 get
consent.trustarc.com/ Frame A66E 3 KB
4 KB 7ms
7ms Image
image/png 13.225.74.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/get?name=trustarc-without-truste-logo-xs.png
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-23.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: a7f60c416ef0c514645c9bc69a03326657377f6678019cf7e6a8e813a6606ebb

Request headers

Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 10 Apr 2021 00:33:40 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
server: nginx
age: 1171
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
content-length: 3312
x-amz-cf-id: n6cQUgbBcMGOSpVasUdCeEp54RLXrUeU7NvSd5k5khvA5Evk5PM81Q==
expires: Mon, 10 May 2021 00:33:40 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 33ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=upnorthlive.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upnorthlive.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 167 KB
22 KB 97ms
97ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3698767973823009&correlator=1250710837300334&output=ldjh&impl=fifs&hxva=1&scor=3736958600952335&eid=31060550%2C31060770%2C21068111%2C44739387&vrg=2021040804&ptt=17&sc=1&sfv=1-0-38&ecs=20210410&iu_parts=4756%2CWPBN%2CWeb%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%2C728x90%2C728x90%2C728x90%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%2C300x250%2C1570x300%7C1570x30%7C970x250%7C970x90%2C1x1&prev_scp=pos%3D1%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D3%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D4%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D3%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D4%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D5%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3Dpremium%26video%3Dfalse%26amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=kw%3D%255Broot%255D%26path%3D%252F%26page%3Dhome&cookie_enabled=1&bc=31&abxe=1&lmt=1618015991&dt=1618015991908&dlt=1618015990784&idt=561&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=3681582998%2C1152490924%2C1662731371%2C2486512665%2C2271141650%2C671115772%2C661556255%2C3104663351%2C1825207828%2C3027385822%2C1237644005&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&ifi=1&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupnorthlive.com%2F%3F&ref=https%3A%2F%2Fupnorthlive.com.admin-eu.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=471698960.1618015991&ga_sid=1618015992&ga_hid=224697501&ga_fc=false&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

271f79f960e820927bf1c36a9e69fa9225aea2accc00db4c249ecd46cd80ccab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21561
x-xss-protection: 0
google-lineitem-id: 4685377161,4685377161,4685377161,4685377161,4685377161,4685377161,4685377161,4685377161,4685377161,4685114612,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234302876,138234256902,138234256548,138234256923,138234302939,138234302285,138234303008,138234256896,138234256524,138234255891,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upnorthlive.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
adf60b992c65a6011be0ced3d07caafa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 55ms
13ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adf60b992c65a6011be0ced3d07caafa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 32ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://upnorthlive.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 53375
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Sat, 09 Apr 2022 10:03:37 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 38ms
17ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040804&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js?31060770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c5f53aff6d441c50735e4c5602ec1ac9542b11a80ee88c629c8362cf45b821b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Apr 2021 00:53:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6582
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 10 Apr 2021 00:53:12 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7608 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upnorthlive.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://upnorthlive.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 10 Apr 2021 00:00:06 GMT
expires: Sun, 10 Apr 2022 00:00:06 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3186
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7608 14 KB
6 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 06:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 65788
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sat, 09 Apr 2022 06:36:44 GMT

GET
H2 200 4.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/ Frame A66E 39 KB
13 KB 16ms
16ms XHR
application/javascript 52.222.179.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/4A62F2686478BAE800EFF19D5EB3C2E8/4.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-8.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: b0f77080bf5e1eab5dc36b6cb1bf723099b68ed7ca000f26bd6bcf7ae23765c4

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 10:19:51 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 02:56:18 GMT
server: nginx
age: 138801
etag: W/"39569-1617850578000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: OMOpA1tSL2tef-F54eXDTcO86j8Lxa7pTFWwZF3fJmw2OigXnlfc4A==
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame A66E 3 KB
3 KB 16ms
15ms Image
image/gif 52.222.179.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.179.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-179-8.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:19:50 GMT
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 02:56:00 GMT
server: nginx
age: 52403
etag: W/"2608-1617850560000"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-length: 2608
x-xss-protection: 1; mode=block
x-amz-cf-id: 3rkGJXdeeD2VgxzynIq_vByTZp12qXCsQt7cVWNDSSeuWQBzC95hfg==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A66E 2 KB
1 KB 60ms
60ms XHR
application/json 52.222.179.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.179.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-179-8.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

537d6857eb313c9cc41ce5e1de997f18d9de59db295b4f269af05390d3d9cd87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 4A62F2686478BAE800EFF19D5EB3C2E8
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Sat, 10 Apr 2021 00:53:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 713
x-xss-protection: 1; mode=block
x-amz-cf-id: Ndcb9b5En5hxDZUtAkcfShw-v2GR6YjtDNMt_c3hPJ32C_dViLT58w==

GET
H2 200 get
consent.trustarc.com/ Frame A66E 21 KB
22 KB 7ms
6ms Image
image/svg+xml 13.225.74.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/get?name=SBG_logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-23.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 5c7356876ee608f5a196f1e886f6c01fce8fae3a9aa490992100d2e6e70cef4b

Request headers

Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 10 Apr 2021 00:17:38 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
server: nginx
age: 2134
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
content-length: 21695
x-amz-cf-id: HytGowrTdqeqAIQBa0erI32BoGZ7EGTWIFMcPdDi1Nj9grarXdkD0g==
expires: Mon, 10 May 2021 00:17:38 GMT

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame 6306 2 KB
1 KB 15ms
15ms Document
text/html 52.222.179.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http://sbgi.net/privacy-policy&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.179.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-179-8.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: consent-pref.trustarc.com
:scheme: https
:path: /cookie_inneriframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://prefmgr-cookie.truste-svc.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://prefmgr-cookie.truste-svc.net/

Response headers

content-type: text/html; charset=UTF-8
server: nginx
last-modified: Thu, 08 Apr 2021 02:56:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 09 Apr 2021 10:19:50 GMT
etag: W/"2008-1617850560000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: 78siRmTYUVH-BBWJxEqHrPNGsCUwduKnsver5GGqXU_11ubC_GEKMw==
age: 52403

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 40ms
39ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040804&jk=3698767973823009&bg=!goGlgcXNAAY56aLOOek7ACkAdvg8WmQHHvBL23KcqAz7I4kfaUyxkFpX_mRJ5x0ysYTb3DsgpzN9aAIAAACHUgAAAA1oAQcKAFXQBgORNxfyy298Pb7MzDjtinC7Z7KL_gCWCewgGYYavQ6qTwmwLFOY9ksUyIq1a8-ec5G_xcaRJhToX5dfG0jKK-9ob9p05V_cnDjkhEwf-z1ikMFQmQHV7AoBUqG9BX35C5KnRoH4g7VwZ6ceDtWuUUpK531ELk_UzTzgNAZ-tDlgw6j3TGL8aa93agrL1gnde-ABIwBORxXLJ7HWx218QyCJGmeofq7pfYOzlMeMiR5CMRLBSBRJgwX1H2EOfi_nSdwHNbDErQ_BGsX4wuykaFSnqi9N9XstmgOMjDFBFscgFvlPTkB3ewRu02Esg_w6_w_u6k_YH_E8ZGIlr3IRqnFTqtA7f5Yu8Z0hzb6pC0ywDQ3w32fgrDNT0BGa94-i7yvKqj3oNJGCn8ax05vXJAvuEOrBTvoRIpxjp4EyzUGoX7ac9T5r-4HDGCXJOZagId_CgZegelzD4vnjCWqERQ3tATa8uQBbIFyzv_hfNlO_WixCv_BtlpwTSZtA8yEnKgg6Doebue0tzoEd1BFMzHV88SMeXPxG5caDF8IdgYBnnuw2wfgAUO2aVfpDdEa6mYDxBWraWDl18-SNn1i8TrhCRlL4d4mxJolg1mfE8TmOjqmr84MepfMHQ8AZI0p2HqmeVxtfPknc7MhMckFSRxBu5fx-bO2uIRy59UYgK7meyIzchPTnwmhUlqYXa8wvTJV9zMAMLjsB7ldtZieH11egpW7WZZaoaAa97w

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 00:53:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A66E 460 KB
90 KB 94ms
94ms XHR
application/json 52.222.179.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.179.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-179-8.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

10406e8a8da92b579c175776734224be967af1ef702a321e07386dd9fbf616b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 4A62F2686478BAE800EFF19D5EB3C2E8
Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Sat, 10 Apr 2021 00:53:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 91444
x-xss-protection: 1; mode=block
x-amz-cf-id: Ih37f1RV4Acww7YidqRzsjoLKtLNU0PamXvkJeU-JGmvBIUc1hvxtQ==

GET
H2 200 loader.gif
consent-pref.trustarc.com/images/ Frame A66E 2 KB
2 KB 16ms
16ms Image
image/gif 52.222.179.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loader.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.179.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-179-8.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consent-pref.trustarc.com/?layout=gdpr&type=sinclair&site=sbgi.net&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:19:50 GMT
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 02:56:00 GMT
server: nginx
age: 52403
etag: W/"1737-1617850560000"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-length: 1737
x-xss-protection: 1; mode=block
x-amz-cf-id: j-TiMpSMmKdnP-atYZyYKFD3TCFFp9BA6qJQNmh86O4YMqK0UQEx2w==

GET
H2 200 body_wh.svg
sinclairstoryline.com/resources/defaults/userway/widgetapp/images/ 931 B
815 B 90ms
90ms Image
image/svg+xml 192.229.163.105
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinclairstoryline.com/resources/defaults/userway/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.105 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D04) /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:12 GMT
content-encoding: gzip
sbgi-ssl-all: 0Min
age: 47535
x-cache: HIT
sbgi-fm-mb: NIE
content-length: 499
x-amz-id-2: In19PNTfHsBQjIJPfcLIazfJ7B3jy95zdO8AMQ63o5WnfRHWwniHaLYA7y5l1c0qRnughX6ZlZo=
sbgi-bypass-cache-cookie: SPA
sbgi-t2ag: MB
last-modified: Mon, 08 Feb 2021 18:25:14 GMT
server: ECS (nyb/1D04)
cache-control: max-age=3600
etag: "2ec2767a3bb93656fb9b75c893d7be75+gzip"
vary: Accept-Encoding
x-amz-meta-replication-status: FAILED
x-amz-request-id: VGREXYKETT5PXHNK
access-control-allow-origin: *
sbgi-security: StorylineApplication
x-amz-version-id: nQl5sRsEJEbheL_iOJ7wYUJYmVz__yDQ
x-amz-meta-version-id: qAnohPBcCxyocXuHNNF_62TLMlyHrvhl
accept-ranges: bytes
content-type: image/svg+xml
expires: Sat, 10 Apr 2021 01:53:12 GMT

GET
H2 200 spin_wh.svg
sinclairstoryline.com/resources/defaults/userway/widgetapp/images/ 2 KB
802 B 91ms
90ms Image
image/svg+xml 192.229.163.105
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinclairstoryline.com/resources/defaults/userway/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.105 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D1F) /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:12 GMT
content-encoding: gzip
sbgi-ssl-all: 0Min
age: 47535
x-cache: HIT
sbgi-fm-mb: NIE
content-length: 568
x-amz-id-2: xU7Tb0GB0xy2IXv4wyf0xKqdQKwqV331ZrdqgRwghjQqR3PCfIlVR0rWRlkRaTtzd5tQQhU4Xg0=
sbgi-bypass-cache-cookie: SPA
sbgi-t2ag: MB
last-modified: Mon, 08 Feb 2021 18:25:15 GMT
server: ECS (nyb/1D1F)
cache-control: max-age=3600
etag: "8e0a35946bf39d10f46a1f1653366a0a+gzip"
vary: Accept-Encoding
x-amz-meta-replication-status: FAILED
x-amz-request-id: VGR6BYS6NSSBE20Q
access-control-allow-origin: *
sbgi-security: StorylineApplication
x-amz-version-id: L9ua6mJmNKU5KfZ4zE7wO9MNRc6jAUEg
x-amz-meta-version-id: 4vPru6ViciXxe4dOepcM1VHca3QQzOez
accept-ranges: bytes
content-type: image/svg+xml
expires: Sat, 10 Apr 2021 01:53:12 GMT

GET
H2

200

1-0 Show response
preferences-mgr.truste.com/token/816/ Frame 44C8
Redirect Chain

https://app.link/nai-optout?action_id=3&participant_id=816&rd=https://preferences-mgr.truste.com&nocache=0.4846240146080738
https://preferences-mgr.truste.com/token/816/1-0

550 B
783 B

17ms
16ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/816/1-0
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 117420691b3b16ce517a899de4b81d60830ae1e8e772fd4d5d1411f30892739e

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/816/1-0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Fri, 09 Apr 2021 06:02:13 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: ih9VsD8cmIjJgLjZSPKQGe5TRcCHE-0NoCrdWcW-ctTX03O1iZ-3Og==
age: 67859

Redirect headers

Content-Type: text/html; charset=utf-8
Content-Length: 140
Connection: keep-alive
Server: openresty
Date: Sat, 10 Apr 2021 00:53:12 GMT
X-Powered-By: Express
P3P: This is not a valid P3P header.
Location: https://preferences-mgr.truste.com/token/816/1-0
Vary: Accept
X-Cache: Miss from cloudfront
Via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: vEZlO0zx52DKYDS6CcjiESCMhk7K-z8q0cthgaxQhu-fxZFW-He8PA==

GET
H2

200

1-0 Show response
preferences-mgr.truste.com//token/766/ Frame 7ABF
Redirect Chain

https://beacon.lynx.cognitivlabs.com/daa/webchoices?action_id=3&participant_id=766&rd=https://preferences-mgr.truste.com/&nocache=0.41864297959787167
https://preferences-mgr.truste.com//token/766/1-0

550 B
783 B

16ms
15ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/766/1-0
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: a848963d27e6a14c1bafd1821fe96b4e3e946aca4411e02530505d9f5036a884

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: //token/766/1-0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Fri, 09 Apr 2021 05:51:52 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: rILkBcXuIquUdNYYtyNqAUDy4j3isp-Rc6wWiCtaW5W9ZFveBh3W3Q==
age: 68480

Redirect headers

date: Sat, 10 Apr 2021 00:53:12 GMT
content-length: 0
location: https://preferences-mgr.truste.com//token/766/1-0
server: Kestrel
p3p: policyref="https://cognitiv.ai/privacy-policy/"

GET
H2

200

0 Show response
preferences-mgr.truste.com/token/519/1/ Frame A90B
Redirect Chain

https://s.thebrighttag.com/api/privacy/3fLGmeU/nai?action_id=3&participant_id=519&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.8145193791572358
https://preferences-mgr.truste.com/token/519/1/0

536 B
769 B

74ms
20ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/519/1/0
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 6e60407537ae8be31f1c4776a6e6ff512a603ef7a1fabc8f6386ff2410b16d31

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/519/1/0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 536
date: Fri, 09 Apr 2021 01:59:58 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: rNyY7HUyTuk1zQHHPTohIhUJQPg1c751wHvkLmbymP3c76ZP1adjHA==
age: 82394

Redirect headers

Server: nginx
Date: Sat, 10 Apr 2021 00:53:12 GMT
Content-Length: 0
Connection: keep-alive
Location: https://preferences-mgr.truste.com/token/519/1/0
Set-Cookie: btpstkn=7gwJPu9x37vZ4gHzwn54OwAAAXi5RLvA;Version=0;Comment=;SameSite=None;Domain=.s.thebrighttag.com;Secure
X-BT-RequestId: 20673c00-9997-11eb-b516-0000ac150a10
P3P: CP=NOI DSP COR NID

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/716/1/AAAAEICgku_YOOTcwFZspu0-QINJyUx8Ln4zfLaF5VIWwZ3eavhu4SWAi7qeySSF0qPNtXhs/ Frame E434
Redirect Chain

https://analytics.twitter.com/daa/0/daa_optout_actions?action_id=3&participant_id=716&rd=https://preferences-mgr.truste.com&nocache=0.11421449788949589
https://preferences-mgr.truste.com/token/716/1/AAAAEICgku_YOOTcwFZspu0-QINJyUx8Ln4zfLaF5VIWwZ3eavhu4SWAi7qeySSF0qPNtXhs/

678 B
903 B

214ms
206ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/716/1/AAAAEICgku_YOOTcwFZspu0-QINJyUx8Ln4zfLaF5VIWwZ3eavhu4SWAi7qeySSF0qPNtXhs/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 764144e9b05f681ff2922932c02c587f104171e5757d7869f9d8ea7d568fe7d4

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/716/1/AAAAEICgku_YOOTcwFZspu0-QINJyUx8Ln4zfLaF5VIWwZ3eavhu4SWAi7qeySSF0qPNtXhs/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 678
date: Sat, 10 Apr 2021 00:53:12 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: i_juwU30m5gPDdcCQbmt6fMUtBjP7EIzA0JUhYZutvsrtEGLKvColg==

Redirect headers

cache-control: no-cache, no-store, max-age=0
content-length: 0
date: Sat, 10 Apr 2021 00:53:12 GMT
location: https://preferences-mgr.truste.com/token/716/1/AAAAEICgku_YOOTcwFZspu0-QINJyUx8Ln4zfLaF5VIWwZ3eavhu4SWAi7qeySSF0qPNtXhs/
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 50b45afbe310bec022df758d53089366
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 110
x-transaction: 0060fb59001bb4a2
x-xss-protection: 0

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/258/1/58b42ace821f6b36/ Frame 0577
Redirect Chain

https://optout.33across.com/api/?action_id=3&participant_id=258&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.06538139145014288
https://preferences-mgr.truste.com/token/258/1/58b42ace821f6b36/

566 B
791 B

142ms
141ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/258/1/58b42ace821f6b36/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: e95d15ad98d4be356d54b9f78d43fcd0c639c27d19293ce5b8f30c7ce1fb342e

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/258/1/58b42ace821f6b36/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 566
date: Sat, 10 Apr 2021 00:53:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: JJ8bMtKkZN70Kwa3fSsP10m39D8gVmRO2KYAYHmJpB6juikCnUZldA==

Redirect headers

date: Sat, 10 Apr 2021 00:53:12 GMT
server: Apache
x-powered-by: PHP/5.4.40
expires: Tue, 01 Jan 1980 1:00:00 GMT
last-modified: Sat, 10 Apr 2021 00:53:12 GMT
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
pragma: no-cache
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
set-cookie: 33x_nc_au=b83afeebf82be95b; path=/; SameSite=None; domain=33across.com; secure
location: https://preferences-mgr.truste.com/token/258/1/58b42ace821f6b36/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20
content-type: text/html; charset=UTF-8

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/488/1/58b42ace821f6b36/ Frame 464E
Redirect Chain

https://optout.tynt.com/api/?action_id=3&participant_id=488&rd=https://preferences-mgr.truste.com&nocache=0.6576183614530995
https://preferences-mgr.truste.com/token/488/1/58b42ace821f6b36/

566 B
791 B

205ms
205ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/488/1/58b42ace821f6b36/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 983e7c47781c01a8459f139d3e578ba0ac947bf6c2940b4f97f546e12b5456e9

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/488/1/58b42ace821f6b36/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 566
date: Sat, 10 Apr 2021 00:53:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: JFJSyQqhRDDXOR-7qT9OFQYqiU0i_cH3_8v-sUC_AeMKyiUDigUiAg==

Redirect headers

date: Sat, 10 Apr 2021 00:53:12 GMT
server: Apache
x-powered-by: PHP/5.4.40
expires: Tue, 01 Jan 1980 1:00:00 GMT
last-modified: Sat, 10 Apr 2021 00:53:12 GMT
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
pragma: no-cache
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
set-cookie: 33x_nc_au=b83afeebf82be95b; path=/; SameSite=None; domain=tynt.com; secure
location: https://preferences-mgr.truste.com/token/488/1/58b42ace821f6b36/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20
content-type: text/html; charset=UTF-8

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/383/1/xKWWkpwqrq/ Frame DE3D
Redirect Chain

https://acuityplatform.com/Adserver/nai?action_id=3&participant_id=383&rd=https://preferences-mgr.truste.com&nocache=0.44836625930660445
https://preferences-mgr.truste.com/token/383/1/xKWWkpwqrq/

554 B
778 B

231ms
229ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/383/1/xKWWkpwqrq/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 0f9cc9b3cae7840738dd1595147e5cc5af31706d3d639c312685e0a3762498d0

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/383/1/xKWWkpwqrq/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 554
date: Sat, 10 Apr 2021 00:53:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: _yeivz1t08hZGxTXljGVqF-ib7rr_biaFaHc9xfWXfRSz1vgEE-3aA==

Redirect headers

P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Pragma: no-cache
Location: https://preferences-mgr.truste.com/token/383/1/xKWWkpwqrq/
Content-Length: 0
Date: Sat, 10 Apr 2021 00:53:12 GMT

GET
H2

200

adelphic Show response
preferences-mgr.truste.com/token/642/1/ Frame 6195
Redirect Chain

https://my.ipredictive.com/optout/aboutads?action_id=3&participant_id=642&rd=https://preferences-mgr.truste.com&nocache=0.3188222102175231
https://preferences-mgr.truste.com/token/642/1/adelphic

550 B
774 B

16ms
15ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/642/1/adelphic
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 2fc144fae13962c0d391f4a75a0ec528c0aadd48b23acfdb0f296ffd7d339adc

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/642/1/adelphic
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Fri, 09 Apr 2021 01:43:50 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: oOcW9BUrN5INiJkGhG4hLYKw9FSJwqF2QtS-7jtZLvarheUgoYA4hQ==
age: 83363

Redirect headers

date: Sat, 10 Apr 2021 00:53:12 GMT
content-length: 0
location: https://preferences-mgr.truste.com/token/642/1/adelphic
server: Apache-Coyote/1.1
p3p: CP="NOI PSA OUR"

GET
H2

200

1 Show response
preferences-mgr.truste.com/token/768/ Frame A496
Redirect Chain

https://optout.alphonso.tv/optout_v1?action_id=3&participant_id=768&rd=https://preferences-mgr.truste.com&nocache=0.6205378461417315
https://preferences-mgr.truste.com/token/768/1

546 B
779 B

16ms
16ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/768/1
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 1b26143b592dd06b2c5f2dd1a0f15d4879ba64ba9a1eddcb7f467523f7b39e9f

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/768/1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Fri, 09 Apr 2021 04:41:50 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: XiqvvFtliqGVkuRDh5szD2_AH1axV_LEYQdmVHj35jV83N0mG_LvEg==
age: 72683

Redirect headers

X-Powered-By: Express
Access-Control-Allow-Origin: *
Vary: Origin, Accept, Accept-Encoding
Location: https://preferences-mgr.truste.com/token/768/1
Content-Type: text/html; charset=utf-8
Content-Length: 136
Date: Sat, 10 Apr 2021 00:53:13 GMT

GET
H/1.1

200
OK

master-opt-out Show response
ad.amgdgt.com/ads/ Frame 989E
Redirect Chain

https://ad.amgdgt.com/ads/nai-coop-opt-out?action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405

2 KB
2 KB

88ms
88ms

Document
text/html

52.206.115.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.115.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: e0c6b301f5981bd273ccd5790d6052d17b4d1f7e4cae2e8f64ec2a8f87b87ea3

Request headers

Host: ad.amgdgt.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://consent-pref.trustarc.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

Cache-Control: no-cache, no-store
Content-Type: text/html
Date: Sat, 10 Apr 2021 00:53:12 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: Apache-Coyote/1.1
Content-Length: 1697
Connection: keep-alive

Redirect headers

Cache-Control: no-cache, no-store
Date: Sat, 10 Apr 2021 00:53:12 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: Apache-Coyote/1.1
Content-Length: 0
Connection: keep-alive

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/713/1-2/ Frame 4520
Redirect Chain

https://r.turn.com/r/optout?action_id=3&participant_id=713&rd=https://preferences-mgr.truste.com&nocache=0.2909998417829094
https://preferences-mgr.truste.com/token/713/1-2/

550 B
783 B

65ms
18ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/713/1-2/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: d9802af64401b98446e9674c0f11b5944c2eeb0d513bf444679e7707114286ae

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/713/1-2/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Fri, 09 Apr 2021 08:30:04 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: yuNEWspm583nGPak1Y7giCPGhc-T6_MLGd9O1c1jWNjBa9fX8-KExA==
age: 58988

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
location: https://preferences-mgr.truste.com/token/713/1-2/
content-length: 0
date: Sat, 10 Apr 2021 00:53:12 GMT

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/559/1-0/153050528/ Frame 5BF3
Redirect Chain

https://apolloprogram.io/optout?action_id=3&participant_id=559&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.28212396017279096
https://preferences-mgr.truste.com/token/559/1-0/153050528/

556 B
782 B

207ms
207ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/559/1-0/153050528/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 7d67c5c27921c0861baa3d791ae92cead36ca1e13abcf0e2e0ebe9bb37499953

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/559/1-0/153050528/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 556
date: Sat, 10 Apr 2021 00:53:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: 3zv3Z6EXSc681gnOYf1hw8ESF74Dgwdx89xJpUgxgTLUngNpZAVZkg==

Redirect headers

date: Sat, 10 Apr 2021 00:53:12 GMT
content-type: text/html; charset=utf-8
content-length: 162
location: https://preferences-mgr.truste.com/token/559/1-0/153050528/
x-powered-by: Express
set-cookie: atid=153050528; Domain=.apolloprogram.io; Path=/; Expires=Sat, 10 Apr 2021 01:09:12 GMT; HttpOnly; Secure; SameSite=None
vary: Accept

GET
H2

200

0b9490d1f38e Show response
preferences-mgr.truste.com/token/574/1/ Frame 931A
Redirect Chain

https://optout.prod.bidr.io/optout?action_id=3&participant_id=574&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.4873849742633807
https://preferences-mgr.truste.com/token/574/1/0b9490d1f38e

558 B
782 B

18ms
18ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/574/1/0b9490d1f38e
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 7f0e8cd2feb2035c7f3fd212db34ce1919e1b0d9df0a258e2b4b084ad040b312

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/574/1/0b9490d1f38e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 558
date: Fri, 09 Apr 2021 14:15:59 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: GOYi79g7n6V50EewHaZHxzhlrx1qsjedSA3okKjZIlpiyilMlGyujQ==
age: 38233

Redirect headers

content-type: text/plain
Date: Sat, 10 Apr 2021 00:53:12 GMT
location: https://preferences-mgr.truste.com/token/574/1/0b9490d1f38e
p3p: We do not support P3P; our privacy policy is at https://www.beeswax.com/privacy.html
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 15
Connection: keep-alive

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/ Frame 89AE
Redirect Chain

https://ml314.com/daaoptout.ashx?action_id=3&participant_id=718&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.9929598322169366
https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/

574 B
808 B

21ms
20ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 67175599b4bdf8d3df9fa17e11d12ea2396ad2f6997a70b44e701966b930ec8f

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/718/1/dG9rZW4tYm9tYm9yYQ==/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 574
date: Fri, 09 Apr 2021 06:02:13 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: vogvWNC3wjchCDbSVqIkMw7JRdJRQs6-JZF6qUPEAzw6aPPaifx88g==
age: 67859

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Date: Sat, 10 Apr 2021 00:53:11 GMT
Expires: 0
Location: https://preferences-mgr.truste.com/token/718/1/dG9rZW4tYm9tYm9yYQ==/
P3P: CP="ALL DSP COR NID"
Pragma: no-cache
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 185
Connection: keep-alive

GET
H2

200

253614 Show response
preferences-mgr.truste.com//token/392/1/ Frame 1F0B
Redirect Chain

https://optout.crsspxl.com/opt-out.php?action_id=3&participant_id=392&rd=https://preferences-mgr.truste.com/&nocache=0.5501910891399684
https://preferences-mgr.truste.com//token/392/1/253614

546 B
771 B

16ms
15ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/392/1/253614
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: bc1f23151d099b4b2db6c4fe9b1adf9c5e81941fc4a37c00b2dd3f038de0ce6a

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: //token/392/1/253614
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Fri, 09 Apr 2021 08:25:59 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: kY7v6sivYNNxfMPSJFYDQA0uWw4Ol7HMoYhSbjeHVongxCKgLdOQhQ==
age: 59234

Redirect headers

Date: Sat, 10 Apr 2021 00:53:12 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
X-Powered-By: PHP/5.4.16
Location: https://preferences-mgr.truste.com//token/392/1/253614
Content-Length: 0
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/762/1-0/ Frame C336
Redirect Chain

https://segments.company-target.com/dnt?action_id=3&participant_id=762&rd=https://preferences-mgr.truste.com&nocache=0.3638758641323159
https://preferences-mgr.truste.com/token/762/1-0/

550 B
783 B

16ms
16ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/762/1-0/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 862dc87fba8cf3233eedca7a7b8a3f4a99659743c06233a59193251e0cc63887

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/762/1-0/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Fri, 09 Apr 2021 05:16:32 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: gFdJN9UcbcZnSgoy0513wp4rgx_fjb_MhLSQwiE0IjOPXiPWn6Rw6w==
age: 70600

Redirect headers

Content-Length: 0
Connection: keep-alive
Date: Sat, 10 Apr 2021 00:53:12 GMT
trace-id: 833dfcd0beeb6d0f
Vary: Origin
Location: https://preferences-mgr.truste.com/token/762/1-0/
X-Cache: Miss from cloudfront
Via: 1.1 c0093508e95ee3f9ebe60485284279c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC51-C1
X-Amz-Cf-Id: nr2mtrAnYzfmK3HFbNHerfuaxfBVm7VBcn4YWjlTP4-kgcxtFdoDqw==

GET
H2

200

/ Show response
preferences-mgr.truste.com//token/813/1/0/ Frame 331A
Redirect Chain

https://privacy.eyereturn.com/coop?action_id=3&participant_id=813&rd=https://preferences-mgr.truste.com/&nocache=0.19510148468161792
https://preferences-mgr.truste.com//token/813/1/0/

546 B
771 B

22ms
15ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/813/1/0/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 32e7839121081d59bd1d0d07a78011d28774c8d51facb5b29ce37d2d7554bebc

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: //token/813/1/0/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Fri, 09 Apr 2021 03:14:51 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: TR64HuLDV7W9_TBIkCxsfwSUad05l4E8VAKr1PKrNpR-WvuvOf3bxw==
age: 77901

Redirect headers

access-control-allow-headers: Origin
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 73
content-type: text/html; charset=utf-8
date: Sat, 10 Apr 2021 00:53:12 GMT
expires: 0
location: https://preferences-mgr.truste.com//token/813/1/0/
pragma: no-cache
server: EROO 1.0.1
via: 1.1 google
alt-svc: clear

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3/ Frame 24E3
Redirect Chain

https://googleads.g.doubleclick.net/ads/preferences/naioptout?action_id=3&participant_id=804&rd=https://preferences-mgr.truste.com&nocache=0.3706910843929323
https://adssettings.google.com/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3&aboutads_sess=ACi0TCgzuve7mbGA8_B-xCi-B8R...
https://adssettings.google.de/ext/nai/settoken?participant_id=804&rd=https://preferences-mgr.truste.com&token=AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3&aboutads_sess=ACi0TCgzuve7mbGA8_B-xCi-B8RH...
https://preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3/

622 B
847 B

117ms
117ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: aa7555acbd8369c3dce4727adcbe24260c9dc454062ee54de0caca399a923275

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/804/1/AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 622
date: Sat, 10 Apr 2021 00:53:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: hmJcMeP77nnIn3pBOSQWoy70KnC2xYLXzicoACImpwZtBeXvRwG1Lw==

Redirect headers

content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 Apr 2021 00:53:12 GMT
location: https://preferences-mgr.truste.com/token/804/1/AFT-j8gAAAAAYHD-AOCZS2t7yOkuILNUyiwcOCknsWL3/
cross-origin-resource-policy: same-site
content-security-policy: script-src 'report-sample' 'nonce-TExg5Ypox+msLXDncSPMBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AdsSettingsUi/cspreport;worker-src 'self' script-src 'nonce-TExg5Ypox+msLXDncSPMBQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/AdsSettingsUi/cspreport
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: aboutads_sess997262221=ACi0TCgzuve7mbGA8_B-xCi-B8RHMMBDGKwdsXLc2WRRFA4-BWRWFvCJiMU1odRc5aDoZ9Y9isoF; Path=/ext/nai/; Secure; HttpOnly; SameSite=none NID=213=IE4TKaMF2sF1nzkIm-1zOxcbr8OLtNqnVVOqrgi4P03riYEaL2s6j5gPOm6bJeCw88Hlt4iDpwUnI7DUV_tQFmtQzBcZMRFfHvxOmZ4YSMO7Lfl-HDYjnbMZT51MH2fw6N9JwkNIRGON-8A1PiKzZTW9rzhiOqH5IFVKW3GScE8; expires=Sun, 10-Oct-2021 00:53:12 GMT; path=/; domain=.google.de; Secure; HttpOnly; SameSite=none CONSENT=PENDING+010; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.de
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

/ Show response
preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/ Frame 53AA
Redirect Chain

https://ad.wsod.com/coop_api/?action_id=3&participant_id=407&rd=https://preferences-mgr.truste.com/&nocache=0.6212910339735191
https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/

546 B
780 B

16ms
16ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 2ef794e6984277c05c475b8eef5d63fefef122b5277c4ae2a642d1be51061a58

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: //token/407/1/c452458f4e50cdf9c8a1338016a6289d/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Fri, 09 Apr 2021 07:13:11 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: 5XQwkmQxYhuU1j0KAHsOGI5vxDj8yWsfzNPvf0_PzjugPKqeOh_xRA==
age: 63601

Redirect headers

Server: nginx
Date: Sat, 10 Apr 2021 00:53:13 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Set-Cookie: ub=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.wsod.com; SameSite=None; secure; httponly
Location: https://preferences-mgr.truste.com//token/407/1/c452458f4e50cdf9c8a1338016a6289d/

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/641/1/a5a11da8-73c7-44af-9dda-b51d94a0d5d8/ Frame 0E5E
Redirect Chain

https://partner.knorex.com/oba/api/aboutads?action_id=3&participant_id=641&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6506654505994021
https://preferences-mgr.truste.com/token/641/1/a5a11da8-73c7-44af-9dda-b51d94a0d5d8/

606 B
831 B

116ms
116ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/641/1/a5a11da8-73c7-44af-9dda-b51d94a0d5d8/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: bc564ae75ba1345b7bb82cc602475bc3c120e4fa797d04259fdc88de4e8de8e9

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/641/1/a5a11da8-73c7-44af-9dda-b51d94a0d5d8/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 606
date: Sat, 10 Apr 2021 00:53:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: amMd42RH5Frza2zKTyMbUKlNH9-95MpHsbvaZePGMoNavvPMr-Jipw==

Redirect headers

date: Sat, 10 Apr 2021 00:53:13 GMT
location: https://preferences-mgr.truste.com/token/641/1/a5a11da8-73c7-44af-9dda-b51d94a0d5d8/
server: nginx/1.19.9
p3p: CP="This is not a P3P policy!"
set-cookie: vertx-web.session=a5a11da8-73c7-44af-9dda-b51d94a0d5d8; Path=/ vertx-web.session=a5a11da8-73c7-44af-9dda-b51d94a0d5d8; Path=/
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/454/1/E96XQIOVFD/ Frame 2EE5
Redirect Chain

https://oba.media.net/nai.php?action_id=3&participant_id=454&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.8208618069712379
https://preferences-mgr.truste.com/token/454/1/E96XQIOVFD/

554 B
779 B

117ms
116ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/454/1/E96XQIOVFD/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 0cd2d67b020f039e7f25bb2f9af1442a4ee8911166599074e7bce94dbcef5735

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/454/1/E96XQIOVFD/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 554
date: Sat, 10 Apr 2021 00:53:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: G6yPeAhyao5_CNe73IpPv9UMh6PF6eqDYMlU75T3PU1EjEfifmFU7g==

Redirect headers

Date: Sat, 10 Apr 2021 00:53:13 GMT
Server: Apache
Strict-Transport-Security: max-age=3600;
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Set-Cookie: token=E96XQIOVFD; path=/; domain=.media.net; secure; SameSite=None
Location: https://preferences-mgr.truste.com/token/454/1/E96XQIOVFD/
Content-Length: 0
Keep-Alive: timeout=2, max=120
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Cookie set nai.php Show response
www.mathtag.com/ Frame C604 281 B
786 B 293ms
92ms Document
text/html 74.121.140.207
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.2992817425046965
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.121.140.207 Reston, United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f4c27880df39d1259644af70d534ca29ec1d19a7c3dbcc4c9764897507a2778

Request headers

Host: www.mathtag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://consent-pref.trustarc.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

Server: nginx
Date: Sat, 10 Apr 2021 00:57:55 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 238
Connection: keep-alive
Keep-Alive: timeout=360
Referrer-Policy: no-referrer-when-downgrade
Set-Cookie: PHPSESSID=fb0rnm5g5tn05v7grfm9umd5o6; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/755/3/ Frame 4C6C
Redirect Chain

https://jadserve.postrelease.com/naioptout?action_id=3&participant_id=755&rd=https://preferences-mgr.truste.com&nocache=0.6300195753410418
https://preferences-mgr.truste.com/token/755/3/

546 B
779 B

16ms
16ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/755/3/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 244c6dae6dcb45d4f8890326398b2e39628b713f4f37f327a492b5b163083d72

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/755/3/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Fri, 09 Apr 2021 05:17:05 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: iKezufWUpgPtD8ZYMqvlZFcpJgDdxfItM3R7TniueZlK1BiiWw7NdQ==
age: 70568

Redirect headers

date: Sat, 10 Apr 2021 00:53:13 GMT
content-length: 0
location: https://preferences-mgr.truste.com/token/755/3/
server: nginx/1.12.1
expires: Mon, 1 Jan 1990 12:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: opt_out=1; Domain=.postrelease.com; Expires=Fri, 10-Apr-2026 00:53:13 GMT; Path=/; Secure; SameSite=None;

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/765/1/1618015992/ Frame 63CF
Redirect Chain

https://u.openx.net/privacy/daa?action_id=3&participant_id=765&rd=https://preferences-mgr.truste.com&nocache=0.544747758019497
https://preferences-mgr.truste.com/token/765/1/1618015992/

554 B
779 B

177ms
117ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/765/1/1618015992/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 7515ae2c781acc2c7c66d80e897451ad0c9ce8c44397b1892c4e02fc53f3d290

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/765/1/1618015992/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 554
date: Sat, 10 Apr 2021 00:53:12 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: TCW7f2uj_fIEKkun0389iRhQXcCyaemBxt8p4NZ7v3W7zNlgPIK2mw==

Redirect headers

server: OXGW/16.205.50
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://preferences-mgr.truste.com/token/765/1/1618015992/
date: Sat, 10 Apr 2021 00:53:12 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK Cookie set optout.jsp Show response
apps.pubmatic.com/ Frame 3390 788 B
1 KB 655ms
162ms Document
text/html 104.36.113.45
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.pubmatic.com/optout.jsp?action_id=3&participant_id=420&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.00998808848613808
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.45 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 9821ab0c2c0ec5b01063600d74683297ce2374c280142908a947ae553b60a027

Request headers

Host: apps.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://consent-pref.trustarc.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

Date: Sat, 10 Apr 2021 00:53:13 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: route=95297fe76a241cd1103f74c315c9ed87; Max-Age=86400; Path=/; HttpOnly JSESSIONID=3DF8F0A45B5D631AED3C74B4BC57FEEE; Path=/; HttpOnly
Cache-Control: no-cache
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST
Access-Control-Allow-Headers: X-Forwarded-For, X-app123-XPTO
Content-Encoding: gzip

GET
H2

200

kZS0eEwh9qiD Show response
preferences-mgr.truste.com/token/422/1/ Frame 5305
Redirect Chain

https://bh.contextweb.com/bh/oba/aboutads/?action_id=3&participant_id=422&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.15411385081511653
https://preferences-mgr.truste.com/token/422/1/kZS0eEwh9qiD

558 B
783 B

206ms
205ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/422/1/kZS0eEwh9qiD
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: a177e8ff280682c069e01489261f08a331fcc9f64984afbaa718c8ced5a05c39

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/422/1/kZS0eEwh9qiD
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 558
date: Sat, 10 Apr 2021 00:53:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: zxFpmnnoPo_dBguv9KqJVMUSxlS88kwBhWcGA5hpOZ1nthVbb8ue9Q==

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://preferences-mgr.truste.com/token/422/1/kZS0eEwh9qiD
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=ee8068e5fdb385fa; path=/; HttpOnly; Secure; SameSite=None

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/806/1-0/O020392429351618015992768/ Frame 6936
Redirect Chain

https://pixel.quantserve.com/optout?action_id=3&participant_id=806&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6304568669858734
https://preferences-mgr.truste.com/token/806/1-0/O020392429351618015992768/

588 B
813 B

270ms
206ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/806/1-0/O020392429351618015992768/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 6c027717a0ba438f610ea737761a64fb46156625f9f4f556d625818b4465fdc9

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/806/1-0/O020392429351618015992768/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 588
date: Sat, 10 Apr 2021 00:53:12 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: pob75tZo2tGIEVLSEk8G0l62jIVZdBNX5spFfluE3D-FvWK6L8WpOA==

Redirect headers

date: Sat, 10 Apr 2021 00:53:12 GMT
content-length: 0
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://preferences-mgr.truste.com/token/806/1-0/O020392429351618015992768/
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

b5962ba7-e3c8-4b51-87f8-2abb250e00cf Show response
preferences-mgr.truste.com/token/758/1-0/ Frame C18C
Redirect Chain

https://optout.mediaforge.com/nai/mediaforge/optout?action_id=3&participant_id=758&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.7220065886007279
https://preferences-mgr.truste.com/token/758/1-0/b5962ba7-e3c8-4b51-87f8-2abb250e00cf

610 B
835 B

233ms
208ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/758/1-0/b5962ba7-e3c8-4b51-87f8-2abb250e00cf
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: a0ad02cbe5da6bc9aeed110115df7118987aca4f140364be57203c0dcf5d5430

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/758/1-0/b5962ba7-e3c8-4b51-87f8-2abb250e00cf
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 610
date: Sat, 10 Apr 2021 00:53:12 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: 08FM5t6X-3a4BPJv-NAjuvk7u8UJQuzPJknG8MVbirufDepAHrrfiw==

Redirect headers

p3p: CP="This is not a P3P policy! See http://marketing.rakuten.com/faq-privacy-policy-changes for more info."
x-robots-tag: noindex, nofollow
expires: Tue, 01 Jan 2001 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
set-cookie: mf_token=b5962ba7-e3c8-4b51-87f8-2abb250e00cf; Domain=mediaforge.com; Path=/; Secure; SameSite=None
location: https://preferences-mgr.truste.com/token/758/1-0/b5962ba7-e3c8-4b51-87f8-2abb250e00cf
content-language: en-US
content-length: 0
date: Sat, 10 Apr 2021 00:53:12 GMT
via: 1.1 google
alt-svc: clear

GET
H2

200

0 Show response
preferences-mgr.truste.com//token/497/1-0/ Frame 2D38
Redirect Chain

https://api.retargetly.com/optout?action_id=3&participant_id=497&rd=https://preferences-mgr.truste.com/&nocache=0.7375084932384992
https://api.retargetly.com/optout?action_id=3&participant_id=497&rd=https%3A%2F%2Fpreferences-mgr.truste.com%2F&nocache=0.7375084932384992&_rlid=258e9fa9-3549-47c2-9e5b-7d393bf33b3b
https://preferences-mgr.truste.com//token/497/1-0/0

550 B
774 B

16ms
15ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/497/1-0/0
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 06f4208938b42b9634fe6311c817d44aa7dcf2cbbe27c522cfa897ede47c4348

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: //token/497/1-0/0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Fri, 09 Apr 2021 07:24:40 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: 4D_rtqUZ0ifCneyH4mrGEROeJNOXMScjQXenaijWZrGnJRLOD55L0g==
age: 62913

Redirect headers

date: Sat, 10 Apr 2021 00:53:13 GMT
content-type: application/javascript
set-cookie: __cfduid=d89e5b367989159aa23358bd5df1e37251618015992; expires=Mon, 10-May-21 00:53:12 GMT; path=/; domain=.retargetly.com; HttpOnly; SameSite=Lax _rlsnc=0; domain=.retargetly.com; path=/; expires=Sat, 10 Apr 2021 00:53:13 GMT; SameSite=None; Secure
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control: no-cache
pragma: no-cache
expires: 0
location: https://preferences-mgr.truste.com//token/497/1-0/0
cf-cache-status: DYNAMIC
cf-request-id: 095addd43700001f19923e4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63d7ff3388e01f19-FRA

GET
H2

200

909786677 Show response
preferences-mgr.truste.com/token/831/1-1/ Frame 97B2
Redirect Chain

https://i.w55c.net/optout/nai?action_id=3&participant_id=831&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.31802074119693
https://preferences-mgr.truste.com/token/831/1-1/909786677

556 B
781 B

262ms
207ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/831/1-1/909786677
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 908d86d005c71e17e784289ce0fcb55196fdb3be56f89dc3732debed159d9a5b

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/831/1-1/909786677
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 556
date: Sat, 10 Apr 2021 00:53:12 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: 7Kv_vpChj-Ap0QIla0YWmI56SmHBMnwSqaXPmFA9RlI87HH-iiYu8Q==

Redirect headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html;charset=utf-8
Date: Sat, 10 Apr 2021 00:53:12 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://preferences-mgr.truste.com/token/831/1-1/909786677
P3P: policyref="http://w55c.net/w3c/p3p.xml", CP="DSP NOI COR"
Pragma: no-cache
Server: PixelTracking/v2.0.30-639-g719035a#rel-ec2-master i-013d87c18de960209@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Length: 0
Connection: keep-alive

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/835/1/42/ Frame 1F9A
Redirect Chain

https://nai.sharethis.com/?action_id=3&participant_id=835&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.9107635042222395
https://preferences-mgr.truste.com/token/835/1/42/

538 B
764 B

20ms
16ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/835/1/42/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 3975ae177459f79bf5425cf9922417e008d8e1e9238cb2fd4a79598c8d312d2b

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/835/1/42/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 538
date: Fri, 09 Apr 2021 05:29:51 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: sOSHAYYOMIhp00UW5wRYW_kk_jMv95WTVqQChPHFf7k9qvTZCvQYtw==
age: 69801

Redirect headers

Content-Length: 0
Connection: keep-alive
Server: CloudFront
Date: Sat, 10 Apr 2021 00:53:12 GMT
P3P: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
Location: https://preferences-mgr.truste.com/token/835/1/42/
X-Cache: LambdaGeneratedResponse from cloudfront
Via: 1.1 c25a7e7126dfc9a3b0a377e34949f435.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C3
X-Amz-Cf-Id: ZFrXMLYjPOjR2kc_7y2RP95G3GrqiBupauxLJKsFOQQeD1UYie8tkw==

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/729/1/dummy_token/ Frame 95F3
Redirect Chain

https://oo.rfihub.com/nai.gif?action_id=3&participant_id=729&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.7469728027786195
https://preferences-mgr.truste.com/token/729/1/dummy_token/

556 B
780 B

49ms
20ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/729/1/dummy_token/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 136a6b973440649afe68d466601288842badcc28af82900d4a276fc0a8f4739c

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/729/1/dummy_token/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 556
date: Fri, 09 Apr 2021 08:54:14 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: PViU-iRk7wgLWxO3Xh6TQK2Mz9dRM-hHp1l15itCWIELP8_KeY9cPA==
age: 57538

Redirect headers

Date: Sat, 10 Apr 2021 00:53:12 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://preferences-mgr.truste.com/token/729/1/dummy_token/
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

XloPuglJuvKJvbmS Show response
preferences-mgr.truste.com/token/604/1/ Frame 2FDA
Redirect Chain

https://pixel.sojern.com/optout/do?action_id=3&participant_id=604&rd=https://preferences-mgr.truste.com&nocache=0.16242486217168906
https://preferences-mgr.truste.com/token/604/1/XloPuglJuvKJvbmS

566 B
791 B

258ms
209ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/604/1/XloPuglJuvKJvbmS
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: eef07791a4f3f6d6fd9d45496f4f92e048b285f6fa1a062bf6fbb4d98feb76a9

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/604/1/XloPuglJuvKJvbmS
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 566
date: Sat, 10 Apr 2021 00:53:12 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: l7oSGJO6QwH8CjREVl9MpD44nhR9j1Jah7f9Nq1ry7BAzT3rcGGOag==

Redirect headers

content-type: text/html; charset=utf-8
location: https://preferences-mgr.truste.com/token/604/1/XloPuglJuvKJvbmS
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
vary: Accept-Encoding
date: Sat, 10 Apr 2021 00:53:12 GMT
content-length: 99
via: 1.1 google
alt-svc: clear

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/742/1/ Frame 8BF1
Redirect Chain

https://ap.lijit.com/cookie_opt_out?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com&nocache=0.6236276668704173
https://ap.lijit.com/check_optout_cookie?action_id=3&participant_id=742&rd=https://preferences-mgr.truste.com
https://preferences-mgr.truste.com/token/742/1/

546 B
779 B

20ms
16ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/742/1/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: a84d6b5a26df2f5550f066a6f55ffda41c871a58132a2e639c296631e687f59d

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/742/1/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Fri, 09 Apr 2021 04:39:30 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: c04RlajkLAtn6l6NXvjCCxQB--GLT6ky0ecAyQTJOZCVNFhaX61VmA==
age: 72822

Redirect headers

Server: nginx
Date: Sat, 10 Apr 2021 00:53:12 GMT
Content-Length: 0
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://preferences-mgr.truste.com/token/742/1/
X-Powered-By: raptor-daa
X-Sovrn-Pod: ad_ap2ams1

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/375/1/44ca856c-81cf-3854-8aab-9738a11eadc3/ Frame 5E89
Redirect Chain

https://optout.steelhousemedia.com/nai?action_id=3&participant_id=375&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.11865885943287324
https://preferences-mgr.truste.com/token/375/1/44ca856c-81cf-3854-8aab-9738a11eadc3/

606 B
839 B

25ms
25ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/375/1/44ca856c-81cf-3854-8aab-9738a11eadc3/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 5a49b9b20ad53280f362f2003a487fe07a4b2511087fe910af63d93de39ea3af

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/375/1/44ca856c-81cf-3854-8aab-9738a11eadc3/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 606
date: Fri, 09 Apr 2021 17:01:51 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: BTLsLtuctLjSu-Wu0Fh1h6s4nSIdQa83ARvnzwvMzGB_smVv_YqBvg==
age: 28282

Redirect headers

content-type: text/html;charset=UTF-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
location: https://preferences-mgr.truste.com/token/375/1/44ca856c-81cf-3854-8aab-9738a11eadc3/
content-length: 0
x-envoy-upstream-service-time: 1
date: Sat, 10 Apr 2021 00:53:13 GMT
server: istio-envoy
connection: close

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/428/1/4a468fed-d6fa-4f75-a6fb-7497f9da8487/ Frame 85C1
Redirect Chain

https://privacy.tapad.com/daa-coop?action_id=3&participant_id=428&rd=https://preferences-mgr.truste.com&nocache=0.87285952209917
https://preferences-mgr.truste.com/token/428/1/4a468fed-d6fa-4f75-a6fb-7497f9da8487/

606 B
831 B

205ms
204ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/428/1/4a468fed-d6fa-4f75-a6fb-7497f9da8487/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: c248492a5b3a9413082160d736e93d2d3b91e6835e98bf55936aaea3f7790d36

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/428/1/4a468fed-d6fa-4f75-a6fb-7497f9da8487/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 606
date: Sat, 10 Apr 2021 00:53:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: GBWLtbUW56GGoE3GDsxBnrRVGkCNcBdcmW2YYNj86y1ATtx8j_I89Q==

Redirect headers

location: https://preferences-mgr.truste.com/token/428/1/4a468fed-d6fa-4f75-a6fb-7497f9da8487/
strict-transport-security: max-age=31536000
content-length: 0
date: Sat, 10 Apr 2021 00:53:12 GMT
via: 1.1 google
alt-svc: clear

GET
H2

200

o8stHZzkEz Show response
preferences-mgr.truste.com/token/366/1-0/ Frame 0D96
Redirect Chain

https://pixel.rubiconproject.com/oba/optout/?action_id=3&participant_id=366&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.3363509881467939
https://preferences-mgr.truste.com/token/366/1-0/o8stHZzkEz

558 B
783 B

251ms
208ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/366/1-0/o8stHZzkEz
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: edcd3d43899d89d9a4acf9a6ec0877fc33af669a692c1861220a9b5c4b681b95

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/366/1-0/o8stHZzkEz
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 558
date: Sat, 10 Apr 2021 00:53:12 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: Yk3Bl-VLol5wWgATerf7apheLCqwoyR6DDLIFZ8908Q7YoikGsHS8g==

Redirect headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Location: https://preferences-mgr.truste.com/token/366/1-0/o8stHZzkEz
content-length: 0
set-cookie: o8stHZzkEz=1; Max-Age=3600; Expires=Sat, 10 Apr 2021 01:53:12 GMT; Path=/; Domain=.rubiconproject.com; Secure; SameSite=None

GET
H2

200

rbti Show response
preferences-mgr.truste.com/token/770/1-0/ Frame F6D9
Redirect Chain

https://optout.thrtle.com/optout?action_id=3&participant_id=770&rd=https://preferences-mgr.truste.com&nocache=0.37617324718308165
https://preferences-mgr.truste.com/token/770/1-0/rbti

546 B
772 B

117ms
117ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/770/1-0/rbti
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 355547042271a8468f9fce8d27b789371baf3dba83ce22c12dd39059c20326be

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/770/1-0/rbti
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Sat, 10 Apr 2021 00:53:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: uRQzuLPJwLe9my-cUNjtLIrSHkzyS3CclfYZHD9USArog9EUhdFA-A==

Redirect headers

date: Sat, 10 Apr 2021 00:53:13 GMT
content-type: text/html; charset=utf-8
content-length: 76
location: https://preferences-mgr.truste.com/token/770/1-0/rbti
p3p: CP="NOI OUR BUS UNI COM NAV"
strict-transport-security: max-age=63072000; includeSubDomains
server

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/ Frame B40F
Redirect Chain

https://optout-service.unrulymedia.com/opt-out?action_id=3&participant_id=783&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.6600020666555269
https://preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/

606 B
839 B

16ms
16ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: cfa76b1c4ea631c14e2bd76a3061da97e0954a6bde16f6e772bace1261f28eb7

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 606
date: Fri, 09 Apr 2021 17:22:59 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: OecDKD5YNklEQEp_2JKceAnL8ixr1w2RZ864Osp2YVIZI-GYH9gk3g==
age: 27014

Redirect headers

date: Sat, 10 Apr 2021 00:53:13 GMT
location: https://preferences-mgr.truste.com/token/783/1/ea43a90e-681b-48fe-8409-13cdc4624864/
server: nginx/1.19.6
vary: Accept-Encoding
content-length: 0

GET

daastatus.ashx
optout.mxptint.net/ Frame B95B
Redirect Chain

https://optout.mxptint.net/daaoptout.ashx?action_id=3&participant_id=540&rd=http://preferences-mgr.truste.com&nocache=0.35124559906811004
https://optout.mxptint.net/daastatus.ashx?rd=http://preferences-mgr.truste.com&participant_id=540&action_id=3

0
0

GET
H2

200

csrf Show response
preferences-mgr.truste.com/token/747/1-0/ Frame 857B
Redirect Chain

https://optout.bigsea.weborama.com/optout?action_id=3&participant_id=747&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.0033268862255300125
https://preferences-mgr.truste.com/token/747/1-0/csrf

546 B
770 B

16ms
15ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/747/1-0/csrf
Requested by: Host: upnorthlive.com.admin-eu.cas.ms
URL: https://upnorthlive.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: efec5394dfd449bbe933fad5abd3dc6991d17596494f4cd12990a8e35b33e3f9

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/747/1-0/csrf
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Fri, 09 Apr 2021 02:23:40 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: mVHmnrMcVPn-68g3IWKYjH0GqzF6bSrGDsk7cUfBUobKVotcMcgtvQ==
age: 80972

Redirect headers

Date: Sat, 10 Apr 2021 00:53:12 GMT
Location: https://preferences-mgr.truste.com/token/747/1-0/csrf
P3P: CP="This is not a valid P3P header"
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK optout.aspx
server.cpmstar.com/ Frame A66E 0
0 431ms
105ms Image
text/html 23.235.251.211
SS-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.cpmstar.com/optout.aspx?action=opt_out?test=1&nocache=0.1791948895700659
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.235.251.211 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

targetingCookieInformation.action
publisher.tradedoubler.com/public/ Frame A66E
Redirect Chain

https://publisher.tradedoubler.com/public/setBlockTargetingCookie.action?nocache=0.33375387040545257
https://publisher.tradedoubler.com/public/targetingCookieInformation.action

0
0

38ms
38ms

Image
text/html

82.196.187.199
ASN-SYSTEAM EVRY ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://publisher.tradedoubler.com/public/targetingCookieInformation.action
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.196.187.199 Sundbyberg, Sweden, ASN25473 (ASN-SYSTEAM EVRY Cloud Services, SE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Date: Sat, 10 Apr 2021 00:53:12 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain; charset=UTF-8
Location: https://publisher.tradedoubler.com/public/targetingCookieInformation.action
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
Content-Length: 20

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 45ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:12 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 11 Apr 2021 00:53:12 GMT

GET
H2 200 get
consent.trustarc.com/ Frame A66E 3 KB
4 KB 7ms
6ms Image
image/png 13.225.74.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/get?name=trustarc-without-truste-logo-xs.png
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/4A62F2686478BAE800EFF19D5EB3C2E8.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-23.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: a7f60c416ef0c514645c9bc69a03326657377f6678019cf7e6a8e813a6606ebb

Request headers

Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 10 Apr 2021 00:33:40 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
server: nginx
age: 1172
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
content-length: 3312
x-amz-cf-id: mwieBokBmcfoIUfjIwYjNvbEmaGNA1_Ev-KPvtYLQ5WBXQmkUBLjbQ==
expires: Mon, 10 May 2021 00:33:40 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 24C5 0
150 B 16ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=upnorthlive.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=upnorthlive.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upnorthlive.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://upnorthlive.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1901
date: Sat, 10 Apr 2021 00:53:12 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 40ms
15ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:12 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 11 Apr 2021 00:53:12 GMT

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/807/1-1/fb0rnm5g5tn05v7grfm9umd5o6/ Frame C604
Redirect Chain

https://pixel.mathtag.com/event/img?mt_id=888&mt_nsync&mm_bnc&redir=https%3A%2F%2Fpreferences-mgr.truste.com%2Ftoken%2F807%2F%5BNAI_OPTOUT%5D-1%2Ffb0rnm5g5tn05v7grfm9umd5o6%2F
https://preferences-mgr.truste.com/token/807/1-1/fb0rnm5g5tn05v7grfm9umd5o6/

590 B
815 B

206ms
206ms

Document
text/html

54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/807/1-1/fb0rnm5g5tn05v7grfm9umd5o6/
Requested by: Host: www.mathtag.com
URL: https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.2992817425046965
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: bd277ad6d60a7fe60598511497812870cc04813dd27687a719643b11aa0746e1

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/807/1-1/fb0rnm5g5tn05v7grfm9umd5o6/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.2992817425046965
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.mathtag.com/nai.php?action_id=3&participant_id=807&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.2992817425046965

Response headers

content-length: 590
date: Sat, 10 Apr 2021 00:53:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: YyV6Jxx_xCZSwMsHb-0H2qc2P_7L4MLYxqlCte1AD-afLVWfpoTx5A==

Redirect headers

Content-Type: image/gif
Content-Length: 0
Server: MT3 3660 495c301 master cdg-pixel-x29
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://preferences-mgr.truste.com/token/807/1-1/fb0rnm5g5tn05v7grfm9umd5o6/
Expires: Sat, 10 Apr 2021 00:54:10 GMT
Date: Sat, 10 Apr 2021 00:53:13 GMT
Connection: keep-alive

GET
H/1.1 200
OK jquery-1.11.1.min.js Show response
ad.amgdgt.com/ads/js/ Frame 989E 94 KB
94 KB 176ms
175ms Script
application/javascript 52.206.115.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.amgdgt.com/ads/js/jquery-1.11.1.min.js
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.115.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 00:53:12 GMT
Last-Modified: Wed, 30 Jan 2019 10:48:44 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 95786
Content-Type: application/javascript

GET
H/1.1 200
OK jquery.cookie.js Show response
ad.amgdgt.com/ads/js/ Frame 989E 3 KB
3 KB 262ms
88ms Script
application/javascript 52.206.115.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.amgdgt.com/ads/js/jquery.cookie.js
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.115.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b

Request headers

Referer: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 00:53:13 GMT
Last-Modified: Wed, 30 Jan 2019 10:48:44 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 3128
Content-Type: application/javascript

GET
H/1.1 200
OK optout.js Show response
ad.amgdgt.com/ads/js/ Frame 989E 22 KB
22 KB 348ms
175ms Script
application/javascript 52.206.115.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.amgdgt.com/ads/js/optout.js
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.115.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 13f5ddb50d8506f227f9ed4039d935ccbea8390f52b946c11de4f73a7dabbcc2

Request headers

Referer: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 00:53:13 GMT
Last-Modified: Wed, 30 Jan 2019 10:48:44 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 22414
Content-Type: application/javascript

GET
H/1.1 200
OK optout.js Show response
cdn.pubmatic.com/mgmt/javascripts/ Frame 3390 9 KB
4 KB 26ms
11ms Script
text/javascript 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pubmatic.com/mgmt/javascripts/optout.js

Requested by

Host: apps.pubmatic.com
URL: https://apps.pubmatic.com/optout.jsp?action_id=3&participant_id=420&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.00998808848613808

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-208-200.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

55b6f92da77357e33d80dc8799f4819168ebb769fe84e5d62580226e70179e0c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.pubmatic.com

Request headers

Referer: https://apps.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' https://*.pubmatic.com
Content-Encoding: gzip
Last-Modified: Tue, 16 Mar 2021 06:37:07 GMT
Server: Apache
ETag: "7e0375-257c-5bda1986790ba"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=172800
Date: Sat, 10 Apr 2021 00:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 3858
Expires: Sat, 10 Apr 2021 11:15:44 GMT

GET
H2 200 / Show response
preferences-mgr.truste.com/token/420/1/xETh2Cbamm36rgbcE9Z2cVWmSK7jGAh2gab6/ Frame 3390 606 B
831 B 116ms
116ms Document
text/html 54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/420/1/xETh2Cbamm36rgbcE9Z2cVWmSK7jGAh2gab6/
Requested by: Host: cdn.pubmatic.com
URL: https://cdn.pubmatic.com/mgmt/javascripts/optout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 5fdfd6687de487f1d905e9027e96976d8e64f372760701170354d763cabbfd79

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/420/1/xETh2Cbamm36rgbcE9Z2cVWmSK7jGAh2gab6/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://apps.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://apps.pubmatic.com/

Response headers

content-length: 606
date: Sat, 10 Apr 2021 00:53:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: RF6jwzez7y9XuiiwIlUeH4w4WYwmjEOcuSN0imUUu2jebw1YNDBpMQ==

GET
H2

200

transparent.gif
cdn.amgdgt.com/base/pixels/ Frame 989E
Redirect Chain

https://ad.amgdgt.com/ads/opt-out?op=check&src=MST&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D-419943423911395328%26pf%3Damg%26st%3D
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=-419943423911395328&pf=amg&st=nt
https://cdn.amgdgt.com/base/pixels/transparent.gif

43 B
401 B

14ms
14ms

Image
image/gif

2600:9000:2070:3000:10:8317:ee40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.amgdgt.com/base/pixels/transparent.gif
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2070:3000:10:8317:ee40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303

Request headers

Referer: https://ad.amgdgt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 02:48:28 GMT
via: 1.1 017544a774b4ea14958963973ae360f0.cloudfront.net (CloudFront)
last-modified: Wed, 29 Apr 2015 18:15:05 GMT
server: Apache
age: 857085
etag: "2b-514e0f55a9e7d"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=2592000
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
content-length: 43
x-amz-cf-id: kGG3OjW40jrgYX__QQPX7RSiOkxOSxaup1wy6RPeTHbXFOU3JPtNcA==
expires: Fri, 30 Apr 2021 02:48:28 GMT

Redirect headers

Date: Sat, 10 Apr 2021 00:53:13 GMT
Server: Apache-Coyote/1.1
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://cdn.amgdgt.com/base/pixels/transparent.gif
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

transparent.gif
cdn.amgdgt.com/base/pixels/ Frame 989E
Redirect Chain

https://r.turn.com/r/optout?src=amobee&type=status&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D5534732271616%26pf%3Dturn%26st%3D
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=5534732271616&pf=turn&st=t
https://cdn.amgdgt.com/base/pixels/transparent.gif

43 B
401 B

77ms
15ms

Image
image/gif

2600:9000:2070:3000:10:8317:ee40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.amgdgt.com/base/pixels/transparent.gif
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2070:3000:10:8317:ee40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303

Request headers

Referer: https://ad.amgdgt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 02:48:28 GMT
via: 1.1 017544a774b4ea14958963973ae360f0.cloudfront.net (CloudFront)
last-modified: Wed, 29 Apr 2015 18:15:05 GMT
server: Apache
age: 857085
etag: "2b-514e0f55a9e7d"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=2592000
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
content-length: 43
x-amz-cf-id: C_4y7I2OoyvlR7LpwYtgpIJjlD9PDy90L973rEStLCCzPZvrH4rqpQ==
expires: Fri, 30 Apr 2021 02:48:28 GMT

Redirect headers

Date: Sat, 10 Apr 2021 00:53:13 GMT
Server: Apache-Coyote/1.1
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://cdn.amgdgt.com/base/pixels/transparent.gif
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

transparent.gif
cdn.amgdgt.com/base/pixels/ Frame 989E
Redirect Chain

https://ingest.tidaltv.com/opt-out?op=givethestatus&r=https%3A%2F%2Fad.amgdgt.com%2Fads%2Fmaster-opt-out%3Fsrc%3DAMBP%26op%3Dreport%26tok%3D7385421516%26pf%3Dvid%26st%3D
https://ad.amgdgt.com/ads/master-opt-out?src=AMBP&op=report&tok=7385421516&pf=vid&st=nt
https://cdn.amgdgt.com/base/pixels/transparent.gif

43 B
400 B

14ms
14ms

Image
image/gif

2600:9000:2070:3000:10:8317:ee40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.amgdgt.com/base/pixels/transparent.gif
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/master-opt-out?src=NAI&action_id=3&participant_id=636&rd=https://preferences-mgr.truste.com&nocache=0.3023936162572405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2070:3000:10:8317:ee40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303

Request headers

Referer: https://ad.amgdgt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 02:48:28 GMT
via: 1.1 017544a774b4ea14958963973ae360f0.cloudfront.net (CloudFront)
last-modified: Wed, 29 Apr 2015 18:15:05 GMT
server: Apache
age: 857085
etag: "2b-514e0f55a9e7d"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=2592000
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
content-length: 43
x-amz-cf-id: 48o6wQYOZHfnemWLQictFzX10uUw8fy1LL5hGhsJzDbVcBaQu3CqKg==
expires: Fri, 30 Apr 2021 02:48:28 GMT

Redirect headers

Date: Sat, 10 Apr 2021 00:53:13 GMT
Server: Apache-Coyote/1.1
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://cdn.amgdgt.com/base/pixels/transparent.gif
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 / Show response
preferences-mgr.truste.com/token/636/2/90827426468215186874/ Frame 989E 574 B
800 B 118ms
117ms Document
text/html 54.230.183.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/636/2/90827426468215186874/
Requested by: Host: ad.amgdgt.com
URL: https://ad.amgdgt.com/ads/js/optout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-51.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 6d7bb0de80823f862ba2c4d084fe0d0706e8ff8222073fda68ad601dac340eca

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/636/2/90827426468215186874/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.amgdgt.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad.amgdgt.com/

Response headers

content-length: 574
date: Sat, 10 Apr 2021 00:53:13 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: 7TrRD8hhaoKeOBZOE2_xkEZUf88brICZPFevGNZAc6TVBuUm_CNb0A==

GET
H2 204 id Show response
id.sharedid.org/ 0
214 B 508ms
166ms XHR
text/plain 34.212.63.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.212.63.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-212-63-181.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://upnorthlive.com
pragma: no-cache
date: Sat, 10 Apr 2021 00:53:17 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

GET
H2

200

sync Show response
eb2.3lift.com/ Frame DCFB
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

6ms
6ms

Document
text/html

3.64.73.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-73-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d04a77e4520206ba58e559faa335d72053931f805d397d46c32b85e8b48dce59

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?&ld=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upnorthlive.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=2028676289241410892
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://upnorthlive.com/

Response headers

date: Sat, 10 Apr 2021 00:53:16 GMT
content-type: text/html; charset=utf-8
content-length: 477
set-cookie: sync=CgoIgQIQ-5eTyosvCgoIkQIQ-5eTyosvCgoI4gEQ-5eTyosvCgoIkgIQ-5eTyosvCgoI5gEQ-5eTyosvCgoIhwIQ-5eTyosvCgkIOhD7l5PKiy8KCQgLEPuXk8qLLwoJCF8Q-5eTyosvCgkIHxD7l5PKiy8=; Max-Age=7776000; Expires=Fri, 09 Jul 2021 00:53:16 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=2028676289241410892; Max-Age=7776000; Expires=Fri, 09 Jul 2021 00:53:16 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Sat, 10 Apr 2021 00:53:16 GMT
content-length: 0
set-cookie: tluid=2028676289241410892; Max-Age=7776000; Expires=Fri, 09 Jul 2021 00:53:16 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame FEC3 0
0 335ms
108ms Document
text/plain 208.100.17.180
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=c0L0awECOr6OoraKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.180 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip180.208-100-17.static.steadfastdns.net
Software: 33XP003 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=c0L0awECOr6OoraKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upnorthlive.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://upnorthlive.com/

Response headers

x-33x-status: 2000208
server: 33XP003
date: Sat, 10 Apr 2021 00:53:16 GMT

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame B685 0
0 334ms
109ms Document
text/plain 208.100.17.180
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cXBL-QECOr6OoraKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.180 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip180.208-100-17.static.steadfastdns.net
Software: 33XP001 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=cXBL-QECOr6OoraKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upnorthlive.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://upnorthlive.com/

Response headers

x-33x-status: 2000208
server: 33XP001
date: Sat, 10 Apr 2021 00:53:16 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2F56 281 B
554 B 21ms
6ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://upnorthlive.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://upnorthlive.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 10 Apr 2021 00:53:16 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D267 52 KB
17 KB 28ms
6ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://upnorthlive.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://upnorthlive.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 08 Apr 2021 05:51:50 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 10 Apr 2021 00:53:16 GMT
Age: 68484
X-Served-By: cache-lga21934-LGA, cache-fra19171-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 496311
X-Timer: S1618015997.926502,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 0BDC 20 KB
8 KB 16ms
14ms Document
text/html 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU34Q8WJ&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

07878f5a2df3ad656a53dea5baa59b338a4dd34df4c961b9c322490cc6688d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU34Q8WJ&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upnorthlive.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://upnorthlive.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Tue, 12 Oct 2021 00:53:16 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=127402
expires: Sun, 11 Apr 2021 12:16:38 GMT
date: Sat, 10 Apr 2021 00:53:16 GMT
content-length: 7623

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 23F6 2 KB
1 KB 22ms
6ms Document
text/html 23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://upnorthlive.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://upnorthlive.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 10 Apr 2021 00:53:16 GMT
Content-Length: 1151
Connection: keep-alive

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2F56 31 KB
10 KB 6ms
6ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 45b8bf05733006e1b2830b351901103a5beb752d6ae4f3ec30f514a089302ca3

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 00:53:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Mar 2021 23:26:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=70018
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9420
Expires: Sat, 10 Apr 2021 20:20:14 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 4B39
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

17ms
17ms

Document
text/html

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dbb3f27adfb228dd352df07465923977f49b06d0f80f282af65f7ceb474dc9e9

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YHD2-PGrZHEfrkGs5ZO5PQAA; CMPS=3226
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|39|45|4|111|8|176
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1562
Expires: Sat, 10 Apr 2021 00:53:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:16 GMT
Connection: keep-alive
Set-Cookie: CMID=YHD2-PGrZHEfrkGs5ZO5PQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 10 Apr 2022 00:53:16 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 09 Jul 2021 00:53:16 GMT CMPRO=1120;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 09 Jul 2021 00:53:16 GMT CMRUM3=b06070f6fc05a00&6f6070f6fc05a0&276070f6fc0b40&086070f6fc05a00&e66070f6fc27600&2d6070f6fc05a0&046070f6fc05a0&f16070f6fc05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 10 Apr 2022 00:53:16 GMT CMST=YHD2-GBw9vwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 11 Apr 2021 00:53:16 GMT

Redirect headers

Server: Apache
Content-Length: 338
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sat, 10 Apr 2021 00:53:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:16 GMT
Connection: keep-alive
Set-Cookie: CMID=YHD2-PGrZHEfrkGs5ZO5PQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 10 Apr 2022 00:53:16 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 09 Jul 2021 00:53:16 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DCFB 70 B
264 B 93ms
29ms Image
image/gif 54.72.59.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.59.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 00:53:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame DCFB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBWDgKiowRiGCNfaM1aZWUU&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

8ms
7ms

Image
image/gif

3.64.73.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBWDgKiowRiGCNfaM1aZWUU&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-73-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 10 Apr 2021 00:53:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBWDgKiowRiGCNfaM1aZWUU&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame DCFB
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAyODY3NjI4OTI0MTQxMDg5Mg%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAyODY3NjI4OTI0MTQxMDg5Mg%3D%3D&google_tc=

170 B
201 B

43ms
29ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAyODY3NjI4OTI0MTQxMDg5Mg%3D%3D&google_tc=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 00:53:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Apr 2021 00:53:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAyODY3NjI4OTI0MTQxMDg5Mg%3D%3D&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c.gif
c.bing.com/ Frame DCFB 42 B
444 B 51ms
31ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=2028676289241410892&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 00:53:16 GMT
etag: "506f5bd17ad71:0"
last-modified: Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref: Ref A: FA4233D7200E402088F42427645FC555 Ref B: FRAEDGE1318 Ref C: 2021-04-10T00:53:16Z
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame DCFB
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/2028676289241410892?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-e0Vm8YxE2oTcFNHAgxafn2gtWFETX7BBJZJYUz4qrw--~A&dongle=0883

37 B
352 B

7ms
7ms

Image
image/gif

3.64.73.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-e0Vm8YxE2oTcFNHAgxafn2gtWFETX7BBJZJYUz4qrw--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-73-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Sat, 10 Apr 2021 00:53:17 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-e0Vm8YxE2oTcFNHAgxafn2gtWFETX7BBJZJYUz4qrw--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame DCFB
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
https://eb2.3lift.com/xuid?mid=3335&xuid=943434866460797159&dongle=4d58&gdpr=1&gdpr_consent=

37 B
352 B

8ms
5ms

Image
image/gif

3.64.73.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=943434866460797159&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-73-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:16 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.109:80
AN-X-Request-Uuid: ab74e93f-b6f6-414a-8ffe-fabd82b28f76
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=943434866460797159&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame DCFB
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2028676289241410892
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2028676289241410892&dcc=t

0
0

91ms
91ms

Image
text/html

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2028676289241410892&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:17 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2028676289241410892&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame DCFB
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

6ms
6ms

Image
image/gif

3.64.73.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.73.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-73-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame DCFB 0
0 45ms
21ms Image
text/html 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=2028676289241410892
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame DCFB 0
0 36ms
12ms Image
text/html 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=2028676289241410892
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame D267
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
816 B

13ms
13ms

Script
text/html

185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:16 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.49:80
AN-X-Request-Uuid: 6405040b-4c85-4cbd-b6de-fa0c92b015af
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:16 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.237:80
AN-X-Request-Uuid: a90821d6-0bfd-4dc1-b10c-7e0196efc205
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 2F56 284 B
536 B 29ms
6ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 4B39
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHD2_PGrZHEfrkGs5ZO5PQAABGAAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHD2_PGrZHEfrkGs5ZO5PQAABGAAAAIB&dcc=t

43 B
433 B

91ms
90ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHD2_PGrZHEfrkGs5ZO5PQAABGAAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:17 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:17 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHD2_PGrZHEfrkGs5ZO5PQAABGAAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 4B39
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YHD2_PGrZHEfrkGs5ZO5PQAABGAAAAIB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELP6UjRE3PdkppHSQEXaD8U&google_cver=1

43 B
315 B

15ms
14ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELP6UjRE3PdkppHSQEXaD8U&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 10 Apr 2021 00:53:17 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Apr 2021 00:53:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELP6UjRE3PdkppHSQEXaD8U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 4B39 70 B
265 B 37ms
29ms Image
image/gif 54.72.59.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YHD2-PGrZHEfrkGs5ZO5PQAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.59.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 00:53:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4B39
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YHD2-PGrZHEfrkGs5ZO5PQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJhw-n1tdVmlS2Kof5j_U30&google_cver=1&gdpr=1

43 B
1021 B

12ms
11ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJhw-n1tdVmlS2Kof5j_U30&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 10 Apr 2021 00:53:17 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Apr 2021 00:53:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJhw-n1tdVmlS2Kof5j_U30&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4B39
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8900624171902418972

43 B
1 KB

18ms
12ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8900624171902418972
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 10 Apr 2021 00:53:17 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8900624171902418972
pragma: no-cache
date: Sat, 10 Apr 2021 00:53:16 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 4B39 0
331 B 57ms
17ms Image
text/plain 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 00:53:17 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4B39
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=0c305fc9-2663-4e9d-9124-27a5e538edda&expiration=1649551997

43 B
1 KB

12ms
11ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=0c305fc9-2663-4e9d-9124-27a5e538edda&expiration=1649551997
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 10 Apr 2021 00:53:17 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=0c305fc9-2663-4e9d-9124-27a5e538edda&expiration=1649551997
date: Sat, 10 Apr 2021 00:53:17 GMT
server: Kestrel
content-length: 0

GET
H2 200 113
match.deepintent.com/usersync/ Frame 4B39 0
44 B 314ms
102ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:53:16 GMT
content-length: 0
server: b

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4B39 43 B
425 B 8ms
6ms Image
image/gif 23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YHD2-PGrZHEfrkGs5ZO5PQAA%261120
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://upnorthlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 00:53:17 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "761e21-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1021
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 10 Apr 2021 01:10:18 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D267 0
745 B 14ms
14ms Script
text/html 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 00:53:17 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.184:80
AN-X-Request-Uuid: 9bc6592f-7153-4ffd-b633-f1bd08b3bf7f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: optout.mxptint.net
URL: https://optout.mxptint.net/daastatus.ashx?rd=http://preferences-mgr.truste.com&participant_id=540&action_id=3

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
prefmgr-cookie.truste-svc.net/	1970-01-19 17:26:56	Name: cookie_3rdparty Value: enabled
.upnorthlive.com/	1970-01-20 02:48:31	Name: __gads Value: ID=00c78ae8976e7356-22c935340bbb00da:T=1618015991:S=ALNI_MaRMHzllCguYZS1yzanLZ5YXkr3-Q
.upnorthlive.com/	1970-01-23 09:02:55	Name: xdibx Value: N4Ig-mBGAeDGCuAnRIBcoAOGAuBnNAjAGwEAcADAQKwCcNBNRNANCBgG6wB22hru-VMTKVa9Rizbtc3XkNaIkAGzQgAFtmwZcqAPS74GLgHtE2NUoCW7AKYA6WMYC2dgIYATJ5a4BaG.AdXXDsnXF0QViVlVXDIvEISCmo6BiYAX1YIGAxEG3Y0UHdXAE9BAG1hJLEGUioAXQzwKGg8mx5BYEasuEt3VUhSUkgAFgB2d2GfACZRqdcfYdgAMyWfSCmiAGYfTaIqOfJ3Jk33Gh9K0RThqk2QNKA__

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js(Line 1) Message: Auth0 client for: upnorthlive
console-api	log	URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js(Line 1) Message: Auth0 client for: upnorthlive
console-api	warning	URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js(Line 1) Message: Filter(s) 'top_videos_teaser' did not return data.
console-api	warning	URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js(Line 1) Message: Filter(s) 'premium_content_teaser' did not return data.
console-api	warning	URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js(Line 1) Message: Filter(s) 'teaser_4' did not return data.
console-api	error	URL: https://static-21.sinclairstoryline.com/resources/assets/2021-04-05T18-26Z/upnorthlive/compiled_js/presentations-home_v1.min.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js(Line 6) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	warning	URL: https://ads.rubiconproject.com/prebid/21162_WLOS_WPMI_Sinclair_DM.js(Line 6) Message: fun-hooks: referenced 'adpod' but it was never created
console-api	log	URL: https://sinclairstoryline.com/resources/defaults/userway/widget.js?2021-04-05T18-26Z(Line 1) Message: Loading for: https://upnorthlive.com

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
acuityplatform.com
ad.amgdgt.com
ad.turn.com
ad.wsod.com
adf60b992c65a6011be0ced3d07caafa.safeframe.googlesyndication.com
ads.rubiconproject.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
adssettings.google.com
adssettings.google.de
analytics.twitter.com
ap.lijit.com
api.retargetly.com
api.userway.org
apolloprogram.io
app.link
apps.pubmatic.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cdn.amgdgt.com
cdn.pubmatic.com
cm.g.doubleclick.net
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
contextual.media.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
i.w55c.net
ib.adnxs.com
id.sharedid.org
idsync.rlcdn.com
ingest.tidaltv.com
jadserve.postrelease.com
js-sec.indexww.com
lightboxapi.azurewebsites.net
match.adsrvr.org
match.deepintent.com
mcasproxy.azureedge.net
ml314.com
mug.criteo.com
my.ipredictive.com
nai.sharethis.com
oba.media.net
oo.rfihub.com
optout-service.unrulymedia.com
optout.33across.com
optout.alphonso.tv
optout.bigsea.weborama.com
optout.crsspxl.com
optout.mediaforge.com
optout.mxptint.net
optout.prod.bidr.io
optout.steelhousemedia.com
optout.thrtle.com
optout.tynt.com
pagead2.googlesyndication.com
partner.knorex.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sojern.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid.media.net
preferences-mgr.truste.com
prefmgr-cookie.truste-svc.net
privacy.eyereturn.com
privacy.tapad.com
publisher.tradedoubler.com
r.turn.com
s.amazon-adsystem.com
s.thebrighttag.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
segments.company-target.com
server.cpmstar.com
sinclairstoryline.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static-14.sinclairstoryline.com
static-17.sinclairstoryline.com
static-20.sinclairstoryline.com
static-21.sinclairstoryline.com
static-22.sinclairstoryline.com
static.criteo.net
stats.g.doubleclick.net
syndication.twitter.com
tagan.adlightning.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
upnorthlive.com
upnorthlive.com.admin-eu.cas.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lightboxcdn.com
www.mathtag.com
optout.mxptint.net
104.108.48.61
104.111.230.142
104.111.238.139
104.244.42.67
104.244.42.72
104.36.113.45
107.178.244.119
107.178.246.49
13.225.74.23
13.227.156.67
142.250.185.162
151.101.129.108
152.195.39.15
152.195.39.7
154.59.122.74
169.197.150.7
178.250.0.157
178.250.0.165
18.159.182.76
18.195.221.58
184.30.20.207
184.30.212.16
184.30.24.22
185.33.223.178
192.229.163.105
193.0.160.128
198.148.27.139
199.127.206.102
20.40.202.0
208.100.17.172
208.100.17.180
208.100.17.190
209.234.224.20
209.240.97.247
213.19.162.41
216.58.212.162
23.218.208.200
23.218.208.246
23.235.251.211
2600:9000:2070:3000:10:8317:ee40:93a1
2600:9000:2070:e00:f:805c:9d00:93a1
2600:9000:214f:a600:19:9934:6a80:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:108d
2606:4700::6810:4da5
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:400c:c0b::9a
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:64::210:6bb9
2a05:d018:24:b002:ebbe:4057:3491:6f67
3.212.101.34
3.212.71.107
3.64.73.215
34.198.105.228
34.212.63.181
34.247.104.176
34.98.64.218
35.201.113.59
35.241.54.71
35.244.174.68
37.157.4.28
46.137.100.162
46.228.164.11
51.137.137.121
52.13.120.19
52.206.115.27
52.209.12.92
52.209.235.181
52.21.43.22
52.222.179.127
52.222.179.8
52.27.71.113
52.3.51.165
52.85.32.122
54.174.195.234
54.191.67.155
54.229.183.250
54.230.183.51
54.67.80.248
54.72.59.228
54.86.128.41
65.9.66.85
66.81.204.42
69.173.144.138
69.173.144.139
70.42.32.191
72.21.206.140
72.251.249.13
74.121.140.207
82.196.187.199
0377374a761dcbc940ce09a8bddca342bf82ab59aa7e03dd290f2db39a4132ac
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f4208938b42b9634fe6311c817d44aa7dcf2cbbe27c522cfa897ede47c4348
07878f5a2df3ad656a53dea5baa59b338a4dd34df4c961b9c322490cc6688d2f
0a9073f8a864d021091181726653951f100dfcabb6d1c04d91c4fd0e74a4e35a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0cd2d67b020f039e7f25bb2f9af1442a4ee8911166599074e7bce94dbcef5735
0f9cc9b3cae7840738dd1595147e5cc5af31706d3d639c312685e0a3762498d0
0fc5c9d54edcdcb5c94263248a92aece199f5399636afd966022f13924640bf7
10406e8a8da92b579c175776734224be967af1ef702a321e07386dd9fbf616b8
117420691b3b16ce517a899de4b81d60830ae1e8e772fd4d5d1411f30892739e
131f41b108db39cd46531df1395910462310f8e90ebf4b497585febad5dd0861
136a6b973440649afe68d466601288842badcc28af82900d4a276fc0a8f4739c
13f5ddb50d8506f227f9ed4039d935ccbea8390f52b946c11de4f73a7dabbcc2
1666b41d1d6fb7ba772113768f30b4b59a7494633f656ff4b12fe2a410c6c9ee
1833036e59f595f3007bd6c8797572b435a64348a7db76e80a2f1b51d3a78edd
1a53825329f39e7b0723e96298beb500daad40964d9dfeffbeb08d73686cfcaa
1ab55a824da62adbbcda89e11372c836f1c9bb6eb9fae920b43ff8441528b514
1b26143b592dd06b2c5f2dd1a0f15d4879ba64ba9a1eddcb7f467523f7b39e9f
1ea22ef5cc12712e650ac15269e8e7b75904f47246ce6eb04bf0fcd42f8bed77
244c6dae6dcb45d4f8890326398b2e39628b713f4f37f327a492b5b163083d72
2606b91cca1f76efe9c503aaef5b7956ef6415a9403b8bbc0f5eb857d515bb05
271f79f960e820927bf1c36a9e69fa9225aea2accc00db4c249ecd46cd80ccab
2835a99da0b9f083bc588b75a135ffc8fc5aa5eeaca1ec837cafadd821717975
2c2ae74cd960162eb7e7ea977f36e533c9c33a56bce6a5f8398aae1b64d20c8a
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9
2e578b8901bc4b1b3a6aca07e22e4c843356c51b37400ae8276d1396b3eb578d
2ef50a13371119fd9955296ba0de5395196888719ea9b2954817329b4f4bf66e
2ef794e6984277c05c475b8eef5d63fefef122b5277c4ae2a642d1be51061a58
2fc144fae13962c0d391f4a75a0ec528c0aadd48b23acfdb0f296ffd7d339adc
32e7839121081d59bd1d0d07a78011d28774c8d51facb5b29ce37d2d7554bebc
355547042271a8468f9fce8d27b789371baf3dba83ce22c12dd39059c20326be
3975ae177459f79bf5425cf9922417e008d8e1e9238cb2fd4a79598c8d312d2b
3b416a15d3dc9e914a04ddad4ed898c67db545111ec2334b6daec8c651bdfad0
3c5f53aff6d441c50735e4c5602ec1ac9542b11a80ee88c629c8362cf45b821b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44db3e0e87a37f05946e03c556f652a6bd2b278865b79205df01642427bf3700
45b8bf05733006e1b2830b351901103a5beb752d6ae4f3ec30f514a089302ca3
4804eeb4c4abffc4e7e36b96935ccb9e3ea97651dfbf522589e5c85be933f4e8
484f8c448bb3aadb57ec2d3836c4471900590d84ab7670d5402e743d81877418
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b2c7b26bc96741ad437b155a08a1c9041f449315adbce690dc7389b406fd896
4de849272e972f7e1c1e63a27b30431024b425886fc348b69dc7ce13f354fde0
4fe12fff404827bb3cc449c4c426209178b1c861ec48cdaa6858e0fe9f0f7a7d
535e3c7d266c5878e9ebfe4acef027d54381cee300a85214f522ce4af1ea4620
537d6857eb313c9cc41ce5e1de997f18d9de59db295b4f269af05390d3d9cd87
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55b6f92da77357e33d80dc8799f4819168ebb769fe84e5d62580226e70179e0c
59e99e604fc499733fd4dc9d7a2892de11f995834ddd3a9141c968f71f5ecf5e
5a49b9b20ad53280f362f2003a487fe07a4b2511087fe910af63d93de39ea3af
5c7356876ee608f5a196f1e886f6c01fce8fae3a9aa490992100d2e6e70cef4b
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5d6ab03b7edd684c42260cfc1d148cd5b93e3211510f76fa46a222bc710100c1
5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b
5f20b1d763177090f7027d3a021e2962ac5d18132e3b33f418cc873e991761de
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
5fdfd6687de487f1d905e9027e96976d8e64f372760701170354d763cabbfd79
67175599b4bdf8d3df9fa17e11d12ea2396ad2f6997a70b44e701966b930ec8f
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6c027717a0ba438f610ea737761a64fb46156625f9f4f556d625818b4465fdc9
6d7bb0de80823f862ba2c4d084fe0d0706e8ff8222073fda68ad601dac340eca
6dd5817d84d64a910ccbf4eec4cad7c00e948f0ba85483639e3d6d6b4282f992
6e60407537ae8be31f1c4776a6e6ff512a603ef7a1fabc8f6386ff2410b16d31
6fe051207d5e3a4069984f25ddd5546ef03cc0ccb60c5d13c6b8ba5609991f1b
6fe7194ba101f7c3ec76c6367fe1c8c64add38d5c422ecc135a96fafbc897160
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
747bc8ae0549fa92f0014a533d517ba9c0019a02b90a50617450fcf409d2e2d7
7515ae2c781acc2c7c66d80e897451ad0c9ce8c44397b1892c4e02fc53f3d290
764144e9b05f681ff2922932c02c587f104171e5757d7869f9d8ea7d568fe7d4
7a7775f415fea31da2a36fc90e41377336c6d58d9b3e6e12654ff39637ae826e
7d67c5c27921c0861baa3d791ae92cead36ca1e13abcf0e2e0ebe9bb37499953
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f0e8cd2feb2035c7f3fd212db34ce1919e1b0d9df0a258e2b4b084ad040b312
7f48469648e59b2f575ad2ae883c9627e1956540594edc21aacf991f85d84bd3
8140ad7808211f9a5a88486ee37093f52e4358c6160d794cda8628611a9547a7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862dc87fba8cf3233eedca7a7b8a3f4a99659743c06233a59193251e0cc63887
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d82795f917e756769f17cf910877d2fba99a8452fa30277e9c3e5448ea8a683
8f4c27880df39d1259644af70d534ca29ec1d19a7c3dbcc4c9764897507a2778
8ff62030ec15826d5df76673030a7722e255ccd09fe2de0fb04c5018f5e02689
900deb659d8e49f0613e796f4fe8b23f796b1fb4e827cc258a7f00f099a6ab50
908d86d005c71e17e784289ce0fcb55196fdb3be56f89dc3732debed159d9a5b
929ad20bec867ac8b707cab1390cd2af02c4dde55d0967a6050ccddc29c696fa
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
952c883ee56edb4c06f0d9b857fb33ce5bb06f7afb5406f5981be30a1c1f7303
9821ab0c2c0ec5b01063600d74683297ce2374c280142908a947ae553b60a027
983e7c47781c01a8459f139d3e578ba0ac947bf6c2940b4f97f546e12b5456e9
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b0d17e305184462011635445935a531dc59d96d27365188bf15122252ef6c30
9b78db6cb4331fe0399147b9c80d6803519842f96c929e6fb0b0ef6a3f11a6ed
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9d70c582c2d363673895b9ecaca7073d1551922cec23e54741c2aac192180c7d
a0ad02cbe5da6bc9aeed110115df7118987aca4f140364be57203c0dcf5d5430
a177e8ff280682c069e01489261f08a331fcc9f64984afbaa718c8ced5a05c39
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a55b1cbb17117e8456b5637969d4d6d7ede32d26e4abbce0afcb08476eba2028
a7f60c416ef0c514645c9bc69a03326657377f6678019cf7e6a8e813a6606ebb
a848963d27e6a14c1bafd1821fe96b4e3e946aca4411e02530505d9f5036a884
a84d6b5a26df2f5550f066a6f55ffda41c871a58132a2e639c296631e687f59d
a8887f5de93bb873789859f8f687910c0d1507c6d6ced9a7ae9ebde454c16e40
aa7555acbd8369c3dce4727adcbe24260c9dc454062ee54de0caca399a923275
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aecdfb202cfb299b55a857255a27871a3009a9e16d849a08698f52916870d064
b0f77080bf5e1eab5dc36b6cb1bf723099b68ed7ca000f26bd6bcf7ae23765c4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726
b4dceaafa67e075e941f080e2fa84378b602fdbaba191913dfd0111eea1ca04b
b686e3e2a293833a4692aabe20e2e61115fafc0a4df592641e07d0eefb64f484
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc1f23151d099b4b2db6c4fe9b1adf9c5e81941fc4a37c00b2dd3f038de0ce6a
bc564ae75ba1345b7bb82cc602475bc3c120e4fa797d04259fdc88de4e8de8e9
bd277ad6d60a7fe60598511497812870cc04813dd27687a719643b11aa0746e1
bd2b00335c6b8119de2825b310cbc2fbebb2db78ce8fa0df327befc183c453a4
be5b8c67c012c59243ec6a8975702e7eb6dce00b045b29a0f0e70dce8c969ec0
bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c248492a5b3a9413082160d736e93d2d3b91e6835e98bf55936aaea3f7790d36
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c578d93bd6243796ab26121da301fbed5ab6cd4732f64c655b1d61d2c3d718ca
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf397f2edeaa198aa0b9dcd6b6ecb5196e2c7d7feec2a0b582ab00167c3d16c7
cfa76b1c4ea631c14e2bd76a3061da97e0954a6bde16f6e772bace1261f28eb7
d04a77e4520206ba58e559faa335d72053931f805d397d46c32b85e8b48dce59
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c
d271475996f1116e769492318370e47c2c3bd8b31f76af2bab2398a443025012
d4bef2d91bd01eaeba3c9d62545eb98cec13e41bfacdbf28cf1c17bc7f1a35e4
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
d78fe450f8b2ca0f9ffe638799c566507285b1eea78c36badf86e3b656245ba7
d825f9395d9d9ef4ce659f3bdaf62647257cbfed59b499103ce2e11e5e31babb
d9802af64401b98446e9674c0f11b5944c2eeb0d513bf444679e7707114286ae
dbb3f27adfb228dd352df07465923977f49b06d0f80f282af65f7ceb474dc9e9
ded567f565b246426e50cdff9cea1d2854ddd6e834c2fc632f5344f968558d4a
e0c6b301f5981bd273ccd5790d6052d17b4d1f7e4cae2e8f64ec2a8f87b87ea3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
e95d15ad98d4be356d54b9f78d43fcd0c639c27d19293ce5b8f30c7ce1fb342e
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
edcd3d43899d89d9a4acf9a6ec0877fc33af669a692c1861220a9b5c4b681b95
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
eef07791a4f3f6d6fd9d45496f4f92e048b285f6fa1a062bf6fbb4d98feb76a9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efec5394dfd449bbe933fad5abd3dc6991d17596494f4cd12990a8e35b33e3f9
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f5a36ac4a5dd24ed420fe399ad8ac785f6d324f02751214530ba131f1a2b9c45
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fa4d3670359e679267952d9e9c3df429eb537919387aabde80ef9de871a2e5fc
fc4611877a14e1b951878b90c5f369789b44ecda5d8b3c9ae231df83432fb898

upnorthlive.com Open in urlscan Pro 152.195.39.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

200 Requests

99 %HTTPS

27 %IPv6

80 Domains

117 Subdomains

66 IPs

10 Countries

2464 kBTransfer

6953 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

upnorthlive.com Open in urlscan Pro
152.195.39.7 Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

99 %
HTTPS

27 %
IPv6

80
Domains

117
Subdomains

66
IPs

10
Countries

2464 kB
Transfer

6953 kB
Size

3
Cookies

200 HTTP transactions
0 data transactions