www.postfun.com Open in urlscan Pro
104.92.81.94 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-m...
Submission: On December 07 via manual (December 7th 2021, 2:49:12 am UTC) from US — Scanned from DE

Summary HTTP 235 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 64 IPs in 12 countries across 63 domains to perform 235 HTTP transactions. The main IP is 104.92.81.94, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.postfun.com.
TLS certificate: Issued by R3 on December 3rd 2021. Valid for: 3 months.

This is the only time www.postfun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
61	104.92.81.94 104.92.81.94	16625 (AKAMAI-AS) (AKAMAI-AS)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	18.66.248.14 18.66.248.14	16509 (AMAZON-02) (AMAZON-02)
1 4	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
5	2600:9000:211... 2600:9000:211e:1c00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.35.253.75 13.35.253.75	16509 (AMAZON-02) (AMAZON-02)
2 3	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	13.32.29.201 13.32.29.201	16509 (AMAZON-02) (AMAZON-02)
1 3	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
5	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	34.197.208.127 34.197.208.127	14618 (AMAZON-AES) (AMAZON-AES)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
2 3	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2.21.111.28 2.21.111.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.28.162.206 52.28.162.206	16509 (AMAZON-02) (AMAZON-02)
2	18.197.121.240 18.197.121.240	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
1	2600:9000:231... 2600:9000:2315:4800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:8c00:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.35.253.10 13.35.253.10	16509 (AMAZON-02) (AMAZON-02)
1	52.217.85.16 52.217.85.16	16509 (AMAZON-02) (AMAZON-02)
11	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
12	34.243.93.43 34.243.93.43	16509 (AMAZON-02) (AMAZON-02)
1	44.238.136.108 44.238.136.108	16509 (AMAZON-02) (AMAZON-02)
1 27	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	54.187.25.111 54.187.25.111	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1 8	34.211.237.159 34.211.237.159	16509 (AMAZON-02) (AMAZON-02)
5 7	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 20	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
12 15	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
5 5	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
6 6	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1	52.89.213.37 52.89.213.37	16509 (AMAZON-02) (AMAZON-02)
1 6	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 7	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
5	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	2606:4700:10:... 2606:4700:10::6816:72d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	18.194.4.47 18.194.4.47	16509 (AMAZON-02) (AMAZON-02)
1 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2 2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
5 6	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2620:119:50e7... 2620:119:50e7:101::9002:e05	14413 (LINKEDIN) (LINKEDIN)
1 2	2a05:d018:d29... 2a05:d018:d29:3605:60e0:c53a:cd30:7167	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 1	64.74.236.63 64.74.236.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	213.155.156.169 213.155.156.169	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
3 3	52.215.68.151 52.215.68.151	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.114 185.86.139.114	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	23.88.75.189 23.88.75.189	24940 (HETZNER-AS) (HETZNER-AS)
1 1	52.200.181.105 52.200.181.105	14618 (AMAZON-AES) (AMAZON-AES)
1 1	188.165.4.142 188.165.4.142	16276 (OVH) (OVH)
1	72.251.241.196 72.251.241.196	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
2	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	51.210.112.236 51.210.112.236	16276 (OVH) (OVH)
2 2	52.19.22.209 52.19.22.209	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.50.137.182 169.50.137.182	36351 (SOFTLAYER) (SOFTLAYER)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.102.253.54 34.102.253.54	15169 (GOOGLE) (GOOGLE)
1	54.194.104.251 54.194.104.251	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.81 185.64.190.81	() ()
235	64

61 104.92.81.94 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-81-94.deploy.static.akamaitechnologies.com

www.postfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-14.dus51.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.193.44 (United States) 1 redirects

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:211e:1c00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-75.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:f916:5049:f87f:108e (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.29.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-201.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.249.13 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

hive-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.208.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-208-127.compute-1.amazonaws.com

exchange.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.spotim.market	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.87 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.162.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-162-206.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.121.240 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-121-240.eu-central-1.compute.amazonaws.com

k.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:4800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:8c00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-10.fra6.r.cloudfront.net

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.85.16 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com

hivemedia-images.s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.243.93.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com

s.update.hmstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.136.108 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-136-108.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.25.111 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-25-111.us-west-2.compute.amazonaws.com

aufp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.13 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.211.237.159 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-237-159.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.71.131.137 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.181.226 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.29.134.248 (United Kingdom) 5 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.44 (United Kingdom) 6 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.89.213.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-213-37.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 62.149.0.72 (Ukraine) 1 redirects

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.spotim.market	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (Paris, France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:72d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

prebidtest.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.194.4.47 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-4-47.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.4.29 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e7:101::9002:e05 (San Francisco, United States)

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:60e0:c53a:cd30:7167 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.74.236.63 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.169 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-169.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.215.68.151 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-68-151.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.75.189 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.189.75.88.23.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.181.105 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-181-105.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.4.142 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip142.ip-188-165-4.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.210.112.236 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.22.209 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.104.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-104-251.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	postfun.com www.postfun.com	676 KB
27	facebook.com 1 redirects www.facebook.com	5 KB
26	pubmatic.com 2 redirects image2.pubmatic.com ads.pubmatic.com image6.pubmatic.com simage2.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	31 KB
19	doubleclick.net 12 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	146 KB
12	hmstats.com s.update.hmstats.com	52 KB
11	ad.gt 1 redirects a.ad.gt p.ad.gt ids.ad.gt pixels.ad.gt	16 KB
11	facebook.net connect.facebook.net	739 KB
8	3lift.com 2 redirects tlx.3lift.com eb2.3lift.com	3 KB
8	openx.net hive-d.openx.net u.openx.net eu-u.openx.net rtb.openx.net us-u.openx.net	11 KB
7	adsrvr.org 5 redirects match.adsrvr.org	3 KB
7	consensu.org quantcast.mgr.consensu.org test.quantcast.mgr.consensu.org audit-tcfv2.quantcast.mgr.consensu.org	177 KB
6	adform.net 5 redirects c1.adform.net	3 KB
6	sonobi.com apex.go.sonobi.com sync.go.sonobi.com	5 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com s.amazon-adsystem.com	41 KB
5	bidswitch.net 4 redirects x.bidswitch.net	2 KB
5	mathtag.com 5 redirects sync.mathtag.com	3 KB
5	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com	19 KB
5	spotim.market 1 redirects ghb.spotim.market sync.spotim.market	3 KB
5	google-analytics.com www.google-analytics.com	24 KB
4	yahoo.com 3 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	2 KB
4	1rx.io 4 redirects sync.1rx.io	2 KB
4	taboola.com 1 redirects cdn.taboola.com trc.taboola.com match.taboola.com	2 KB
4	p-n.io cdn.p-n.io k.p-n.io	56 KB
3	bidr.io 3 redirects match.prod.bidr.io	2 KB
3	lijit.com 1 redirects ap.lijit.com	1 KB
3	quantserve.com 2 redirects secure.quantserve.com pixel.quantserve.com	11 KB
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	896 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	onaudience.com 2 redirects pixel.onaudience.com	883 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	744 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	turn.com 2 redirects ad.turn.com	930 B
2	adtelligent.com sync.adtelligent.com	788 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com	603 B
2	contextweb.com 1 redirects bh.contextweb.com	784 B
2	zemanta.com 2 redirects prebidtest.zemanta.com b1sync.zemanta.com	653 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com	1 KB
2	casalemedia.com htlb.casalemedia.com ssum-sec.casalemedia.com	645 B
1	gumgum.com rtb.gumgum.com	238 B
1	playground.xyz 1 redirects ads.playground.xyz	463 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	534 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	mookie1.com odr.mookie1.com	324 B
1	simpli.fi um.simpli.fi	618 B
1	iprom.net core.iprom.net	279 B
1	ad4m.at ad4m.at	915 B
1	adgrx.com cm.adgrx.com	408 B
1	erne.co 1 redirects green.erne.co	327 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	650 B
1	loopme.me 1 redirects csync.loopme.me	216 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	criteo.com dis.criteo.com	334 B
1	bing.com c.bing.com	594 B
1	linkedin.com px.ads.linkedin.com	812 B
1	rfihub.com 1 redirects p.rfihub.com	750 B
1	deepintent.com match.deepintent.com	44 B
1	omnitagjs.com visitor.omnitagjs.com	158 B
1	aufp.io aufp.io	3 KB
1	amazonaws.com hivemedia-images.s3.us-east-1.amazonaws.com	8 KB
1	quantcount.com rules.quantcount.com	356 B
1	postrelease.com exchange.postrelease.com	393 B
1	scorecardresearch.com sb.scorecardresearch.com	1 KB
235	63

	Domain	Requested by
61	www.postfun.com	www.postfun.com
27	www.facebook.com	1 redirects connect.facebook.net
15	cm.g.doubleclick.net	12 redirects eu-u.openx.net eb2.3lift.com
12	s.update.hmstats.com	www.postfun.com s.update.hmstats.com
11	simage2.pubmatic.com	ads.pubmatic.com
11	connect.facebook.net	www.postfun.com connect.facebook.net
9	image2.pubmatic.com	2 redirects ads.pubmatic.com
8	ids.ad.gt	1 redirects
7	eb2.3lift.com	2 redirects www.postfun.com eb2.3lift.com
7	match.adsrvr.org	5 redirects eu-u.openx.net eb2.3lift.com
6	c1.adform.net	5 redirects ads.pubmatic.com
5	x.bidswitch.net	4 redirects eb2.3lift.com
5	sync.go.sonobi.com
5	sync.mathtag.com	5 redirects
5	www.google-analytics.com	www.postfun.com www.google-analytics.com
5	quantcast.mgr.consensu.org	www.postfun.com quantcast.mgr.consensu.org
4	sync.spotim.market	1 redirects www.postfun.com
4	sync.1rx.io	4 redirects
4	c.amazon-adsystem.com	www.postfun.com c.amazon-adsystem.com
3	match.prod.bidr.io	3 redirects
3	eu-u.openx.net	www.postfun.com eu-u.openx.net
3	ib.adnxs.com	2 redirects www.postfun.com
3	ap.lijit.com	1 redirects www.postfun.com
3	securepubads.g.doubleclick.net	www.postfun.com securepubads.g.doubleclick.net
2	ups.analytics.yahoo.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	pixel.onaudience.com	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	sync-tm.everesttech.net	2 redirects
2	d5p.de17a.com	2 redirects
2	ad.turn.com	2 redirects
2	s.amazon-adsystem.com	1 redirects eb2.3lift.com
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	us-u.openx.net	eu-u.openx.net
2	pixel.quantserve.com	2 redirects
2	sync.adtelligent.com	ads.pubmatic.com
2	pixel-sync.sitescout.com	2 redirects
2	bh.contextweb.com	1 redirects
2	ads.pubmatic.com	www.postfun.com ads.pubmatic.com
2	trc.taboola.com	1 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	secure.adnxs.com	2 redirects
2	k.p-n.io	cdn.p-n.io
2	cdn.p-n.io	www.postfun.com cdn.p-n.io
1	simage4.pubmatic.com	ads.pubmatic.com
1	rtb.gumgum.com	ads.pubmatic.com
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	odr.mookie1.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	match.taboola.com	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	ad4m.at	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	green.erne.co	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	csync.loopme.me	1 redirects
1	rtb-csync.smartadserver.com	ads.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	px.ads.linkedin.com	eb2.3lift.com
1	image6.pubmatic.com	ads.pubmatic.com
1	rtb.openx.net
1	prebidtest.zemanta.com	1 redirects
1	p.rfihub.com	1 redirects
1	ssum-sec.casalemedia.com	www.postfun.com
1	match.deepintent.com	www.postfun.com
1	visitor.omnitagjs.com	www.postfun.com
1	u.openx.net
1	pixels.ad.gt	p.ad.gt
1	p.ad.gt	a.ad.gt
1	aufp.io	a.ad.gt
1	a.ad.gt	www.postfun.com
1	hivemedia-images.s3.us-east-1.amazonaws.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	rules.quantcount.com	secure.quantserve.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	tlx.3lift.com	www.postfun.com
1	htlb.casalemedia.com	www.postfun.com
1	ghb.spotim.market	www.postfun.com
1	exchange.postrelease.com	www.postfun.com
1	apex.go.sonobi.com	www.postfun.com
1	hive-d.openx.net	www.postfun.com
1	secure.quantserve.com	www.postfun.com
1	sb.scorecardresearch.com	www.postfun.com
1	cdn.taboola.com	www.postfun.com
235	92

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.pinterest.com
twitter.com

Subject Issuer	Validity	Valid
www.trend-chaser.com R3	`2021-12-03` - `2022-03-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
pushlycdn.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
ghb.spotim.market ZeroSSL ECC Domain Secure Site CA	`2021-10-27` - `2022-01-25`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.p-n.io Amazon	`2021-01-26` - `2022-02-23`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-15` - `2021-12-14`	3 months	crt.sh
update.hmstats.com R3	`2021-11-01` - `2022-01-30`	3 months	crt.sh
*.ad.gt Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
aufp.io Amazon	`2021-11-26` - `2022-12-24`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-24` - `2022-06-23`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
sync.spotim.market ZeroSSL ECC Domain Secure Site CA	`2021-11-30` - `2022-02-28`	3 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-12-03` - `2022-06-03`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.iprom.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-11-30` - `2022-02-28`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh

This page contains 34 frames:

Primary Page: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Frame ID: 7FCA5DEAE4895B25C91D283F6A412797
Requests: 164 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df9d8b219d7e198%2526domain%253Dwww.postfun.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.postfun.com%25252Ff6aab08844b7c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26hide_cta%3Dtrue%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252FPostFun%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D300
Frame ID: 1CA63852C921644625D10AD17F4DB378
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.postfun.com/fb019e54-4d5b-4e62-830b-6b4f4f0489e5
Frame ID: 5769A7347E23E0F7AD5C45548EE089CE
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 102D9D7E4950C2A6413D654ED5834AD8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C34BC703224698530C6B55EDC78539F7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: DB907DDE070B77D0C410919ACE5883C6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6C6D5AB0925C81B55F9B26BA9A0E26D7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7ABA05C2AE54C8A3363BE3BB6285840C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 86187D246A2CDAD076B754458BF0EBA7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1021083ED1A3D7D72BD52FF325226175
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 81F688C6F5409C5E9D6F45A5CB359CAE
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=0
Frame ID: 5C6295169DB28C7C206A33ADF5968D25
Requests: 7 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/bsync?uid=a2f4646f0e2874d3
Frame ID: 5E856BC987424E04A2904B483EB678C2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: D65EADA22F1629A7F97AE8899A11F241
Requests: 23 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 3CF876BC7DC6F505B6BBDC956B609F46
Requests: 11 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=4946990725677477747
Frame ID: 9297E5BC9E347FDE2CE65DA83D1A8431
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13416134
Frame ID: 8E6D4FEBF41FEAE36B9341737DA54246
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/136?id=unk&gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D462323%26extuid%3D
Frame ID: 2759F072EA34EC758C6C7B8A87B6D5C4
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=%20190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
Frame ID: 86C5D58416C1918E71F28C2D7109403F
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE
Frame ID: 63B96B71E28F9DBF908677313AF4D527
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4815254603872434894
Frame ID: 55590FE98A49533FF9D0784356C0B16B
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D3E92AB6322E74F2C3ACED18D494D492
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7038787181459601555
Frame ID: 0331F3CAD49D374510918437DB2C5B5B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ya7LpgAKBVP5vgAz&gdpr=0&gdpr_consent=&_test=Ya7LpgAKBVP5vgAz
Frame ID: E2090069A3FE2A9589FE206CDE24AE87
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AArVgU7DXZcAAH2sjHsDFQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: 777BD03052E907EDD53570B6700CC07E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003
Frame ID: 8CD93E5F6DBF379EB5398B9DC0878690
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: B9DB12B70473C30FD5690106D7C067C3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=X21iblsnQN18-TWJYWmbZcEbDhg
Frame ID: DF56DEEAD034CEDBA09EEC0C30F07EE8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3NHaNOmpjkOoVSql0xQMX8Jp
Frame ID: E2785F70321A653C7B0C7766C903EC23
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: E2F94DCF9E92AC231992ABA7F91F2A1B
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: DAEBBF65E9AA28935F19828B7AFB3411
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: C1E2EEF673B67788004D40DA813939BB
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=23284b73-ea0c-4930-986b-5e58c1bc909b-tuct8a85126&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 16AAE3BAC90F71B94221F5065D1A08D9
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE
Frame ID: D92A999ADE8263AB4491F3754E50D8D9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

These NBA Players Are Working 9-5 Jobs Since Retiring - Post Fun

Page Statistics

235
Requests

81 %
HTTPS

21 %
IPv6

63
Domains

92
Subdomains

64
IPs

12
Countries

2027 kB
Transfer

6635 kB
Size

132
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dshare-facebook%26utm_content%3Dfacebook%26utm_medium%3Dmainnav%26utm_campaign%3Dshare-mainnav

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dshare-pinterest%26utm_content%3Dpinterest%26utm_medium%3Dmainnav%26utm_campaign%3Dshare-mainnav&media=https://www.postfun.com/wp-content/uploads/2019/02/greg-oden-retired-nba-career-62188.jpg&description=These+NBA+Players+Are+Working+New+Jobs+Since+Stepping+Off+The+Court

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dshare-twitter%26utm_content%3Dtwitter%26utm_medium%3Dmainnav%26utm_campaign%3Dshare-mainnav

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dshare-pinterest%26utm_content%3Dpinterest%26utm_medium%3Dsidenav%26utm_campaign%3Dshare-sidenav&media=https://www.postfun.com/wp-content/uploads/2019/02/greg-oden-retired-nba-career-62188.jpg&description=These+NBA+Players+Are+Working+New+Jobs+Since+Stepping+Off+The+Court

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dshare-pinterest%26utm_content%3Dpinterest%26utm_medium%3Dfooter%26utm_campaign%3Dshare-footer&media=https://www.postfun.com/wp-content/uploads/2019/02/greg-oden-retired-nba-career-62188.jpg&description=These+NBA+Players+Are+Working+New+Jobs+Since+Stepping+Off+The+Court

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102

https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9d8b219d7e198%26domain%3Dwww.postfun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.postfun.com%252Ff6aab08844b7c%26relation%3Dparent.parent&container_width=300&hide_cover=false&hide_cta=true&href=http%3A%2F%2Fwww.facebook.com%2FPostFun%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&width=300 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df9d8b219d7e198%2526domain%253Dwww.postfun.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.postfun.com%25252Ff6aab08844b7c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26hide_cta%3Dtrue%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252FPostFun%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D300

Request Chain 130

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17&adnxs_id=$UID HTTP 302
https://ids.ad.gt/api/v1/match?id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17&adnxs_id=4946990725677477747

Request Chain 131

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=a1fe1406-4ec8-4c8c-a289-1f79043d6f17 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=a1fe1406-4ec8-4c8c-a289-1f79043d6f17 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=85f4d67c-3ab3-450c-b420-539570656946&id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17

Request Chain 132

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Da1fe1406-4ec8-4c8c-a289-1f79043d6f17 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Da1fe1406-4ec8-4c8c-a289-1f79043d6f17 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE&id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17&google_gid=CAESEFdRLy1PsUHQyohjGGDyLf0&google_cver=1&google_ula=450542624,0

Request Chain 134

https://ids.ad.gt/api/v1/g_hosted?id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=YTFmZTE0MDYtNGVjOC00YzhjLWEyODktMWY3OTA0M2Q2ZjE3

Request Chain 135

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3Da1fe1406-4ec8-4c8c-a289-1f79043d6f17 HTTP 302
https://ids.ad.gt/api/v1/mediamath_match?user_id=20ed61ae-cba3-4900-bb52-7cc570c2c565&id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17

Request Chain 136

https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Da1fe1406-4ec8-4c8c-a289-1f79043d6f17%26unruly_id%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/audigent/0?zcc=1&dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Da1fe1406-4ec8-4c8c-a289-1f79043d6f17%26unruly_id%3D%5BRX_UUID%5D&cb=1638845347894 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Da1fe1406-4ec8-4c8c-a289-1f79043d6f17%26unruly_id%3DRX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003 HTTP 302
https://ids.ad.gt/api/v1/unruly?id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17&unruly_id=RX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003

Request Chain 163

https://sync.spotim.market/csync?redir=https://visitor.omnitagjs.com/visitor/bsync?uid={uid}&name=PrebidServer&gdpr_consent_string={gdpr_consent}&gdpr={gdpr}&us_privacy={us_privacy} HTTP 302
https://visitor.omnitagjs.com/visitor/bsync?uid=a2f4646f0e2874d3

Request Chain 165

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 166

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID HTTP 302
https://sync.spotim.market/csync?t=a&ep=323548&extuid=4946990725677477747

Request Chain 170

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5134455419715221554

Request Chain 171

https://prebidtest.zemanta.com/usersync/prebidtest?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D509691%26extuid%3D%24%7BUID%7D HTTP 302
https://sync.spotim.market/csync?t=a&ep=509691&extuid=${UID}&gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}

Request Chain 172

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=1f8476eb-12db-48e8-8a7b-70f627cd680e&google_hm=MWY4NDc2ZWItMTJkYi00OGU4LThhN2ItNzBmNjI3Y2Q2ODBl HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPtkqLPng8vOthjvz1K9BMo&google_cver=1&ssp=sonobi&bsw_param=1f8476eb-12db-48e8-8a7b-70f627cd680e HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=1f8476eb-12db-48e8-8a7b-70f627cd680e

Request Chain 173

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=20ed61ae-cba3-4900-bb52-7cc570c2c565

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Mzg0MzljZmUtNzNjZC00Zjg5LTkwMWEtNDJmZDRiOWFiMTQx HTTP 302
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEKXTHna6n5ZGaNHJf2bSNXU&google_cver=1

Request Chain 175

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID HTTP 307
https://sync.spotim.market/csync?t=a&ep=323551&extuid=4d4d8792758de91c53e79d87

Request Chain 176

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=38439cfe-73cd-4f89-901a-42fd4b9ab141&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=N3NaNUJZblRpdlo3bFpPMElDSmw4UQ&gdpr=&gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFwaXDwenFOJUNshwEyo-Ws&google_cver=1

Request Chain 177

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent

Request Chain 179

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=15a74ec6ff&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us.gif?nw=td&nuid=85f4d67c-3ab3-450c-b420-539570656946&pubid=15a74ec6ff

Request Chain 180

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=20ed61ae-cba3-4900-bb52-7cc570c2c565

Request Chain 181

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=OCIscG1xLCMjJikgOnVgdmsjdHQjI3gtPSM_r3Bd

Request Chain 182

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8231746660794167020

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPYl2A3JtYRHrzUxYVlZX7I&google_cver=1

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELrjo6oLE41z6WtsE1UjNOg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 189

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA1NTU4OTU2MTk0MjU5MDk3MjI%3D

Request Chain 191

https://pr-bh.ybp.yahoo.com/sync/triplelift/10555895619425909722?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-5PiWpWZE2oQrC_M_mMu0m2Cn6KzPlU4pphFr2idSOg--~A&dongle=0883

Request Chain 194

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=10555895619425909722 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=10555895619425909722&dcc=t

Request Chain 195

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 196

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=7541914379559443183&dongle=d407

Request Chain 197

https://c1.adform.net/serving/cookie/match?party=14&cid=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE

Request Chain 198

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4815254603872434894

Request Chain 200

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7038787181459601555

Request Chain 201

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Ya7LpgAKBVP5vgAz HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ya7LpgAKBVP5vgAz&gdpr=0&gdpr_consent=&_test=Ya7LpgAKBVP5vgAz

Request Chain 202

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFyVmdVN0RYWmNBQUgyc2pIc0RGUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AArVgU7DXZcAAH2sjHsDFQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID

Request Chain 203

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8231100746 HTTP 302
https://sync.1rx.io/usersync/tradedesk/85f4d67c-3ab3-450c-b420-539570656946 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003

Request Chain 204

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 205

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=X21iblsnQN18-TWJYWmbZcEbDhg

Request Chain 206

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3NHaNOmpjkOoVSql0xQMX8Jp

Request Chain 210

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=23284b73-ea0c-4930-986b-5e58c1bc909b-tuct8a85126&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 212

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Js_F9vwmRfWBrcw-v3sI_g%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 213

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=20ed61ae-cba3-4900-bb52-7cc570c2c565

Request Chain 214

https://pixel.onaudience.com/?partner=214&mapped=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=2d801dbde08aa8e01942fe6cba78b9b0 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=efa6c9c55b2df06f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ac88f6f5-2ef1-4089-5ba3-99f87c92b4f8&reqId=a8e4d257-4f93-44e8-6bb7-0f3a240e135f&zcluid=efa6c9c55b2df06f&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEMYD8fQSJP4EDvnOYwOiJWQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ac88f6f5-2ef1-4089-5ba3-99f87c92b4f8&reqId=a8e4d257-4f93-44e8-6bb7-0f3a240e135f&zcluid=efa6c9c55b2df06f&zdid=1332

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjZDRkM1RjYtRkMyNi00NUY1LTgxQUQtQ0MzRUJGN0IwOEZF&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED7VVhxhvUk-mIY1Hcmpvyw&google_cver=1

Request Chain 218

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:20ed61ae-cba3-4900-bb52-7cc570c2c565&gdpr=0&gdpr_consent=

Request Chain 219

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=85f4d67c-3ab3-450c-b420-539570656946

Request Chain 220

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3820115528378156269

Request Chain 221

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4946990725677477747&gdpr=0&gdpr_consent=

Request Chain 222

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7v4M-butDKr1-gmp7KlA_73_VP31_1ik6__u4-Tm

Request Chain 223

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5NIitN5E2uXj3DYhtlQ1hzSzOHUTZNU-~A&gdpr=0&gdpr_consent=

Request Chain 225

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1f8476eb-12db-48e8-8a7b-70f627cd680e&ssp=pubmatic&gdpr=0&gdpr_consent=

Request Chain 226

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7974259943787010799&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 228

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 229

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ef653911-274c-4af5-8b07-b5b8dfca5dde&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 230

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4946990725677477747

235 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/ 271 KB
45 KB 68ms
12ms Document
text/html 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: nginx / WP Engine
Resource Hash: 5f6f0b1a73b3923455ddd8d7fe81135732102ea9b0b2489252071dc8acba2708

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
content-type: text/html; charset=UTF-8
link: <https://www.postfun.com/wp-json/>; rel="https://api.w.org/" <https://www.postfun.com/wp-json/wp/v2/posts/61254>; rel="alternate"; type="application/json" <https://www.postfun.com/?p=61254>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: bot
x-cache-group: bot
access-control-allow-origin: *
content-encoding: gzip
content-length: 45172
cache-control: must-revalidate, max-age=3600
expires: Tue, 07 Dec 2021 03:49:05 GMT
date: Tue, 07 Dec 2021 02:49:05 GMT
vary: Accept-Encoding

GET
H2 200 endpoint.php Show response
www.postfun.com/wp-content/plugins/wp-ajax/ 197 KB
20 KB 16ms
16ms Script
application/javascript 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.postfun.com/wp-content/plugins/wp-ajax/endpoint.php?action=hive_page_config&site=13

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-81-94.deploy.static.akamaitechnologies.com

Software

nginx / WP Engine

Resource Hash

afb3501c74391644e2029381ab1df63c381d66334e33d74f5c7859236768604f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cache-group: normal
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: SHORT
server: nginx
x-powered-by: WP Engine
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=3600
date: Tue, 07 Dec 2021 02:49:05 GMT
x-robots-tag: noindex
content-length: 20327
expires: Tue, 07 Dec 2021 03:49:05 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 65ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

98853c314da19dd937694bcabe140f6549fe2bd27e641bcfbb534a9c804ff487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1065 / 731 of 1000 / last-modified: 1638832296"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27070
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 02:49:05 GMT

GET
H2 200 extended_intermediate_header.js Show response
www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/ 314 KB
97 KB 10ms
9ms Script
application/javascript 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fd0b79a723b6dbed0292bd8c0cb7c57ee81100a3f2f7b5c606210b85f8e5a567

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:05 GMT
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 22:50:06 GMT
server: nginx
etag: W/"61a6aa9e-4e87f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 98656
expires: Wed, 07 Dec 2022 02:49:05 GMT

GET
H2 200 style.css
www.postfun.com/wp-content/themes/hive-master/ 71 KB
12 KB 10ms
9ms Stylesheet
text/css 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 75ad566950298a23b6ce73ed61b4597ae66a72daf102daa806efd58c18fa7c3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:05 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 17:05:54 GMT
server: nginx
etag: W/"607720f2-11dba"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 12289
expires: Wed, 07 Dec 2022 02:49:05 GMT

GET
H2 200 style.css
www.postfun.com/wp-content/themes/postfun/ 46 KB
9 KB 11ms
10ms Stylesheet
text/css 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/themes/postfun/style.css?ver=1637623479
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b209eb175909bbe172d0e6f9762eabcf99f07ecab1ecc7da56ae44e25a650ce9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:05 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 23:24:39 GMT
server: nginx
etag: W/"619c26b7-b613"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 8966
expires: Wed, 07 Dec 2022 02:49:05 GMT

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 294 KB
54 KB 57ms
11ms Script
application/javascript 18.66.248.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=JevblhQ9s30chxqS2hYVk68UDa3qtHajpMUG
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-14.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 084f6476011a1c250d41279bc05a27a78c804a91bd11610eb2be4bb1b5a73c18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:38:29 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 17:42:51 GMT
server: AmazonS3
age: 637
etag: W/"b8d3311981745fbeb105aa6ddc40aa96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: OltCb8f9k3DIcYakUU0m3K00jykbI4eRf821s9QUtBQxV731tlBy9A==

GET
H2 200 id.js Show response
cdn.taboola.com/webpush/ 1 KB
928 B 28ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/webpush/id.js
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b985af57dc59fdf0a9743d410836168fdbceaa641b51d4e427f9edff6cc62625

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 5AeHNYhajGCudi_TrYZ80Y0gwu0a6ryl
content-encoding: gzip
etag: "94b1f08de63835708c45d9c61d268b29"
age: 12934
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 489
x-amz-id-2: ObkPt3qtG9WgCLn0LZ25N6Fh+UAou7TbzUsU3ZkFxx8tSOhVgzoGLtE5WD9Okh8gZzTUHBkceOI=
x-served-by: cache-hhn4077-HHN
last-modified: Thu, 03 Jun 2021 07:06:05 GMT
server: AmazonS3
x-timer: S1638845346.921707,VS0,VE0
date: Tue, 07 Dec 2021 02:49:05 GMT
vary: Accept-Encoding
x-amz-request-id: C4YN7QSN0AK2380N
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 98
x-cache-hits: 29

GET
H2 200 prebid.js Show response
www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/ 364 KB
115 KB 10ms
10ms Script
application/javascript 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/prebid.js?ver=1638818615
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 384030f05a2241cb62e91acb3eb557b1dc64bccb7a1bf43011ef572b19b5c4d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:05 GMT
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 19:23:35 GMT
server: nginx
etag: W/"61ae6337-5b1ec"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 116898
expires: Wed, 07 Dec 2022 02:49:05 GMT

GET
H2 200 footer.js Show response
www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/ 223 KB
64 KB 21ms
20ms Script
application/javascript 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/footer.js?ver=1638312606
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: de2b4eba3c242546aae7f2ff97cd39bcb010dcf1847ec4bec38876d29e838b9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:05 GMT
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 22:50:06 GMT
server: nginx
etag: W/"61a6aa9e-37a7e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 65110
expires: Wed, 07 Dec 2022 02:49:05 GMT

GET
H2 200 footer.js Show response
www.postfun.com/wp-content/themes/hive-master/assets/js/ 6 KB
2 KB 21ms
20ms Script
application/javascript 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/themes/hive-master/assets/js/footer.js?ver=1635964025
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8352a0484081022114518db98c4f7bd828fff01a3bba53b1e9fe55e31602413e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:05 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 18:27:05 GMT
server: nginx
etag: W/"6182d479-181a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 2085
expires: Wed, 07 Dec 2022 02:49:05 GMT

GET
H2 200 wp-embed.min.js Show response
www.postfun.com/wp-includes/js/ 1 KB
964 B 8ms
8ms Script
application/javascript 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:05 GMT
content-encoding: gzip
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
etag: W/"5ff5d754-592"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 765
expires: Wed, 07 Dec 2022 02:49:05 GMT

GET
H2 200 offscreen-bg.jpg
www.postfun.com/wp-content/themes/postfun/assets/images/ 50 KB
50 KB 20ms
20ms Image
image/jpeg 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postfun.com/wp-content/themes/postfun/assets/images/offscreen-bg.jpg
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/themes/postfun/style.css?ver=1637623479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 41e365250a82e0e0ee15c8661ca0efb65228a061f31c8ae3884127d0efa0d369

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/wp-content/themes/postfun/style.css?ver=1637623479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:05 GMT
last-modified: Thu, 21 Feb 2019 19:26:16 GMT
server: nginx
etag: "5c6efb58-c667"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 50791
expires: Wed, 07 Dec 2022 02:49:05 GMT

GET
H2 200 icomoon.ttf
www.postfun.com/wp-content/themes/hive-master/assets/fonts/ 3 KB
3 KB 20ms
19ms Font
application/octet-stream 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/themes/hive-master/assets/fonts/icomoon.ttf?fo61nq
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f8ee0d666b3091eb93def38dd12b8f2a7009d640e6b0cf389cc35a2c4a425b09

Request headers

Referer: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Origin: https://www.postfun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:05 GMT
last-modified: Tue, 29 Sep 2020 18:21:32 GMT
server: nginx
etag: "5f737b2c-c58"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3160
expires: Wed, 07 Dec 2022 02:49:05 GMT

GET
H2 200 OpenSans-Regular.woff
www.postfun.com/wp-content/themes/hive-master/assets/fonts/ 20 KB
20 KB 21ms
21ms Font
font/woff 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/themes/hive-master/assets/fonts/OpenSans-Regular.woff
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 724ffca6332d70f4cbb540b05753e0e5d59a9b25a0eefd2e46fbf841ad41889b

Request headers

Referer: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Origin: https://www.postfun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:05 GMT
last-modified: Wed, 25 Jul 2018 20:20:05 GMT
server: nginx
etag: "5b58db75-50d8"
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20696
expires: Wed, 07 Dec 2022 02:49:05 GMT

GET
H2 200 OpenSans-ExtraBold.woff
www.postfun.com/wp-content/themes/hive-master/assets/fonts/ 21 KB
21 KB 13ms
13ms Font
font/woff 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/themes/hive-master/assets/fonts/OpenSans-ExtraBold.woff
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bb6d1fca9040272fd9341da48df6827bbea229b08574eadc105dc55fb5c2fc9f

Request headers

Referer: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Origin: https://www.postfun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:06 GMT
last-modified: Wed, 25 Jul 2018 20:20:05 GMT
server: nginx
etag: "5b58db75-5420"
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 21536
expires: Wed, 07 Dec 2022 02:49:06 GMT

GET
H2 200 OpenSans-SemiBold.woff
www.postfun.com/wp-content/themes/hive-master/assets/fonts/ 20 KB
21 KB 9ms
9ms Font
font/woff 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/themes/hive-master/assets/fonts/OpenSans-SemiBold.woff
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c32b66dae6aaac220d224bd147ce2e70a205a34bc53b62ca4f9eb0d7754ccfa4

Request headers

Referer: https://www.postfun.com/wp-content/themes/hive-master/style.css?ver=1618419954
Origin: https://www.postfun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:06 GMT
last-modified: Wed, 25 Jul 2018 20:20:05 GMT
server: nginx
etag: "5b58db75-513c"
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20796
expires: Wed, 07 Dec 2022 02:49:06 GMT

GET
H2 200 postfun-logo-55299.svg
www.postfun.com/wp-content/uploads/sites/13/2019/02/ 4 KB
2 KB 9ms
8ms Image
image/svg+xml 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postfun.com/wp-content/uploads/sites/13/2019/02/postfun-logo-55299.svg
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7f59166cede1b29d613c38e7da6dcd9227fdb898893f6508356e2ca5ad7b7293

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 07 Dec 2021 02:49:06 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2019 07:21:58 GMT
server: nginx
etag: W/"f6c28497d484ff937b91169cc3600909"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 1949
expires: Wed, 07 Dec 2022 02:49:06 GMT

GET
H2 200 mark-blount-35978.jpg
www.postfun.com/wp-content/uploads/2019/05/ 156 KB
157 KB 336ms
336ms Image
image/jpeg 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postfun.com/wp-content/uploads/2019/05/mark-blount-35978.jpg
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 732be07cfd0af57869ce60bc525acf0b5dbd06a47345945b41f551bcac33a432

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 07 Dec 2021 02:49:06 GMT
last-modified: Sun, 16 Jun 2019 09:23:08 GMT
server: nginx
etag: "365c5c37b380b0bba1f069e38f3625d3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 160228
expires: Wed, 07 Dec 2022 02:49:06 GMT

GET
H2 200 pubads_impl_2021120201.js Show response
securepubads.g.doubleclick.net/gpt/ 347 KB
117 KB 17ms
17ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119206
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:41:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 02:49:06 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 152 B
127 B 33ms
18ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.postfun.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9537144bb39250368e21895ffb3a0e5c0f976a68b191729a73f247bb0608f2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 02:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102
x-xss-protection: 0
expires: Tue, 07 Dec 2021 02:49:06 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/sDavpVA1K-z6d/www.postfun.com/ 4 KB
2 KB 442ms
413ms Script
application/javascript 2600:9000:211e:1c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/sDavpVA1K-z6d/www.postfun.com/choice.js
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:1c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02355aa57f07068f48ce739f70f73bd9264ed16f066e946b3eca256d814356ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 07 Dec 2021 02:49:07 GMT
content-encoding: br
last-modified: Thu, 28 Oct 2021 18:54:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: W/"246ffc83ebd2b675d67afff3f1845e85"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: wz_Nb3ZTkm61rQheS3Ft_SBV0Rn73HtZhO-jNyBBxcDba0IbsirDWg==

POST
H2 200 hive_hash Show response
www.postfun.com/events2/topic/ 0
177 B 690ms
690ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_hash
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:06 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:06 GMT

POST
H2 200 hive_loaded Show response
www.postfun.com/events2/topic/ 0
177 B 668ms
668ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_loaded
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:06 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:06 GMT

POST
H2 200 hive_session Show response
www.postfun.com/events2/topic/ 0
177 B 679ms
679ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_session
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:06 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:06 GMT

POST
H2 200 hive_location Show response
www.postfun.com/events2/topic/ 0
177 B 677ms
677ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_location
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:06 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:06 GMT

POST
H2 200 carb_init Show response
www.postfun.com/events2/topic/ 0
177 B 680ms
680ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/carb_init
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:06 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:06 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 34ms
8ms Script
application/javascript 13.35.253.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 05:06:17 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 153705
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: z1Nhf_tXVvJpT5DIjoSgGOV79FJVg_pK2_6i8TmbJPX7lrHZmeCsjQ==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 40ms
8ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:06 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 14 Dec 2021 02:49:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4443
date: Tue, 07 Dec 2021 01:35:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Dec 2021 03:35:03 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 672ms
672ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:06 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:06 GMT

GET
H2 200 spacer.gif
www.postfun.com/images/ 807 B
982 B 8ms
8ms Image
image/gif 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.postfun.com/images/spacer.gif?abk=1&adnet=1
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:06 GMT
last-modified: Tue, 17 Jul 2018 22:56:00 GMT
server: nginx
etag: "5b4e7400-327"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 807
expires: Wed, 07 Dec 2022 02:49:06 GMT

GET
H2 200 bddc-min.js Show response
www.postfun.com/wp-content/plugins/outrigger/scripts/legacy/misc/ 79 KB
29 KB 10ms
9ms Script
application/javascript 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/legacy/misc/bddc-min.js
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5d8d13c958e7f08ce7c2be4315fe352515b00c28047ff52c5205199a9a37581e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:06 GMT
content-encoding: gzip
last-modified: Mon, 01 Jun 2020 22:48:42 GMT
server: nginx
etag: W/"5ed585ca-13dca"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 29056
expires: Wed, 07 Dec 2022 02:49:06 GMT

POST
H2 200 hive_dfp Show response
www.postfun.com/events2/topic/ 0
177 B 700ms
699ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_dfp
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:06 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:06 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 50ms
10ms Script
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: KuXuY5mbG6yln5YsEdf9JaPJtFF6aIqm
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: 083A47M8D7XG5QPQ4C34
etag: 1e39d25f07f5619925357b752ab10d04
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Tue, 07 Dec 2021 02:49:06 GMT
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: csF9C8_X_laOqUFoMLnZCqanD1k8yAnW44HWbR_Z3tWVtd_aTSgjfw==

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 662ms
662ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:06 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:06 GMT

POST
H2 200 pbjs_auction_init Show response
www.postfun.com/events2/topic/ 0
177 B 686ms
685ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/pbjs_auction_init
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:06 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:06 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 675ms
674ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:06 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:06 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
742 B 127ms
72ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.27.0
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/prebid.js?ver=1638818615
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 71579509feaec66395bc8bed449847a80a8eeeb006aa59d93fb2dbd44bbcb3fb

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 07 Dec 2021 02:49:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.postfun.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

GET
H2 200 arj Show response
hive-d.openx.net/w/1.0/ 30 KB
9 KB 345ms
309ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hive-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=dc221122-dc18-4a94-a868-2e147b26b731%2Cba59171e-48ad-45a7-bf76-a7716e3026a1%2Cb4d60638-391a-4ef7-9322-e047f1917dcb%2Caa4ad79b-a557-4321-abf4-8bfd83d3e792%2Ccf2bfb52-747e-43ae-96f5-c194876ad2d5%2C8120dc3f-a498-4b81-8ca6-c9d0669e1415&nocache=1638845346233&gdpr=0&pubcid=b4eddd14-8c22-4f34-8853-a34d9c1cb30c&aus=728x90%7C728x90%7C300x250%2C300x600%2C160x600%7C300x250%2C300x600%2C160x600%7C300x250%2C300x600%2C160x600%7C160x600&divIds=primary-over-next%2Cprimary-under-title%2Csecondary-P1%2Csecondary-P3%2Csecondary-P5%2Clefternary-P1&auid=540151321%2C540151325%2C540151331%2C540151365%2C540151335%2C540151316
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/prebid.js?ver=1638818615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 1a2401c0f0f0989b66fea7819705936c7409ab0686efdc90c47f90584af8c63d

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:06 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.postfun.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9013
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 1 KB
2 KB 103ms
48ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F21287525%2Fpu_desktop-primary-over-next%7C250fb011d45b8e2%22%3A%22728x90%22%2C%22%2F21287525%2Fpu_desktop-primary-under-title%7C26751c138de9dd7%22%3A%22728x90%22%2C%22%2F21287525%2Fpu_desktop-secondary-P1%7C2742fbd070afdec%22%3A%22300x250%2C300x600%2C160x600%22%2C%22%2F21287525%2Fpu_desktop-secondary-P1_flex%7C2811c9e44c5c78a%22%3A%22300x250%2C300x600%2C160x600%22%2C%22%2F21287525%2Fpu_desktop-secondary-P3%7C296ed75a7bca8fb%22%3A%22300x250%2C300x600%2C160x600%22%2C%22%2F21287525%2Fpu_desktop-secondary-P3_flex%7C30a16b79bcebf03%22%3A%22300x250%2C300x600%2C160x600%22%2C%22%2F21287525%2Fpu_desktop-left-p1%7C31850fd89567394%22%3A%22300x250%2C300x600%2C160x600%22%2C%22%2F21287525%2Fpu_desktop-secondary-P5%7C323f76a23624221%22%3A%22300x250%2C300x600%2C160x600%22%2C%22%2F21287525%2Fpu_desktop-quaternary-P1%7C33be24075ce9b68%22%3A%22160x600%22%2C%22%2F21287525%2Fpu_desktop-left-p1%7C34d0d3f617ba978%22%3A%22160x600%22%7D&ref=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&s=9000fc88-97ce-4a45-8d9f-cbd77b38ce01&pv=51575eda-a153-4300-9f7d-4f3615c53a3d&vp=desktop&lib_name=prebid&lib_v=4.27.0&us=0&ius=1&gdpr=false

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/prebid.js?ver=1638818615

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

5867c4e1ca42a3ae09b2f294bda3d6d8493d9dd2d1560ae7289ca58b6bb13e4e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 02:49:06 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.postfun.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 760
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
393 B 330ms
99ms XHR
application/json 34.197.208.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_gdpr_consent=undefined&ntv_ptd=1127033,1127132,1127035,1127036&ntv_pb_rid=35dcc7a96460dec&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoicHJpbWFyeS1vdmVyLW5leHQiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1s3MjgsOTBdXX19fSx7ImFkVW5pdENvZGUiOiJzZWNvbmRhcnktUDEiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzAwLDYwMF0sWzE2MCw2MDBdXX19fSx7ImFkVW5pdENvZGUiOiJzZWNvbmRhcnktUDMiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzAwLDYwMF0sWzE2MCw2MDBdXX19fSx7ImFkVW5pdENvZGUiOiJzZWNvbmRhcnktUDUiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzAwLDYwMF0sWzE2MCw2MDBdXX19fV19&ntv_url=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/prebid.js?ver=1638818615
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.208.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-208-127.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:06 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.postfun.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H/1.1 200
OK auction Show response
ghb.spotim.market/v2/ 11 KB
1 KB 1027ms
919ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.spotim.market/v2/auction
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/prebid.js?ver=1638818615
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 690d7ec1b7cadb8c57efcc5ca4d8062e2826ad74304a2cf1c8210821866f7571

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 07 Dec 2021 02:49:06 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.postfun.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 1130

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 99 KB
15 KB 227ms
193ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/prebid.js?ver=1638818615

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

7a2b44d696ca571e00b0db7d7a110984b48af49a176bd95ddddae23cdfe1ca65

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 07 Dec 2021 02:49:06 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 268cc6c8-3a35-4fde-96de-9680da33c15d
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.postfun.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
330 B 189ms
160ms XHR
application/json 2.21.111.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=268079&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2256a3f19d948c841%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A7%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A7%2C%22ren%22%3Afalse%2C%22version%22%3A%224.27.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2257d0633017d979f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268079%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2258f5d8d30c948ee%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268083%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225957dc6ee4cf3e3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268089%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2260fe3006b869d48%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268089%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2261823b6c57aea18%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268089%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2262c2edb17dcdcb6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268092%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226361d4a24204be6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268092%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2264fb7182b091801%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268092%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22653d36e54f2711a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268094%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2266f90be47e99c15%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268094%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22671cda33b1cea14%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268094%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22685e4a9b77367ca%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268084%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22696721524b63b7a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268074%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/prebid.js?ver=1638818615
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-111-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ea3b8c6d48b3b39628750c41d1dbb2dfafdd65fbf1c12e1a7fa79126702bda72

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:06 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.24], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.postfun.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Tue, 07 Dec 2021 02:49:06 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
264 B 522ms
497ms XHR
application/json 52.28.162.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.27.0&referrer=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&tmax=3000&gdpr=false

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/prebid.js?ver=1638818615

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.162.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-162-206.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:06 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.postfun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pushly-sdk.min.css
cdn.p-n.io/ 26 KB
2 KB 10ms
9ms Stylesheet
text/css 18.66.248.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.css?domain_key=JevblhQ9s30chxqS2hYVk68UDa3qtHajpMUG
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=JevblhQ9s30chxqS2hYVk68UDa3qtHajpMUG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-14.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 501b84d7db37a158e0313efd545c334fc75d82750e1248fa383321c67728b1ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 17:46:32 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 15:59:32 GMT
server: AmazonS3
age: 32555
etag: W/"f78fe2b0b79df0619d393cfc42450ddf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: q2VwncssqflanGbPqK4G_Itrq4QRl3HcVtK4iEY44toZQB0fb9qz7Q==

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 22ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 07 Dec 2021 02:57:01 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 8ms
7ms XHR
text/plain 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3475&u=https%3A%2F%2Fwww.postfun.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:25:45 GMT
via: 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)
server: Server
age: 12201
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: lfhL3sW_WW6IAAVKl5ZHH6I9H2RkRsb_5IR1xX9RgcbNzes2ANr64A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 22ms
8ms XHR
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 86240
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Mon, 06 Dec 2021 02:51:47 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: wFWuadZbhdSWn5mpISrc-QuBmXeCyRgSeP_ZlUDqjdniT8e-kQbK5Q==

POST
H2 204 event-stream Show response
k.p-n.io/ 0
126 B 40ms
7ms Fetch 18.197.121.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=JevblhQ9s30chxqS2hYVk68UDa3qtHajpMUG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.121.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-121-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 02:49:06 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

POST
H2 204 event-stream Show response
k.p-n.io/ 0
125 B 32ms
7ms Fetch 18.197.121.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=JevblhQ9s30chxqS2hYVk68UDa3qtHajpMUG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.121.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-121-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 02:49:06 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1472210078&t=pageview&_s=1&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&ul=en-us&de=UTF-8&dt=These%20NBA%20Players%20Are%20Working%209-5%20Jobs%20Since%20Retiring%20-%20Post%20Fun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIhAAAAAC~&jid=1549359512&gjid=1275442257&cid=557766180.1638845346&uid=1c9a7f65-b410-42e3-ada7-65b134ade33f&tid=UA-68286463-2&_gid=964288077.1638845346&_r=1&_slc=1&cd1=tb_other_14664189-tb_d_3056256962_530-030128&cd2=530-030128&cd3=&cd4=1&cd5=&cd6=61254&cd7=&cd8=rlk&cd9=197405&cd10=alyssamihalik&cd11=&z=1168651390

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.postfun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-68286463-2&cid=557766180.1638845346&jid=1549359512&uid=1c9a7f65-b410-42e3-ada7-65b134ade33f&gjid=1275442257&_gid=964288077.1638845346&_u=aGBAAEIgAAAAAC~&z=846145860

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 07 Dec 2021 02:49:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.postfun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
532 B 45ms
45ms XHR
text/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3475&u=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&pid=3gGjc90NSPmoZ&cb=0&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22primary-over-next%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21287525%2Fpu_desktop-primary-over-next%22%7D%2C%7B%22sd%22%3A%22primary-under-title%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21287525%2Fpu_desktop-primary-under-title%22%7D%2C%7B%22sd%22%3A%22secondary-P1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F21287525%2Fpu_desktop-secondary-P1_flex%22%7D%2C%7B%22sd%22%3A%22secondary-P3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F21287525%2Fpu_desktop-secondary-P3_flex%22%7D%2C%7B%22sd%22%3A%22secondary-P5%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F21287525%2Fpu_desktop-secondary-P5%22%7D%2C%7B%22sd%22%3A%22quaternary-P1%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F21287525%2Fpu_desktop-quaternary-P1%22%7D%2C%7B%22sd%22%3A%22lefternary-P1%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F21287525%2Fpu_desktop-left-p1%22%7D%5D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.29.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-29-201.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:06 GMT
via: 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: AB3RQER0X0WA2P2Y65Q0
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.postfun.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: 9B80JeTCF5L9dn37HK-xP9zCqVA2MhWuyb3UIy6uxJwQFcHbDuBeng==

POST
H2 200 hive_ga_session Show response
www.postfun.com/events2/topic/ 0
177 B 677ms
677ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_ga_session
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H2 200 rules-p-sDavpVA1K-z6d.js Show response
rules.quantcount.com/ 2 B
356 B 58ms
10ms Script
application/javascript 2600:9000:2315:4800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-sDavpVA1K-z6d.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:4800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:55:14 GMT
via: 1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
server: AmazonS3
age: 3231
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: DUS51-P2
content-length: 2
x-amz-cf-id: Bg3zkE1_ZTkn1AsMQpuR7375dL7ZkZCTR4IYyrfh3Oh3WTOh9Jpdwg==

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 179 KB
44 KB 9ms
9ms Script
text/javascript 2600:9000:211e:1c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.postfun.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/sDavpVA1K-z6d/www.postfun.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:1c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b850fd9301b5a95c9c7ead67c57622e1a06680f69bf8d2f5ce57983011da3b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:06 GMT
content-encoding: br
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 04 Nov 2021 17:39:32 GMT
server: AmazonS3
etag: W/"0a70fce71435f53991adb4bbecc5d2cf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-id: ifFRja86B4Jt0Qh8gDExuw5rOAyYUTob74JjgGhzTq_tfgkOMXEuEg==

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 51ms
6ms XHR
application/json 2600:9000:211e:8c00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.postfun.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8c00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72974cf5c2f0384df6f0b6810376dee8106ab9bb157d8a3c441c6ba418c904da

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 03:00:36 GMT
content-encoding: br
age: 85711
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Sun, 05 Dec 2021 19:52:29 GMT
server: AmazonS3
etag: W/"8e6c34e38aca6825175859c7dd582794"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: qahrklIGWhNop1jsfuctewiwkcaAhdcE
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465d.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA56-C2
content-type: application/json
x-amz-cf-id: Y5sdP_KicbcEmBjFdns9u71rP1qn_2TqKNyaHUZIctKZHWQBChFVgg==

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 514ms
514ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 523ms
523ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 501ms
501ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 522ms
522ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 508ms
508ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 521ms
520ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 502ms
502ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 525ms
525ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 509ms
509ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 517ms
517ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/36/ 224 KB
58 KB 8ms
8ms Script
text/javascript 2600:9000:211e:1c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/36/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.postfun.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:1c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d261bc09d55ca6390f043aa5a196a8c4d49d38bb48792e007e539a9b67a86bbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 15:31:07 GMT
content-encoding: gzip
age: 127080
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 04 Nov 2021 17:39:16 GMT
server: AmazonS3
etag: W/"e9e236ee73ca8337502cca2d209ee395"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: HBfF_O7pwLkMxHp8bOG2Z9DQCimTjcUzylqMQ8Cwy26UD8Gn8VidOA==

GET
H2 200 vendor-list-trimmed-v1.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 278 KB
33 KB 25ms
8ms XHR
application/json 2600:9000:211e:1c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.postfun.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:1c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a21d440ddb36b335b7c29c1356276d61c86d5c5f2f42c1c349fbe285008776b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 03:00:36 GMT
content-encoding: br
age: 85711
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Mon, 06 Dec 2021 03:00:32 GMT
server: AmazonS3
etag: W/"0f2bde1e7bc4e473fc1ffbcbe672ac05"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: etAe7hPycANvthULmPj9ZELmZuGl6-yv4uN5fgiF6uG4XZ3Lk5Hwlw==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 154 KB
37 KB 30ms
14ms XHR
application/json 2600:9000:211e:1c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.postfun.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:1c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9aaa0167f4abb8eb86f2182c46287c6bddc68d7538f0bfa9e71287db2c700a60

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 03:01:31 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 85656
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 06 Dec 2021 03:01:28 GMT
server: AmazonS3
etag: W/"9ab4b5bb20a76f8a622d53bc30f59776"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: P_K5yyg_7LtfjqhSKpA9CBrjD8zIvN1HaqGExYIpicYqaawnhWKMiw==

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 80 B
506 B 54ms
7ms XHR
text/html 13.35.253.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22sDavpVA1K-z6d%22%2C%22domain%22%3A%22www.postfun.com%22%2C%22publisher%22%3A%22Postfun%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.36%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22H%2BWOMznn4jUzY7KMOI0JXA%22%2C%22clientTimestamp%22%3A1638845346648%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-sivxgp64syqdncbhgvzb%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/36/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-10.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 18:45:31 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
age: 29311
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 80
last-modified: Tue, 26 Nov 2019 14:21:44 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
vary: Origin
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: zwmMA5ysPfQJKkgszC9gSiV6AVZ7CjZSc8a9MMjlDMaCmZwGDNLJCA==

GET
H/1.1 200
OK postfun-logo-color.png
hivemedia-images.s3.us-east-1.amazonaws.com/logo/ 8 KB
8 KB 448ms
128ms Image
image/png 52.217.85.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hivemedia-images.s3.us-east-1.amazonaws.com/logo/postfun-logo-color.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.85.16 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3d022bdc2470de1ee83e2693341ae618f6fc08a90edbe3290e5c870faeefec4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 02:49:08 GMT
Last-Modified: Wed, 27 Oct 2021 21:30:54 GMT
Server: AmazonS3
x-amz-request-id: 2T9Q08966C79RFGS
ETag: "cbd52eb89658ab01520e047cd389230d"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 8130
x-amz-id-2: QPb/QzwKwyJnoQOiBuViq3nNRL3w0Sk7+za2SxHeQ1gpkoP/HDA76j/9HJdoqUNJ5waV4SfvnNI=

POST
H2 200 hive_benchmark Show response
www.postfun.com/events2/topic/ 0
177 B 181ms
180ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_benchmark
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 carb_placement Show response
www.postfun.com/events2/topic/ 0
177 B 179ms
179ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/carb_placement
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 carb_placement Show response
www.postfun.com/events2/topic/ 0
177 B 178ms
178ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/carb_placement
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 carb_placement Show response
www.postfun.com/events2/topic/ 0
177 B 180ms
179ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/carb_placement
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 carb_placement Show response
www.postfun.com/events2/topic/ 0
177 B 177ms
177ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/carb_placement
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3112fccfa0c39fb02ce507b3f6ce23b9a465f852a49a32f8c664a802e1444688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: WOIvvXAcLHMs0nkJC901JA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: +ODJ6sbXoJvYnzPghqoNcCpx5KDX/YqhnSQfZyniwsQXO6CNUBioyvVGcpARYtK20/RS+60zc+w9SkUUprZutg==
x-fb-trip-id: 917726464
x-fb-content-md5: eab900ad191010ad435ef29608992700
x-frame-options: DENY
date: Tue, 07 Dec 2021 02:49:07 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "2538f2a923ef1b30dbd8572289212fad"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 07 Dec 2021 03:01:08 GMT

POST
H2 200 carb_placement Show response
www.postfun.com/events2/topic/ 0
177 B 178ms
178ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/carb_placement
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 carb_placement Show response
www.postfun.com/events2/topic/ 0
177 B 180ms
180ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/carb_placement
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 carb_placement Show response
www.postfun.com/events2/topic/ 0
177 B 177ms
177ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/carb_placement
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/footer.js?ver=1638312606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: CkzaLcyMJW/a7NH4iW8lIyOQ8FVjyTeNN1nmcl5+V0X1Q7r5YDxeuIpARlecyMbnqKb68pNvubLZhWUgJoVWyQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 07 Dec 2021 02:49:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 173ms
172ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 173ms
173ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 175ms
175ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 178ms
177ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 176ms
176ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 190ms
189ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 carb_placement Show response
www.postfun.com/events2/topic/ 0
177 B 174ms
174ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/carb_placement
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.hmstats.com/2/486951/ 6 KB
3 KB 183ms
29ms Script
text/javascript 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.hmstats.com/2/486951/analytics.js?dt=4869511559931891252000&ti=6c826cd7-c979-4ff8-b2a3-aed8e6d2cbbc&ui=1c9a7f65-b410-42e3-ada7-65b134ade33f&di=www.postfun.com&c1=14664189-tb&c2=tb&c3=msn-msn-home-tb&de=2&gt=DE&dm=1600x1200

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-93-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c507ad3b9d297645f447934d8eb6e29712a6fc759daab791de19be72af08ed6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 02:49:07 GMT
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 2792
Expires: 0

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 178ms
177ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 176ms
176ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H2 200 354 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
4 KB 536ms
186ms Script
application/javascript 44.238.136.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/354?url=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&ref=
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.136.108 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-136-108.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: d74430c6c02b1f752d521694f0e346b93b9eddd6cf39f53015abe27fbecf301f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
server: nginx/1.18.0
content-length: 3379
content-type: application/javascript

POST
H2 200 carb_placement Show response
www.postfun.com/events2/topic/ 0
177 B 175ms
174ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/carb_placement
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 174ms
174ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 175ms
174ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 173ms
173ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H2 200 hive_fb_pixel Show response
www.postfun.com/events2/topic/ 0
177 B 508ms
507ms XHR
text/plain 104.92.81.94
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.postfun.com/events2/topic/hive_fb_pixel
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/extended_intermediate_header.js?ver=1638312606
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.81.94 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-94.deploy.static.akamaitechnologies.com
Software: akka-http/10.0.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/basketball/these-nba-players-are-working-9-5-jobs-since-retiring/?utm_source=tb&utm_medium=msn-msn-home-tb&utm_content=3056256962&utm_campaign=14664189-tb&utm_cpc=-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ=&tblci=GiD6x_f6YEJcfZSyDZ&chrome=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: akka-http/10.0.3
access-control-allow-origin: https://www.postfun.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 286 KB
81 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=34c7acae0335f6af8dadd205bade9d25

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b4dc13dc644c41fff30da814b78b35bd07d270a01e3fcbf58fbe484b94ea975b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.postfun.com/
Origin: https://www.postfun.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: TY9cQ49hcInDfcevUk3ebA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82786
x-fb-rlafr: 0
x-fb-debug: pKTNZyVdx1T4MoAViKYf5YRJaqCg7TicoIvgMl5c4IIwjVVp4FYmyExpDRNNrTQiUVzu1xE90aXmgOfCU9VKXA==
x-fb-content-md5: 82c8bcb16751086b8d677d37dab14494
x-frame-options: DENY
date: Tue, 07 Dec 2021 02:49:07 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "97b2a989c6a72a5e989659d47a1814fc"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 07 Dec 2022 01:18:48 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: lkrOtCR8T6R8GKDd9aQDIg1b32nn+koAozfBt7wnYcqzGeftzfE56JcflQ2sRopBSjXwd676Qs1mLrgYJDQ51A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 07 Dec 2021 02:49:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 353329068859326 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 78ms
69ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/353329068859326?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9bbac6ecbcbd46820ae9165f18bb5ad8e58a243850e838d0680bb50e0b7b229

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: dT1WI/6pgTkTioOispGYTblD0MIdjM1qcG7jrs0KJBUEtyWGmHWimLH5WDKVj439dbVQ7XkbYQdqc6UY1k5oIA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 07 Dec 2021 02:49:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

/
www.facebook.com/login/ Frame 1CA6
Redirect Chain

https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9d8b219d7e198%26d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fcon...

0
0

102ms
92ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df9d8b219d7e198%2526domain%253Dwww.postfun.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.postfun.com%25252Ff6aab08844b7c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26hide_cta%3Dtrue%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252FPostFun%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=34c7acae0335f6af8dadd205bade9d25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: Wg7qY0rgQ1HuDqV3pTM9JODx6m3auORhr3HU+wZ++Q9oZUw6qaUC3b7/VgHIKA7JZKfZmB2mzY37h0wQghZQvw==
date: Tue, 07 Dec 2021 02:49:07 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df9d8b219d7e198%2526domain%253Dwww.postfun.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.postfun.com%25252Ff6aab08844b7c%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26hide_cta%3Dtrue%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252FPostFun%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D300
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v5.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 1eS4wFNbA4ENjvG/UeNkMw1J48aBYUrS7yEDUW+qhc5q+SDSAqO0vx5jcgGkA5fWztdi+grEj+Mc5HyWW5rj9Q==
content-length: 0
date: Tue, 07 Dec 2021 02:49:07 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 756416304915569 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 68ms
68ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/756416304915569?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

89082227eb43e2295815f3f62d29cdc5f806cfef98416d0b88539131f79b5af5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: gMcWNRz0pz+po59cjqU1JBqf4PYdLtS28N0w8IeMepX6qtrsSmMdbC618+OqGtwpfxkKevPi3YbdFbbfdj8kwA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 07 Dec 2021 02:49:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
340 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=353329068859326&ev=PageView&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845347471&sw=1600&sh=1200&ud[external_id]=2d69fa0fe3f07cfe5f99e45bbf655a0a40623cc715c4bfe573ccc910c5e2bd07&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&eid=5a5b78fb-caf9-45c9-9584-bf14d10b5151_1638845347298&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=353329068859326&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845347473&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=2d69fa0fe3f07cfe5f99e45bbf655a0a40623cc715c4bfe573ccc910c5e2bd07&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&eid=587aad34-97c2-43d7-8239-2d5594a24477_1638845347299&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=353329068859326&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845347475&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=2d69fa0fe3f07cfe5f99e45bbf655a0a40623cc715c4bfe573ccc910c5e2bd07&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&eid=b48b90fb-6a9b-44d3-881c-bad4f4c328cf_1638845347302&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/ 0
145 B 125ms
31ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/postback?oz_pl=1&dm=1600x1200&dt=4869511559931891252000&ti=6c826cd7-c979-4ff8-b2a3-aed8e6d2cbbc&c1=14664189-tb&c2=tb&gt=DE&ui=1c9a7f65-b410-42e3-ada7-65b134ade33f&di=www.postfun.com&c3=msn-msn-home-tb&de=2&ci=486951&_x=1
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/486951/analytics.js?dt=4869511559931891252000&ti=6c826cd7-c979-4ff8-b2a3-aed8e6d2cbbc&ui=1c9a7f65-b410-42e3-ada7-65b134ade33f&di=www.postfun.com&c1=14664189-tb&c2=tb&c3=msn-msn-home-tb&de=2&gt=DE&dm=1600x1200
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Dec 2021 02:49:07 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.hmstats.com/2/2.42.0/ 154 KB
48 KB 29ms
29ms Script
text/javascript 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.hmstats.com/2/2.42.0/main.js

Requested by

Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/486951/analytics.js?dt=4869511559931891252000&ti=6c826cd7-c979-4ff8-b2a3-aed8e6d2cbbc&ui=1c9a7f65-b410-42e3-ada7-65b134ade33f&di=www.postfun.com&c1=14664189-tb&c2=tb&c3=msn-msn-home-tb&de=2&gt=DE&dm=1600x1200

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-93-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

537af3e7035e7f334c4414cf45d25f378f279843c35eeb375675639f24202ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 02:49:07 GMT
Content-Encoding: br
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 48512
Expires: Thu, 14 Aug 2053 21:30:25 GMT

GET
H3 200 142192547407081 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 69ms
69ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/142192547407081?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cf5926114e876f2c89a01dff181af963f57e14fe1df703045d8c024400466007

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: qC1oAc9cKKocmRRnOPGtHARdttiRFVqD66XOiXPS090FiqmrvavxSj4Ud2b3aLeIvvvnw0y6O1bYardtR8BOKw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 07 Dec 2021 02:49:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=756416304915569&ev=PageView&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845347560&sw=1600&sh=1200&ud[external_id]=2d69fa0fe3f07cfe5f99e45bbf655a0a40623cc715c4bfe573ccc910c5e2bd07&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&eid=8994dcba-2fbd-4aae-b5a6-c793b1580956_1638845347304&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=353329068859326&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845347560&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=2d69fa0fe3f07cfe5f99e45bbf655a0a40623cc715c4bfe573ccc910c5e2bd07&v=2.9.48&r=stable&ec=3&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&eid=755a0186-decc-4489-9e38-48d7c2ddd552_1638845347305&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=756416304915569&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845347561&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=2d69fa0fe3f07cfe5f99e45bbf655a0a40623cc715c4bfe573ccc910c5e2bd07&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&eid=755a0186-decc-4489-9e38-48d7c2ddd552_1638845347305&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/ 0
145 B 30ms
30ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/postback?oz_pl=1&dm=1600x1200&dt=4869511559931891252000&ti=6c826cd7-c979-4ff8-b2a3-aed8e6d2cbbc&c1=14664189-tb&c2=tb&gt=DE&ui=1c9a7f65-b410-42e3-ada7-65b134ade33f&di=www.postfun.com&c3=msn-msn-home-tb&de=2&ci=486951&_x=1
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/486951/analytics.js?dt=4869511559931891252000&ti=6c826cd7-c979-4ff8-b2a3-aed8e6d2cbbc&ui=1c9a7f65-b410-42e3-ada7-65b134ade33f&di=www.postfun.com&c1=14664189-tb&c2=tb&c3=msn-msn-home-tb&de=2&gt=DE&dm=1600x1200
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Dec 2021 02:49:07 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/ 0
145 B 51ms
30ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/postback?dm=1600x1200&dt=4869511559931891252000&ti=6c826cd7-c979-4ff8-b2a3-aed8e6d2cbbc&c1=14664189-tb&c2=tb&gt=DE&ui=1c9a7f65-b410-42e3-ada7-65b134ade33f&di=www.postfun.com&c3=msn-msn-home-tb&de=2&ci=486951&sid=APIaX9sIEPIZSXgQ&oz_sc=fb655d76fdab4c28476e9f62&oz_df=1638845347617&oz_l=370&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.42.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Dec 2021 02:49:07 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 507904799972713 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 67ms
66ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/507904799972713?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a2234e62f9f4f714bd6e6fc3e8b65aaeac70fa57b670274528e472c3f2dd35dc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 7sKyb+ZF64z0HDkCj2S4ARW18FgEck7YcFF3zx3wMB3VygmV0EYfLnLDx5HoNly01aUihnzlBoV3DYqPXsZH2g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 07 Dec 2021 02:49:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=142192547407081&ev=PageView&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845347680&sw=1600&sh=1200&ud[external_id]=2d69fa0fe3f07cfe5f99e45bbf655a0a40623cc715c4bfe573ccc910c5e2bd07&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&eid=498228e7-6bc6-4a9d-8202-3c370e7260e8_1638845347307&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=353329068859326&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845347681&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=2d69fa0fe3f07cfe5f99e45bbf655a0a40623cc715c4bfe573ccc910c5e2bd07&v=2.9.48&r=stable&ec=4&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&eid=f3a04058-668b-494d-b42a-1081c494fd06_1638845347308&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=756416304915569&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845347682&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=2d69fa0fe3f07cfe5f99e45bbf655a0a40623cc715c4bfe573ccc910c5e2bd07&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&eid=f3a04058-668b-494d-b42a-1081c494fd06_1638845347308&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=142192547407081&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845347683&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=2d69fa0fe3f07cfe5f99e45bbf655a0a40623cc715c4bfe573ccc910c5e2bd07&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&eid=f3a04058-668b-494d-b42a-1081c494fd06_1638845347308&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
BLOB 200
OK fb019e54-4d5b-4e62-830b-6b4f4f0489e5
https://www.postfun.com/ Frame 5769 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.postfun.com/fb019e54-4d5b-4e62-830b-6b4f4f0489e5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

GET
H3 200 252336382657754 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 67ms
67ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/252336382657754?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

869234019eb34d15b2dbb218719491fefae65f17cf1103eb6355da24783f6dc7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: WtxQWcjc8j0WlzUzZ+5A+CKBM8bS4NVqA6hpwt3wX/hPYeyaK4YN0t+kQyjlQfX2AjAUeifkR/iNjytiA3W7lQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 07 Dec 2021 02:49:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=507904799972713&ev=PageView&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845347764&sw=1600&sh=1200&ud[external_id]=2d69fa0fe3f07cfe5f99e45bbf655a0a40623cc715c4bfe573ccc910c5e2bd07&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&eid=59efa5b7-4bb1-4cd8-86c9-4bca29d431dc_1638845347311&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=353329068859326&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845347764&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=2d69fa0fe3f07cfe5f99e45bbf655a0a40623cc715c4bfe573ccc910c5e2bd07&v=2.9.48&r=stable&ec=5&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&eid=bb458e57-c93b-4225-a569-1951c877ee86_1638845347312&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 10ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=756416304915569&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845347765&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=2d69fa0fe3f07cfe5f99e45bbf655a0a40623cc715c4bfe573ccc910c5e2bd07&v=2.9.48&r=stable&ec=3&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&eid=bb458e57-c93b-4225-a569-1951c877ee86_1638845347312&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 73ms
72ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=142192547407081&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845347765&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=2d69fa0fe3f07cfe5f99e45bbf655a0a40623cc715c4bfe573ccc910c5e2bd07&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&eid=bb458e57-c93b-4225-a569-1951c877ee86_1638845347312&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=507904799972713&ev=PageValue&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845347766&cd[currency]=USD&cd[page]=1&cd[value]=0&cd[total_value]=0&sw=1600&sh=1200&ud[external_id]=2d69fa0fe3f07cfe5f99e45bbf655a0a40623cc715c4bfe573ccc910c5e2bd07&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&eid=bb458e57-c93b-4225-a569-1951c877ee86_1638845347312&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/ 0
145 B 61ms
61ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/postback?dm=1600x1200&dt=4869511559931891252000&ti=6c826cd7-c979-4ff8-b2a3-aed8e6d2cbbc&c1=14664189-tb&c2=tb&gt=DE&ui=1c9a7f65-b410-42e3-ada7-65b134ade33f&di=www.postfun.com&c3=msn-msn-home-tb&de=2&ci=486951&sid=APIaX9sIEPIZSXgQ&oz_sc=fb655d76fdab4c28476e9f62&oz_df=1638845347801&oz_l=15262&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.42.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Dec 2021 02:49:07 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 haloid Show response
aufp.io/api/v1/ 6 KB
3 KB 532ms
174ms Script
application/javascript 54.187.25.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/354?url=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.25.111 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-25-111.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:08 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 01:54:08 GMT
server: nginx/1.18.0
etag: W/"1638842048.0-6132-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
origin-trial: A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Tue, 07 Dec 2021 14:49:08 GMT

GET
H2 200 354 Show response
p.ad.gt/api/v1/p/ 25 KB
8 KB 560ms
188ms Script
text/html 54.187.25.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/354
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/354?url=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.25.111 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-25-111.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 587e4115909190b558d6542a6a6ebc8faeb19edd3e21b732b38c9aec3d36f185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:08 GMT
content-encoding: gzip
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17&adnxs_id=$UID
https://ids.ad.gt/api/v1/match?id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17&adnxs_id=4946990725677477747

43 B
565 B

496ms
185ms

Image
image/gif

34.211.237.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17&adnxs_id=4946990725677477747
Protocol: H2
Server: 34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:08 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 07 Dec 2021 14:49:08 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 02:49:07 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6e05f7ad-dc59-47dc-8e10-dc20e69ee3c5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17&adnxs_id=4946990725677477747
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=a1fe1406-4ec8-4c8c-a289-1f79043d6f17
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=a1fe1406-4ec8-4c8c-a289-1f79043d6f17
https://ids.ad.gt/api/v1/t_match?tdid=85f4d67c-3ab3-450c-b420-539570656946&id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17

43 B
570 B

392ms
183ms

Image
image/gif

34.211.237.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=85f4d67c-3ab3-450c-b420-539570656946&id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17
Protocol: H2
Server: 34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:08 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 07 Dec 2021 14:49:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=85f4d67c-3ab3-450c-b420-539570656946&id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Da1fe1406-4ec8-4c8c-a289-1f79043d6f17
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Da1fe1406-4ec8-4c8c-a289-1f79043d6f17
https://ids.ad.gt/api/v1/pbm_match?pbm=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE&id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17

43 B
572 B

595ms
334ms

Image
image/gif

34.211.237.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE&id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17
Protocol: H2
Server: 34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:08 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 07 Dec 2021 14:49:08 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE&id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17
date: Tue, 07 Dec 2021 02:49:07 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17&google_tc=
https://ids.ad.gt/api/v1/g_match?id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17&google_gid=CAESEFdRLy1PsUHQyohjGGDyLf0&google_cver=1&google_ula=450542624,0

43 B
571 B

596ms
334ms

Image
image/gif

34.211.237.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17&google_gid=CAESEFdRLy1PsUHQyohjGGDyLf0&google_cver=1&google_ula=450542624,0
Protocol: H2
Server: 34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:08 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 07 Dec 2021 14:49:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17&google_gid=CAESEFdRLy1PsUHQyohjGGDyLf0&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=YTFmZTE0MDYtNGVjOC00YzhjLWEyODktMWY3OTA0M2Q2ZjE3

170 B
188 B

19ms
19ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=YTFmZTE0MDYtNGVjOC00YzhjLWEyODktMWY3OTA0M2Q2ZjE3

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=YTFmZTE0MDYtNGVjOC00YzhjLWEyODktMWY3OTA0M2Q2ZjE3
date: Tue, 07 Dec 2021 02:49:08 GMT
server: nginx/1.18.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H2

200

mediamath_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3Da1fe1406-4ec8-4c8c-a289-1f79043d6f17
https://ids.ad.gt/api/v1/mediamath_match?user_id=20ed61ae-cba3-4900-bb52-7cc570c2c565&id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17

43 B
482 B

632ms
335ms

Image
image/gif

34.211.237.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/mediamath_match?user_id=20ed61ae-cba3-4900-bb52-7cc570c2c565&id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17
Protocol: H2
Server: 34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:08 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 07 Dec 2021 14:49:08 GMT

Redirect headers

Date: Tue, 07 Dec 2021 02:49:07 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x30 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ids.ad.gt/api/v1/mediamath_match?user_id=20ed61ae-cba3-4900-bb52-7cc570c2c565&id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 07 Dec 2021 02:49:06 GMT

GET
H2

200

unruly
ids.ad.gt/api/v1/
Redirect Chain

https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Da1fe1406-4ec8-4c8c-a289-1f79043d6f17%26unruly_id%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/audigent/0?zcc=1&dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Da1fe1406-4ec8-4c8c-a289-1f79043d6f17%26unruly_id%3D%5BRX_UUID%5D&cb=1638845347894
https://sync.targeting.unrulymedia.com/csync/RX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Da1fe1406-4ec8-4c8c-a289-1f79043d6f17%26unruly_id%3D...
https://ids.ad.gt/api/v1/unruly?id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17&unruly_id=RX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003

43 B
489 B

422ms
183ms

Image
image/gif

34.211.237.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/unruly?id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17&unruly_id=RX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003
Protocol: H2
Server: 34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:08 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 07 Dec 2021 14:49:08 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/unruly?id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17&unruly_id=RX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003
date: Tue, 07 Dec 2021 02:49:07 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX043d6d669e7a4f06b461e21e0c63d7bb003
content-type: text/html

GET
H2 200 cm
trc.taboola.com/sg/audigent/1/ 43 B
173 B 21ms
14ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3Da1fe1406-4ec8-4c8c-a289-1f79043d6f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Tue, 07 Dec 2021 02:49:07 GMT
via: 1.1 varnish
server: nginx
x-timer: S1638845348.859328,VS0,VE8
x-served-by: cache-hhn4077-HHN
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 2861483040748117 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 67ms
66ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2861483040748117?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0924e6ae85bbf093056ea4960d428569c4228385e29cb0bbda7028439050561e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 22NZKgpg3UUouZgTIoqtrCvbJOc0BcMmPZ1G9ua1IoPWxyP5sHgcMI/2rJ7pkCDmNgCHc4WSDYQTsajxnrXNmA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 07 Dec 2021 02:49:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=252336382657754&ev=PageView&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845347852&sw=1600&sh=1200&ud[external_id]=2d69fa0fe3f07cfe5f99e45bbf655a0a40623cc715c4bfe573ccc910c5e2bd07&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&eid=5574137d-44c0-4a01-9927-ffe5610a411b_1638845347313&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 07 Dec 2021 02:49:07 GMT

GET
DATA 200
OK truncated Show response
/ Frame 102D 13 B
13 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: text/html;charset=utf-8

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2861483040748117&ev=PageView&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845347937&sw=1600&sh=1200&ud[external_id]=2d69fa0fe3f07cfe5f99e45bbf655a0a40623cc715c4bfe573ccc910c5e2bd07&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&eid=fbff88f3-e681-481d-a670-bd4fdb011c23_1638845347315&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 07 Dec 2021 02:49:07 GMT

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/ 0
145 B 30ms
30ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/postback?dm=1600x1200&dt=4869511559931891252000&ti=6c826cd7-c979-4ff8-b2a3-aed8e6d2cbbc&c1=14664189-tb&c2=tb&gt=DE&ui=1c9a7f65-b410-42e3-ada7-65b134ade33f&di=www.postfun.com&c3=msn-msn-home-tb&de=2&ci=486951&sid=APIaX9sIEPIZSXgQ&oz_sc=fb655d76fdab4c28476e9f62&oz_df=1638845347955&oz_l=226&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.42.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Dec 2021 02:49:07 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H3 200 / Show response
www.facebook.com/tr/ Frame C34B 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.postfun.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.postfun.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 07 Dec 2021 02:49:07 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame DB90 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.postfun.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.postfun.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 07 Dec 2021 02:49:08 GMT

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/ 0
145 B 31ms
30ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/postback?dm=1600x1200&dt=4869511559931891252000&ti=6c826cd7-c979-4ff8-b2a3-aed8e6d2cbbc&c1=14664189-tb&c2=tb&gt=DE&ui=1c9a7f65-b410-42e3-ada7-65b134ade33f&di=www.postfun.com&c3=msn-msn-home-tb&de=2&ci=486951&sid=APIaX9sIEPIZSXgQ&oz_sc=fb655d76fdab4c28476e9f62&oz_df=1638845348110&oz_l=1037&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.42.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Dec 2021 02:49:07 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 8cf53b78-ef75-4c8d-924a-12805dc3717c
https://www.postfun.com/ 773 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.postfun.com/8cf53b78-ef75-4c8d-924a-12805dc3717c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ad142d89bfb17e68387ca8ecefb3850d8459d676c8f851aab1a2d67d9ab7b0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 773

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6C6D 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.postfun.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.postfun.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 07 Dec 2021 02:49:08 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 7ABA 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.postfun.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.postfun.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 07 Dec 2021 02:49:08 GMT

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/ 0
145 B 31ms
31ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/postback?dm=1600x1200&dt=4869511559931891252000&ti=6c826cd7-c979-4ff8-b2a3-aed8e6d2cbbc&c1=14664189-tb&c2=tb&gt=DE&ui=1c9a7f65-b410-42e3-ada7-65b134ade33f&di=www.postfun.com&c3=msn-msn-home-tb&de=2&ci=486951&sid=APIaX9sIEPIZSXgQ&oz_sc=fb655d76fdab4c28476e9f62&oz_df=1638845348261&oz_l=6821&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.42.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Dec 2021 02:49:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8618 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.postfun.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.postfun.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 07 Dec 2021 02:49:08 GMT

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
651 B 181ms
180ms Image
image/gif 34.211.237.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=a1fe1406-4ec8-4c8c-a289-1f79043d6f17&halo_id=0200kuhica07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:08 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Tue, 07 Dec 2021 14:49:08 GMT

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
344 B 534ms
170ms Script
text/plain 52.89.213.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=68bac34bd88fa62e81174dd648da81f9&url=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/354
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.213.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-213-37.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 02:49:08 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3 200 1853083501571805 Show response
connect.facebook.net/signals/config/ 308 KB
89 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d358ffaf0d76ff2acc41f17cb874a7a03fa6fa502936b48c4de3eab79752d32

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 90731
x-xss-protection: 0
pragma: public
x-fb-debug: wfZPgxPmTc39+U1vnn3jbHOMEJndXRNdIvFmYlPfdgRUsdFR8yAegDg6RrqhBkbUmDKxDWW4IeA+9hSObDF6+g==
x-frame-options: DENY
date: Tue, 07 Dec 2021 02:49:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1139
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 07 Dec 2021 03:30:09 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:40:49 GMT
x-content-type-options: nosniff
age: 499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2779
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 07 Dec 2021 03:40:49 GMT

GET
H2 200 cm
u.openx.net/w/1.0/ 43 B
131 B 31ms
16ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0200kuhica07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3Da1fe1406-4ec8-4c8c-a289-1f79043d6f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:08 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/ 0
145 B 31ms
31ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/postback?dm=1600x1200&dt=4869511559931891252000&ti=6c826cd7-c979-4ff8-b2a3-aed8e6d2cbbc&c1=14664189-tb&c2=tb&gt=DE&ui=1c9a7f65-b410-42e3-ada7-65b134ade33f&di=www.postfun.com&c3=msn-msn-home-tb&de=2&ci=486951&sid=APIaX9sIEPIZSXgQ&oz_sc=fb655d76fdab4c28476e9f62&oz_df=1638845348418&oz_l=4098&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.42.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Dec 2021 02:49:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fwww.postfun.com%2Fbasketball%2Fthese-nba-players-are-working-9-5-jobs-since-retiring%2F%3Futm_source%3Dtb%26utm_medium%3Dmsn-msn-home-tb%26utm_content%3D3056256962%26utm_campaign%3D14664189-tb%26utm_cpc%3D-XYxzLpPIsU0_WVigimiSQkZJxJhFXITDvtGKVw0zVQ%3D%26tblci%3DGiD6x_f6YEJcfZSyDZ%26chrome%3D1&rl=&if=false&ts=1638845348437&cd[partner_id]=354&cd[tagger_id]=68bac34bd88fa62e81174dd648da81f9&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638845347470.1202371439&it=1638845347337&coo=false&dpo=&tm=1&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 07 Dec 2021 02:49:08 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 1021 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.postfun.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.postfun.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 07 Dec 2021 02:49:08 GMT

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/ 0
145 B 31ms
30ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/postback?dm=1600x1200&dt=4869511559931891252000&ti=6c826cd7-c979-4ff8-b2a3-aed8e6d2cbbc&c1=14664189-tb&c2=tb&gt=DE&ui=1c9a7f65-b410-42e3-ada7-65b134ade33f&di=www.postfun.com&c3=msn-msn-home-tb&de=2&ci=486951&sid=APIaX9sIEPIZSXgQ&oz_sc=fb655d76fdab4c28476e9f62&oz_df=1638845348578&oz_l=3206&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.42.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Dec 2021 02:49:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 81F6 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.postfun.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.postfun.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 07 Dec 2021 02:49:08 GMT

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 5C62 668 B
728 B 30ms
20ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=0
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/prebid.js?ver=1638818615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 9875b9cc0672adaee70f87b3aa98dc40deb2ac1684fb6ce721131858dbe3c482

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.221.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 07 Dec 2021 02:49:10 GMT
content-type: text/html
content-length: 417
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

bsync Show response
visitor.omnitagjs.com/visitor/ Frame 5E85
Redirect Chain

https://sync.spotim.market/csync?redir=https://visitor.omnitagjs.com/visitor/bsync?uid={uid}&name=PrebidServer&gdpr_consent_string={gdpr_consent}&gdpr={gdpr}&us_privacy={us_privacy}
https://visitor.omnitagjs.com/visitor/bsync?uid=a2f4646f0e2874d3

0
158 B

70ms
23ms

Document
text/plain

185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor.omnitagjs.com/visitor/bsync?uid=a2f4646f0e2874d3

Requested by

Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/prebid.js?ver=1638818615

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Accept-Encoding
x-content-type-options: nosniff
date: Tue, 07 Dec 2021 02:49:11 GMT
content-length: 0
x-envoy-upstream-service-time: 0
server: ayl-lb-fra02

Redirect headers

Server: VertaMedia 1.0
Date: Tue, 07 Dec 2021 02:49:11 GMT
Content-Length: 0
Etag: a2f4646f0e2874d3
Location: https://visitor.omnitagjs.com/visitor/bsync?uid=a2f4646f0e2874d3

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D65E 14 KB
5 KB 70ms
20ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/prebid.js?ver=1638818615
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=88475
expires: Wed, 08 Dec 2021 03:23:45 GMT
date: Tue, 07 Dec 2021 02:49:10 GMT
vary: Accept-Encoding

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 3CF8
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

8ms
8ms

Document
text/html

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/prebid.js?ver=1638818615
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 723d96e56379246e99aede7ade615f114e9cf2a95c105df46af8935e650146c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
content-type: text/html; charset=utf-8
content-length: 463
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Tue, 07 Dec 2021 02:49:10 GMT
content-length: 0
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

csync Show response
sync.spotim.market/ Frame 9297
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID
https://sync.spotim.market/csync?t=a&ep=323548&extuid=4946990725677477747

0
386 B

1505ms
255ms

Document
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.spotim.market/csync?t=a&ep=323548&extuid=4946990725677477747
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/prebid.js?ver=1638818615
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

Server: VertaMedia 1.0
Date: Tue, 07 Dec 2021 02:49:11 GMT
Content-Length: 0
Etag: a2f4646f0e2874d3

Redirect headers

Server: nginx/1.17.9
Date: Tue, 07 Dec 2021 02:49:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.spotim.market/csync?t=a&ep=323548&extuid=4946990725677477747
AN-X-Request-Uuid: 91809824-7eb3-43f6-b6c8-7c1f1416177c
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 8E6D 0
0 42ms
14ms Document
text/plain 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13416134
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/prebid.js?ver=1638818615
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

Server: nginx
Date: Tue, 07 Dec 2021 02:49:10 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap2ams1

GET
H2 200 136 Show response
match.deepintent.com/usersync/ Frame 2759 0
44 B 343ms
110ms Document
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/136?id=unk&gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D462323%26extuid%3D
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/prebid.js?ver=1638818615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

content-length: 0
date: Tue, 07 Dec 2021 02:49:10 GMT
server: a

GET
H/1.1 200
OK usermatchredir Show response
ssum-sec.casalemedia.com/ Frame 86C5 43 B
315 B 585ms
98ms Document
image/gif 2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=%20190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
Requested by: Host: www.postfun.com
URL: https://www.postfun.com/wp-content/plugins/outrigger/scripts/vendor/BV/prebid.js?ver=1638818615
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/

Response headers

Server: Apache
Content-Type: image/gif
Vary: Is-Traffic-Usersync
Content-Length: 43
Expires: Tue, 07 Dec 2021 02:49:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 07 Dec 2021 02:49:10 GMT
Connection: keep-alive

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5134455419715221554

49 B
513 B

19ms
18ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5134455419715221554

Protocol

HTTP/1.1

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 02:49:10 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5134455419715221554
Date: Tue, 07 Dec 2021 02:49:10 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

csync
sync.spotim.market/
Redirect Chain

https://prebidtest.zemanta.com/usersync/prebidtest?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D509691%26extuid%3D%24%7...
https://sync.spotim.market/csync?t=a&ep=509691&extuid=${UID}&gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}

0
373 B

994ms
255ms

Image
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.spotim.market/csync?t=a&ep=509691&extuid=${UID}&gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 02:49:11 GMT
Server: VertaMedia 1.0
Etag: a2f4646f0e2874d3
Content-Length: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=utf-8
location: https://sync.spotim.market/csync?t=a&ep=509691&extuid=${UID}&gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6b9a706feb280e06-MXP
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=1f8476eb-12db-48e8-8a7b-70f627cd680e&google_hm=MWY4NDc2ZWItMTJkYi00OGU4LThhN2ItNzBmNjI3Y2Q2ODBl
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPtkqLPng8vOthjvz1K9BMo&google_cver=1&ssp=sonobi&bsw_param=1f8476eb-12db-48e8-8a7b-70f627cd680e
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=1f8476eb-12db-48e8-8a7b-70f627cd680e

49 B
509 B

14ms
14ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=1f8476eb-12db-48e8-8a7b-70f627cd680e

Protocol

HTTP/1.1

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 02:49:10 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=1f8476eb-12db-48e8-8a7b-70f627cd680e
Date: Tue, 07 Dec 2021 02:49:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=20ed61ae-cba3-4900-bb52-7cc570c2c565

49 B
509 B

74ms
13ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=20ed61ae-cba3-4900-bb52-7cc570c2c565

Protocol

HTTP/1.1

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 02:49:10 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 07 Dec 2021 02:49:10 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x13 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=20ed61ae-cba3-4900-bb52-7cc570c2c565
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 07 Dec 2021 02:49:09 GMT

GET
H/1.1

200
OK

usg.gif
sync.go.sonobi.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Mzg0MzljZmUtNzNjZC00Zjg5LTkwMWEtNDJmZDRiOWFiMTQx
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEKXTHna6n5ZGaNHJf2bSNXU&google_cver=1

49 B
509 B

72ms
13ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usg.gif?google_gid=CAESEKXTHna6n5ZGaNHJf2bSNXU&google_cver=1

Protocol

HTTP/1.1

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 02:49:10 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.go.sonobi.com/usg.gif?google_gid=CAESEKXTHna6n5ZGaNHJf2bSNXU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

csync
sync.spotim.market/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
https://sync.spotim.market/csync?t=a&ep=323551&extuid=4d4d8792758de91c53e79d87

0
391 B

1501ms
255ms

Image
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.spotim.market/csync?t=a&ep=323551&extuid=4d4d8792758de91c53e79d87
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 02:49:11 GMT
Server: VertaMedia 1.0
Etag: a2f4646f0e2874d3
Content-Length: 0

Redirect headers

Date: Tue, 07 Dec 2021 02:49:10 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.spotim.market/csync?t=a&ep=323551&extuid=4d4d8792758de91c53e79d87
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

rtset
bh.contextweb.com/bh/
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=38439cfe-73cd-4f89-901a-42fd4b9ab141&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=N3NaNUJZblRpdlo3bFpPMElDSmw4UQ&gdpr=&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFwaXDwenFOJUNshwEyo-Ws&google_cver=1

49 B
332 B

101ms
100ms

Image
image/gif

198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFwaXDwenFOJUNshwEyo-Ws&google_cver=1

Protocol

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: de-DE
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-5f8c54984-xzh7z
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFwaXDwenFOJUNshwEyo-Ws&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent

0
381 B

1402ms
255ms

Image
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 02:49:11 GMT
Server: VertaMedia 1.0
Etag: a2f4646f0e2874d3
Content-Length: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:09 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ 43 B
351 B 41ms
16ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ucv942b2ptr99ufemo676p4r838rqqdi

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=15a74ec6ff&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us.gif?nw=td&nuid=85f4d67c-3ab3-450c-b420-539570656946&pubid=15a74ec6ff

49 B
509 B

56ms
14ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=td&nuid=85f4d67c-3ab3-450c-b420-539570656946&pubid=15a74ec6ff

Protocol

HTTP/1.1

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.postfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 02:49:10 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.go.sonobi.com/us.gif?nw=td&nuid=85f4d67c-3ab3-450c-b420-539570656946&pubid=15a74ec6ff
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 227

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 5C62
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=20ed61ae-cba3-4900-bb52-7cc570c2c565

43 B
61 B

29ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=20ed61ae-cba3-4900-bb52-7cc570c2c565
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 07 Dec 2021 02:49:10 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x28 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=20ed61ae-cba3-4900-bb52-7cc570c2c565
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 07 Dec 2021 02:49:09 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5C62
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=OCIscG1xLCMjJikgOnVgdmsjdHQjI3gtPSM_r3Bd

43 B
106 B

17ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=OCIscG1xLCMjJikgOnVgdmsjdHQjI3gtPSM_r3Bd
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=OCIscG1xLCMjJikgOnVgdmsjdHQjI3gtPSM_r3Bd
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 5C62
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8231746660794167020

43 B
61 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8231746660794167020
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8231746660794167020
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 5C62 70 B
264 B 35ms
34ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=6741e24d-25a5-70c3-d285-6ba5f83b80f1&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 5C62 170 B
188 B 17ms
16ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGIyZTMxODctZWNkMi0yZTY3LWM3NjUtMzExYzMyZDk0ZTkx

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5C62
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPYl2A3JtYRHrzUxYVlZX7I&google_cver=1

43 B
114 B

24ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPYl2A3JtYRHrzUxYVlZX7I&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f60de073-c819-4b11-822a-b93701a28c65&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPYl2A3JtYRHrzUxYVlZX7I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D65E 5 KB
6 KB 68ms
13ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97277277&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 4969fd737773f4ea35432a238a098a4145206b26aea3480033da952ee3eab80b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:09 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3CF8 70 B
264 B 33ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame 3CF8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELrjo6oLE41z6WtsE1UjNOg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELrjo6oLE41z6WtsE1UjNOg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELrjo6oLE41z6WtsE1UjNOg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CF8
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA1NTU4OTU2MTk0MjU5MDk3MjI%3D

170 B
188 B

16ms
16ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA1NTU4OTU2MTk0MjU5MDk3MjI%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA1NTU4OTU2MTk0MjU5MDk3MjI%3D
date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 3CF8 0
812 B 484ms
169ms Image
text/plain 2620:119:50e7:101::9002:e05
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=10555895619425909722&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e7:101::9002:e05 San Francisco, United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-lor1
content-length: 0
x-li-uuid: JFAe4SlZvhZwMAsb5ioAAA==

GET
H2

200

xuid
eb2.3lift.com/ Frame 3CF8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/10555895619425909722?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-5PiWpWZE2oQrC_M_mMu0m2Cn6KzPlU4pphFr2idSOg--~A&dongle=0883

37 B
352 B

11ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-5PiWpWZE2oQrC_M_mMu0m2Cn6KzPlU4pphFr2idSOg--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Tue, 07 Dec 2021 02:49:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-5PiWpWZE2oQrC_M_mMu0m2Cn6KzPlU4pphFr2idSOg--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 3CF8 43 B
220 B 57ms
8ms Image
image/gif 18.194.4.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=10555895619425909722&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.4.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-4-47.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 02:49:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame 3CF8 42 B
594 B 81ms
32ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=10555895619425909722&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:09 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9D8EB03C7A9645ECAA4CF393D320BED7 Ref B: FRAEDGE1209 Ref C: 2021-12-07T02:49:10Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 3CF8
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=10555895619425909722
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=10555895619425909722&dcc=t

0
0

102ms
101ms

Image
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=10555895619425909722&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 02:49:10 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: KNYNKFHS6K4YCCD5HQVC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=10555895619425909722&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 3CF8
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

7ms
7ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Tue, 07 Dec 2021 02:49:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame 3CF8
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4771&xuid=7541914379559443183&dongle=d407

37 B
352 B

10ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=7541914379559443183&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=7541914379559443183&dongle=d407
pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 63B9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE

35 B
468 B

20ms
20ms

Document
image/gif

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 07 Dec 2021 02:49:10 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Tue, 07 Dec 2021 02:49:10 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 5559
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4815254603872434894

42 B
210 B

18ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4815254603872434894
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 07 Dec 2021 02:49:10 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug011:0:438
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4815254603872434894
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame D3E9 43 B
334 B 156ms
13ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 07 Dec 2021 02:49:09 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Tue, 07 Dec 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 277510

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0331
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7038787181459601555

42 B
211 B

34ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7038787181459601555
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 07 Dec 2021 02:49:10 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug009:0:428
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Tue, 07 Dec 2021 02:49:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7038787181459601555

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E209
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ya7LpgAKBVP5vgAz&gdpr=0&gdpr_consent=&_test=Ya7LpgAKBVP5vgAz

1 B
236 B

18ms
18ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ya7LpgAKBVP5vgAz&gdpr=0&gdpr_consent=&_test=Ya7LpgAKBVP5vgAz
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 07 Dec 2021 02:49:10 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: lhrpug004:0:477
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ya7LpgAKBVP5vgAz&gdpr=0&gdpr_consent=&_test=Ya7LpgAKBVP5vgAz
accept-ranges: bytes
date: Tue, 07 Dec 2021 02:49:10 GMT
via: 1.1 varnish
x-served-by: cache-hhn4059-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1638845351.629319,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 777B
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFyVmdVN0RYWmNBQUgyc2pIc0RGUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AArVgU7DXZcAAH2sjHsDFQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...

43 B
163 B

595ms
24ms

Document
image/gif

185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AArVgU7DXZcAAH2sjHsDFQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
content-type: image/gif
transfer-encoding: chunked

Redirect headers

Date: Tue, 07 Dec 2021 02:49:10 GMT
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AArVgU7DXZcAAH2sjHsDFQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8CD9
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8231100746
https://sync.1rx.io/usersync/tradedesk/85f4d67c-3ab3-450c-b420-539570656946
https://sync.targeting.unrulymedia.com/csync/RX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003

42 B
228 B

18ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 07 Dec 2021 02:49:10 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug006:0:452
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Tue, 07 Dec 2021 02:49:10 GMT
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003
etag: RX043d6d669e7a4f06b461e21e0c63d7bb003

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B9DB
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
88 B

18ms
18ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 07 Dec 2021 02:49:10 GMT
content-type: text/html; charset=utf-8
x-lat: lhrpug008:2:271
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length: 0
date: Tue, 07 Dec 2021 02:49:10 GMT
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame DF56
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=X21iblsnQN18-TWJYWmbZcEbDhg

42 B
219 B

18ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=X21iblsnQN18-TWJYWmbZcEbDhg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 07 Dec 2021 02:49:10 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug017:0:399
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Tue, 07 Dec 2021 02:49:10 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=X21iblsnQN18-TWJYWmbZcEbDhg
Content-Length: 159
Connection: keep-alive

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame E278
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3NHaNOmpjkOoVSql0xQMX8Jp

42 B
217 B

18ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3NHaNOmpjkOoVSql0xQMX8Jp
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 07 Dec 2021 02:49:10 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug018:0:376
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Tue, 07 Dec 2021 02:49:10 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3NHaNOmpjkOoVSql0xQMX8Jp
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame E2F9 43 B
408 B 155ms
13ms Document
image/gif 72.251.241.196
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Date: Tue, 07 Dec 2021 02:49:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-5
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2 404 dpe Show response
ad4m.at/ad/ Frame DAEB 15 B
915 B 87ms
39ms Document
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
content-type: text/plain; charset=utf-8
content-length: 15
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b9a7070fbb0f933-MXP

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame C1E2 43 B
279 B 120ms
24ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Vary: Accept-Encoding
X-adserver-worker: erebus-f830fa26bb47@version_1.362v2
Connection: close
X-server-arch: v2
Content-Type: image/gif
Content-Length: 43
X-core-time: 0ms
Date: Tue, 07 Dec 2021 02:49:10 GMT

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 16AA
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=23284b73-ea0c-4930-986b-5e58c1bc909b-tuct8a85126&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
53 B

16ms
15ms

Document
text/plain

151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=23284b73-ea0c-4930-986b-5e58c1bc909b-tuct8a85126&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Tue, 07 Dec 2021 02:49:10 GMT
via: 1.1 varnish
x-served-by: cache-hhn4077-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1638845351.523923,VS0,VE8
content-length: 0

Redirect headers

server: nginx
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=23284b73-ea0c-4930-986b-5e58c1bc909b-tuct8a85126&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Tue, 07 Dec 2021 02:49:10 GMT
via: 1.1 varnish
x-served-by: cache-hhn4077-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1638845351.505749,VS0,VE9
x-vcl-time-ms: 9
content-length: 0

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame D92A 0
407 B 1334ms
255ms Document
text/plain 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Server: VertaMedia 1.0
Date: Tue, 07 Dec 2021 02:49:11 GMT
Content-Length: 0
Etag: 1a93dbbefc8b22f1

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D65E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Js_F9vwmRfWBrcw-v3sI_g%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

20ms
19ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=88475
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Wed, 08 Dec 2021 03:23:45 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame D65E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=20ed61ae-cba3-4900-bb52-7cc570c2c565

0
260 B

69ms
14ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=20ed61ae-cba3-4900-bb52-7cc570c2c565
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 07 Dec 2021 02:49:10 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x28 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=20ed61ae-cba3-4900-bb52-7cc570c2c565
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 07 Dec 2021 02:49:09 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D65E
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=2d801dbde08aa8e01942fe6cba78b9b0
https://spl.zeotap.com/?zdid=1332&zcluid=efa6c9c55b2df06f
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ac88f6f5-2ef1-4089-5ba3-99f87c92b4f8&reqId=a8e4d257-4f93-44e8-6bb7-0f3a240e135f&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEMYD8fQSJP4EDvnOYwOiJWQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ac88f6f5-2ef1-4089-5ba3-99f87c92b4f8&reqId=a8e4d257-4f93-44e8-6bb7-0f3...

95 B
164 B

47ms
38ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEMYD8fQSJP4EDvnOYwOiJWQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ac88f6f5-2ef1-4089-5ba3-99f87c92b4f8&reqId=a8e4d257-4f93-44e8-6bb7-0f3a240e135f&zcluid=efa6c9c55b2df06f&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6b9a7072c8add600-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEMYD8fQSJP4EDvnOYwOiJWQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ac88f6f5-2ef1-4089-5ba3-99f87c92b4f8&reqId=a8e4d257-4f93-44e8-6bb7-0f3a240e135f&zcluid=efa6c9c55b2df06f&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D65E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjZDRkM1RjYtRkMyNi00NUY1LTgxQUQtQ0MzRUJGN0IwOEZF&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

19ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:329
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D65E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED7VVhxhvUk-mIY1Hcmpvyw&google_cver=1

42 B
283 B

19ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED7VVhxhvUk-mIY1Hcmpvyw&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:442
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED7VVhxhvUk-mIY1Hcmpvyw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame D65E 43 B
618 B 83ms
19ms Image
image/gif 169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 06 Dec 2021 02:49:10 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D65E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:20ed61ae-cba3-4900-bb52-7cc570c2c565&gdpr=0&gdpr_consent=

42 B
337 B

34ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:20ed61ae-cba3-4900-bb52-7cc570c2c565&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:351
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 07 Dec 2021 02:49:10 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x31 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:20ed61ae-cba3-4900-bb52-7cc570c2c565&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 07 Dec 2021 02:49:09 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D65E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=85f4d67c-3ab3-450c-b420-539570656946

42 B
295 B

26ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=85f4d67c-3ab3-450c-b420-539570656946
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:416
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=85f4d67c-3ab3-450c-b420-539570656946
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D65E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3820115528378156269

42 B
234 B

20ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3820115528378156269
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:475
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3820115528378156269
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D65E
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4946990725677477747&gdpr=0&gdpr_consent=

42 B
210 B

19ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4946990725677477747&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug022:0:427
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 02:49:10 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5e7e34b0-ee06-4ba3-bf49-3a7056e90462
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4946990725677477747&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D65E
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7v4M-butDKr1-gmp7KlA_73_VP31_1ik6__u4-Tm

42 B
486 B

20ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7v4M-butDKr1-gmp7KlA_73_VP31_1ik6__u4-Tm
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:389
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7v4M-butDKr1-gmp7KlA_73_VP31_1ik6__u4-Tm
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame D65E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5NIitN5E2uXj3DYhtlQ1hzSzOHUTZNU-~A&gdpr=0&gdpr_consent=

0
128 B

17ms
14ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5NIitN5E2uXj3DYhtlQ1hzSzOHUTZNU-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:09 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5NIitN5E2uXj3DYhtlQ1hzSzOHUTZNU-~A&gdpr=0&gdpr_consent=
date: Tue, 07 Dec 2021 02:49:10 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D65E 43 B
868 B 56ms
53ms Image
image/gif 2a05:d018:d29:3605:60e0:c53a:cd30:7167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:60e0:c53a:cd30:7167 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame D65E
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1f8476eb-12db-48e8-8a7b-70f627cd680e&ssp=pubmatic&gdpr=0&gdpr_consent=

43 B
324 B

46ms
15ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1f8476eb-12db-48e8-8a7b-70f627cd680e&ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1f8476eb-12db-48e8-8a7b-70f627cd680e&ssp=pubmatic&gdpr=0&gdpr_consent=
Date: Tue, 07 Dec 2021 02:49:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D65E
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7974259943787010799&gdpr=0&gdpr_consent=&us_privacy=

1 B
186 B

45ms
19ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7974259943787010799&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:508
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7974259943787010799&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame D65E 0
104 B 130ms
25ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D65E
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
203 B

19ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug021:0:310
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:09 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D65E
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ef653911-274c-4af5-8b07-b5b8dfca5dde&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
110 B

18ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ef653911-274c-4af5-8b07-b5b8dfca5dde&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug012:0:329
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ef653911-274c-4af5-8b07-b5b8dfca5dde&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Tue, 07 Dec 2021 02:49:10 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D65E
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4946990725677477747

42 B
111 B

18ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4946990725677477747
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:49:10 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:368
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 02:49:10 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f2e9f43b-cc54-4847-9eee-56c38ea172d6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4946990725677477747
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 d1ba4609
rtb.gumgum.com/getuid/ Frame D65E 35 B
238 B 107ms
30ms Image
image/gif 54.194.104.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 02:49:10 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame D65E 0
260 B 85ms
20ms Script
text/plain 185.64.190.81

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 02:35:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H/1.1 200
OK postback Show response
s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/ 0
145 B 32ms
31ms XHR
text/plain 34.243.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.hmstats.com/2/2.42.0/486951/APIaX9sIEPIZSXgQ/postback?dm=1600x1200&dt=4869511559931891252000&ti=6c826cd7-c979-4ff8-b2a3-aed8e6d2cbbc&c1=14664189-tb&c2=tb&gt=DE&ui=1c9a7f65-b410-42e3-ada7-65b134ade33f&di=www.postfun.com&c3=msn-msn-home-tb&de=2&ci=486951&sid=APIaX9sIEPIZSXgQ&oz_sc=fb655d76fdab4c28476e9f62&oz_df=1638845352883&oz_l=106&cv=3
Requested by: Host: s.update.hmstats.com
URL: https://s.update.hmstats.com/2/2.42.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.postfun.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Dec 2021 02:49:12 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

132 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 01:23:41	Name: sync Value: CgoIgQIQgoSultkvCgoI4gEQgoSultkvCgoI5gEQgoSultkvCgoIhwIQgoSultkvCgkICRCChK6W2S8KCQg6EIKErpbZLwoJCAsQgoSultkvCgoIjAIQgoSultkvCgoIzgEQgoSultkvCgkIXxCChK6W2S8=
www.postfun.com/	1970-01-25 20:31:23	Name: akaas_csplit Value: 2147483647~rv=77~id=4eb73d3f752cd6dbc35e403dd7f542c0
www.postfun.com/	1969-12-31 23:59:59	Name: akaclientip Value: 193.27.14.24
.postfun.com/	1970-01-29 23:12:38	Name: _pnvl Value: false
.postfun.com/	1970-01-29 23:12:38	Name: pushly.user_puuid Value: nA6KGlfN5qJZnEOFNyOVY0QxvkrEjnLO
.postfun.com/	1970-01-29 23:12:38	Name: _pndnt Value:
.postfun.com/	1970-01-20 16:45:17	Name: _ga Value: GA1.2.557766180.1638845346
.postfun.com/	1970-01-19 23:15:31	Name: _gid Value: GA1.2.964288077.1638845346
.postfun.com/	1970-01-19 23:15:31	Name: _pnfcps Value: 86400
.postfun.com/	1970-01-19 23:15:31	Name: _pnpcs Value: 1\|Wed, 08 Dec 2021 02:49:06 GMT
.postfun.com/	1970-01-29 23:12:38	Name: _pnlspid Value: 11752
.postfun.com/	1970-01-29 23:12:38	Name: _pnss Value: dismissed
.postfun.com/	1970-01-19 23:24:10	Name: _pnpdm Value: true
.postfun.com/	1970-01-19 23:14:05	Name: _gat Value: 1
.go.sonobi.com/	1970-01-19 23:57:17	Name: __uis Value: 38439cfe-73cd-4f89-901a-42fd4b9ab141
.go.sonobi.com/	1970-01-19 23:15:31	Name: _usd_postfun.com Value: 51575eda-a153-4300-9f7d-4f3615c53a3d
.go.sonobi.com/	1970-01-19 23:15:31	Name: __uir_td Value: 1
.go.sonobi.com/	1970-01-19 23:14:34	Name: __uir_bw Value: 1
.go.sonobi.com/	1970-01-19 23:35:41	Name: __uir_mm Value: 1
.go.sonobi.com/	1970-01-19 23:32:48	Name: __uir_pp Value: 1
.go.sonobi.com/	1970-01-19 23:32:48	Name: __uir_zt Value: 1
.go.sonobi.com/	1970-01-19 23:32:48	Name: __uir_eb Value: 1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB5A Value: s56128\|Ya7Lp
.lijit.com/	1970-01-20 07:59:41	Name: ljtrtb Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/	1970-01-20 07:59:41	Name: ljt_reader Value: 4d4d8792758de91c53e79d87
.adnxs.com/	1970-01-20 01:23:41	Name: icu Value: ChgI3ZVIEAoYASABKAEwope7jQY4AUABSAEQope7jQYYAA..
.adnxs.com/	1970-01-20 01:23:41	Name: uuid2 Value: 4946990725677477747
.openx.net/	1970-01-20 07:59:41	Name: i Value: b4eddd14-8c22-4f34-8853-a34d9c1cb30c\|1638845346
.postfun.com/	1970-01-20 01:23:41	Name: _fbp Value: fb.1.1638845347470.1202371439
.facebook.com/	1970-01-20 16:45:17	Name: sb Value: o8uuYRZxISplGEohzJ0T2lMj
.facebook.com/	1970-01-20 01:23:41	Name: fr Value: 0DSiVZNgMcRg8Djqg..Bhrsuj.US.AAA.0.0.Bhrsuj.AWVOK0evBV8
.ad.gt/	1970-01-20 16:45:17	Name: au_id Value: a1fe1406-4ec8-4c8c-a289-1f79043d6f17
.ad.gt/	1970-01-19 23:15:31	Name: au_idmatch Value: {"apn": "2021-12-07", "ttd": "2021-12-07", "pub": "2021-12-07", "adx": "2021-12-07", "halo": "2021-12-07", "goo": "2021-12-07", "mediamath": "2021-12-07", "unruly": "2021-12-07", "taboola": "2021-12-07"}
.mathtag.com/	1970-01-20 08:40:00	Name: uuid Value: 20ed61ae-cba3-4900-bb52-7cc570c2c565
.doubleclick.net/	1970-01-20 08:35:41	Name: IDE Value: AHWqTUlRisF6X6jk5_KIUourCeq5cIcimsupqxF9sOFXjcRwNDBQLtGu9u3ROEreLH8
.pubmatic.com/	1970-01-20 01:23:41	Name: KADUSERCOOKIE Value: 26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE
.adsrvr.org/	1970-01-20 07:59:41	Name: TDID Value: 85f4d67c-3ab3-450c-b420-539570656946
.targeting.unrulymedia.com/	1970-01-20 07:59:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003%22%7D
.ad.gt/	1970-01-20 16:45:17	Name: last_seeng_hosted Value: 1638845348290
.ad.gt/	1970-01-20 16:45:17	Name: g_hosted Value:
.ad.gt/	1970-01-20 16:45:17	Name: last_seenunruly Value: 1638845348303
.ad.gt/	1970-01-20 16:45:17	Name: unruly_id Value: RX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003
.ad.gt/	1970-01-20 16:45:17	Name: last_seentd Value: 1638845348303
.ad.gt/	1970-01-20 16:45:17	Name: tdid Value: 85f4d67c-3ab3-450c-b420-539570656946
.ad.gt/	1970-01-20 16:45:17	Name: first_seentd Value: 1638845348303
.ad.gt/	1970-01-20 16:45:17	Name: last_seenadnxs Value: 1638845348305
.ad.gt/	1970-01-20 16:45:17	Name: adnxs_id Value: 4946990725677477747
.ad.gt/	1970-01-20 16:45:17	Name: first_seenadnxs Value: 1638845348305
.ad.gt/	1970-01-20 16:45:17	Name: last_seenpbm Value: 1638845348307
.ad.gt/	1970-01-20 16:45:17	Name: pbm Value: 26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE
.ad.gt/	1970-01-20 16:45:17	Name: first_seenpbm Value: 1638845348307
.ad.gt/	1970-01-20 16:45:17	Name: last_seenadx Value: 1638845348307
.ad.gt/	1970-01-20 16:45:17	Name: google_gid Value: CAESEFdRLy1PsUHQyohjGGDyLf0
.ad.gt/	1970-01-20 16:45:17	Name: first_seenadx Value: 1638845348307
.ad.gt/	1970-01-20 16:45:17	Name: last_seenmediamath Value: 1638845348309
.ad.gt/	1970-01-20 16:45:17	Name: user_id Value: 20ed61ae-cba3-4900-bb52-7cc570c2c565
.ad.gt/	1970-01-20 16:45:17	Name: last_seenhaloid Value: 1638845348500
.ad.gt/	1970-01-20 16:45:17	Name: halo_id Value: 0200kuhica07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
.ad.gt/	1970-01-20 16:45:17	Name: first_seenhaloid Value: 1638845348500
.openx.net/	1970-01-19 23:35:41	Name: pd Value: v2\|1638845350\|gekin0vNiygu
.quantserve.com/	1970-01-20 08:44:19	Name: mc Value: 61aecba6-5d54f-ce09a-05830
.3lift.com/	1970-01-20 01:23:41	Name: tluid Value: 10555895619425909722
.ads.pubmatic.com/	1970-01-19 23:15:31	Name: KCCH Value: YES
.bidswitch.net/	1970-01-20 07:59:41	Name: tuuid Value: 1f8476eb-12db-48e8-8a7b-70f627cd680e
.bidswitch.net/	1970-01-20 07:59:41	Name: c Value: 1638845350
.bidswitch.net/	1970-01-20 07:59:41	Name: tuuid_lu Value: 1638845350
.pubmatic.com/	1970-01-20 01:23:41	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 23:15:31	Name: pi Value: 156813:3
.pubmatic.com/	1970-01-20 01:23:41	Name: DPSync3 Value: 1640044800%3A197_219_201%7C1638921600%3A174
.pubmatic.com/	1970-01-20 01:23:41	Name: SyncRTB3 Value: 1640131200%3A35%7C1639699200%3A63%7C1641427200%3A203%7C1640044800%3A54_99_230_204_220_81_234_233_222_7_161_56_165_21_3_71_166_238_13_55_189_8_22_88%7C1639440000%3A15_223_2
.bing.com/	1970-01-20 08:35:41	Name: MUID Value: 2BCC5A3A3A5F64B61ADE4B3C3B8D65DA
.quantserve.com/	1970-01-20 01:23:41	Name: d Value: EI4BEQHzJPijCJiTAA
.turn.com/	1970-01-20 03:33:17	Name: uid Value: 7974259943787010799
.taboola.com/	1970-01-20 07:59:41	Name: t_gid Value: 23284b73-ea0c-4930-986b-5e58c1bc909b-tuct8a85126
.adfarm1.adition.com/	1970-01-20 01:23:41	Name: UserID1 Value: 7038787181459601555
.pubmatic.com/	1970-01-20 01:23:41	Name: KRTBCOOKIE_153 Value: 1923-7v4M-butDKr1-gmp7KlA_73_VP31_1ik6__u4-Tm&KRTB&19420-7v4M-butDKr1-gmp7KlA_73_VP31_1ik6__u4-Tm&KRTB&22979-7v4M-butDKr1-gmp7KlA_73_VP31_1ik6__u4-Tm
.pubmatic.com/	1970-01-19 23:57:17	Name: PugT Value: 1638845350
.pubmatic.com/	1970-01-20 01:23:41	Name: PUBMDCID Value: 3
.rfihub.com/	1970-01-20 08:35:41	Name: rud Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxtDQ3NDUyMgQyhfgMdd1NwoPTg73DA93LU6R4Dc2MLSxMTI1NDUyNzAGzCikeNAAAAA
.rfihub.com/	1970-01-20 08:35:41	Name: eud Value: H4sIAAAAAAAAAFslymtoZmxhYWJqbGpgamQOABmn3noQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxtDQ3NDUyMgQyhfgMdd1NwoPTg73DA93LUwCNphZVJQAAAA
.adsrvr.org/	1970-01-20 07:59:41	Name: TDCPM Value: CAEYASABKAIyCwjWwruG3M2cOhAFOAFaC2FkY29uZHVjdG9yYAI.
.pubmatic.com/	1970-01-20 01:23:41	Name: KRTBCOOKIE_80 Value: 22987-CAESED7VVhxhvUk-mIY1Hcmpvyw&KRTB&16514-CAESED7VVhxhvUk-mIY1Hcmpvyw&KRTB&23025-CAESED7VVhxhvUk-mIY1Hcmpvyw
.pubmatic.com/	1970-01-20 01:23:41	Name: KRTBCOOKIE_57 Value: 22776-4946990725677477747
.pubmatic.com/	1970-01-20 03:33:17	Name: KRTBCOOKIE_188 Value: 3189-no-consent
.1rx.io/	1970-01-20 07:59:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003%22%2C%22nxtrdr%22%3Afalse%7D
.adform.net/	1970-01-19 23:58:43	Name: C Value: 1
.onaudience.com/	1970-01-20 07:59:41	Name: cookie Value: efa6c9c55b2df06f
.onaudience.com/	1970-01-19 23:15:31	Name: done_redirects104 Value: 1
.erne.co/	1970-01-20 07:59:41	Name: u Value: 3NHaNOmpjkOoVSql0xQMX8Jp
.pubmatic.com/	1970-01-19 23:57:17	Name: KRTBCOOKIE_1101 Value: 23040-7038787181459601555
.pubmatic.com/	1970-01-20 07:59:41	Name: KRTBCOOKIE_27 Value: 16735-uid:20ed61ae-cba3-4900-bb52-7cc570c2c565&KRTB&16736-uid:20ed61ae-cba3-4900-bb52-7cc570c2c565&KRTB&23019-uid:20ed61ae-cba3-4900-bb52-7cc570c2c565&KRTB&23114-uid:20ed61ae-cba3-4900-bb52-7cc570c2c565
.pubmatic.com/	1970-01-19 23:57:17	Name: KRTBCOOKIE_22 Value: 14911-7974259943787010799
.pubmatic.com/	1970-01-20 01:23:41	Name: KRTBCOOKIE_377 Value: 6810-85f4d67c-3ab3-450c-b420-539570656946&KRTB&22918-85f4d67c-3ab3-450c-b420-539570656946&KRTB&23031-85f4d67c-3ab3-450c-b420-539570656946
.analytics.yahoo.com/	1970-01-20 08:01:07	Name: IDSYNC Value: 18z8~21y2
.yahoo.com/	1970-01-20 08:00:02	Name: A3 Value: d=AQABBKbLrmECEM1vvcVRodbHBa7JIiyJcCoFEgEBAQEdsGG4YQAAAAAA_eMAAA&S=AQAAArP7F6hlugtKTp0wrtnEC2A
.de17a.com/	1970-01-20 07:52:29	Name: guid2 Value: 1.4815254603872434894
.pubmatic.com/	1970-01-19 23:57:17	Name: KRTBCOOKIE_409 Value: 22966-3NHaNOmpjkOoVSql0xQMX8Jp
.simpli.fi/	1970-01-20 08:01:07	Name: suid Value: 799E23D1B2FC4EE99777FACCBAFF4502
.adform.net/	1970-01-20 00:40:29	Name: uid Value: 8231746660794167020
.pubmatic.com/	1970-01-19 23:57:17	Name: SPugT Value: 1638845349
.pubmatic.com/	1970-01-19 23:57:17	Name: KRTBCOOKIE_594 Value: 17107-RX-043d6d66-9e7a-4f06-b461-e21e0c63d7bb-003
ads.playground.xyz/	1970-01-19 23:17:26	Name: connect.sid Value: s%3A45c-mPAjISdgTUoaCMSIfMfy37WutM3N.jl3hTp0opl5Dnedq0BibYuARXGwUhiJVtB%2BrxfEMAHw
.pubmatic.com/	1970-01-19 23:57:17	Name: KRTBCOOKIE_391 Value: 22924-3820115528378156269&KRTB&23263-3820115528378156269
.pubmatic.com/	1970-01-19 23:57:17	Name: KRTBCOOKIE_336 Value: 5844-4815254603872434894
.adsby.bidtheatre.com/	1970-01-19 23:24:10	Name: __kuid Value: ef653911-274c-4af5-8b07-b5b8dfca5dde.408059350
.everesttech.net/	1970-01-20 07:59:41	Name: everest_g_v2 Value: g_surferid~Ya7LpgAKBVP5vgAz
.pubmatic.com/	1970-01-20 01:23:41	Name: KRTBCOOKIE_218 Value: 4056-Ya7LpgAKBVP5vgAz&KRTB&22978-Ya7LpgAKBVP5vgAz&KRTB&23194-Ya7LpgAKBVP5vgAz&KRTB&23209-Ya7LpgAKBVP5vgAz
.bidr.io/	1970-01-20 08:42:35	Name: bito Value: AArVgU7DXZcAAH2sjHsDFQ
.bidr.io/	1970-01-20 08:42:35	Name: bitoIsSecure Value: ok
.crwdcntrl.net/	1970-01-20 05:42:50	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:42:50	Name: _cc_id Value: 2d801dbde08aa8e01942fe6cba78b9b0
.crwdcntrl.net/	1970-01-20 05:42:53	Name: _cc_cc Value: "ACZ4XmNQMEqxMDBMSUpJNbBITLRINTC0NDFKSzVLTko0t0iyTDJgAILEdaeXgWgoAABwtAvp"
.crwdcntrl.net/	1970-01-20 05:42:53	Name: _cc_aud Value: "ABR4XmNgYGBIXHd6GZCCAgAe3AKB"
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 3dfa5e277e71cf84
.onaudience.com/	1970-01-19 23:15:31	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 07:59:41	Name: zc Value: ac88f6f5-2ef1-4089-5ba3-99f87c92b4f8
.zeotap.com/	1970-01-19 23:15:31	Name: zsc Value: %ED%91%0D%81%0D%27%93%89%AB%B2%E6%EF%93I%98%ACD%E4m%E9%03%1F%ABrs%E1%A8a%B2%02y%88v%17%B7%CA%89j%8C%04%A5%B9j%17h%A8hu%91SZ%A2%06y%8C%19%12x%14I%C4%EF%DC%DC%C3f%E4W%18%03J%3F%FB%DD%E8%19%FD%22%83-%09%1E%CE
sync.srv.stackadapt.com/	1970-01-20 07:59:41	Name: sa-user-id Value: s%3A0-5f6d626e-5b27-40dd-7cf9-358961699b65.TnltQ%2BpUutf2H%2BezOxdE68YQFuooeVvLy9%2B9DHYWMFo
.srv.stackadapt.com/	1970-01-20 07:59:41	Name: sa-user-id-v2 Value: s%3A0-5f6d626e-5b27-40dd-7cf9-358961699b65%24ip%24193.27.14.24.H0b%2BMUawpHn7hshDDIQalgLX6Ht48tOnqR7YYaZd6A8
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:45:59	Name: bcookie Value: "v=2&7eb9476a-65e5-4771-8e08-6d9e570d5474"
.linkedin.com/	1970-01-20 16:42:30	Name: li_gc Value: MTswOzE2Mzg4NDUzNTA7MjswMjGubzL0QD91GbtLqo8W//LaO9Jo7j3RTkHeK0guGuKIhQ==
.linkedin.com/	1970-01-19 23:15:31	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2510:u=1:x=1:i=1638845350:t=1638931750:v=2:sig=AQHJ3BjNQlPjEtE7n7ErNnx-LND9WQ1_"
.pubmatic.com/	1970-01-20 01:23:41	Name: KRTBCOOKIE_860 Value: 16335-X21iblsnQN18-TWJYWmbZcEbDhg
.spotim.market/	1970-01-20 00:43:22	Name: vmuid Value: a2f4646f0e2874d3
.adtelligent.com/	1970-01-20 00:43:22	Name: a281178 Value: 26CFC5F6-FC26-45F5-81AD-CC3EBF7B08FE
.adtelligent.com/	1970-01-20 00:43:22	Name: vmuid Value: a2f4646f0e2874d3
.adtelligent.com/	1970-01-20 00:43:22	Name: a309017 Value: no-consent
.spotim.market/	1970-01-20 00:43:22	Name: a323548 Value: 4946990725677477747
.spotim.market/	1970-01-20 00:43:22	Name: a323551 Value: 4d4d8792758de91c53e79d87
.spotim.market/	1970-01-20 00:43:22	Name: a509691 Value: ${UID}

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
worker	error	URL: blob:https://www.postfun.com/fb019e54-4d5b-4e62-830b-6b4f4f0489e5 Message: Mixed Content: The page at 'blob:https://www.postfun.com/fb019e54-4d5b-4e62-830b-6b4f4f0489e5' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://www.postfun.com/fb019e54-4d5b-4e62-830b-6b4f4f0489e5 Message: Mixed Content: The page at 'blob:https://www.postfun.com/fb019e54-4d5b-4e62-830b-6b4f4f0489e5' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ap.lijit.com
apex.go.sonobi.com
audit-tcfv2.quantcast.mgr.consensu.org
aufp.io
b1sync.zemanta.com
bh.contextweb.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cdn.p-n.io
cdn.taboola.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
core.iprom.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
eb2.3lift.com
eu-u.openx.net
exchange.postrelease.com
ghb.spotim.market
green.erne.co
hive-d.openx.net
hivemedia-images.s3.us-east-1.amazonaws.com
htlb.casalemedia.com
ib.adnxs.com
ids.ad.gt
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
k.p-n.io
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mwzeom.zeotap.com
odr.mookie1.com
p.ad.gt
p.rfihub.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixels.ad.gt
pr-bh.ybp.yahoo.com
prebidtest.zemanta.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
quantcast.mgr.consensu.org
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.update.hmstats.com
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.spotim.market
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
test.quantcast.mgr.consensu.org
tlx.3lift.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
visitor.omnitagjs.com
www.facebook.com
www.google-analytics.com
www.postfun.com
x.bidswitch.net
104.92.81.94
13.32.29.201
13.35.253.10
13.35.253.75
142.250.181.226
142.250.184.226
151.101.193.44
151.101.194.49
159.65.196.12
169.197.150.7
169.50.137.182
178.162.133.149
178.162.133.150
178.250.2.151
18.156.0.31
18.194.4.47
18.197.121.240
18.66.248.14
185.255.84.153
185.29.134.248
185.33.221.13
185.33.221.87
185.64.190.80
185.64.190.81
185.86.139.114
188.165.4.142
193.0.160.129
195.5.165.20
198.148.27.139
198.47.127.19
198.47.127.20
2.18.233.180
2.21.111.28
2.21.141.232
2001:678:cb4:bbbb::11
213.155.156.169
213.19.147.44
23.88.75.189
2600:9000:211e:1c00:9:46dc:4700:93a1
2600:9000:211e:8c00:3:a4cd:8380:93a1
2600:9000:2315:4800:6:44e3:f8c0:93a1
2606:4700:10::6816:1857
2606:4700:10::6816:72d
2606:4700:20::681a:ad1
2620:116:800d:21:f916:5049:f87f:108e
2620:119:50e7:101::9002:e05
2620:1ec:c11::200
2a00:1450:4001:80e::200e
2a00:1450:400c:c0a::9b
2a02:fa8:8806:20::2040
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:d29:3605:60e0:c53a:cd30:7167
2a0c:5c81:5142::2
34.102.253.54
34.197.208.127
34.211.237.159
34.243.93.43
34.98.64.218
34.98.67.61
35.186.253.211
35.244.159.8
35.71.131.137
37.157.4.29
44.238.136.108
51.210.112.236
52.19.22.209
52.200.181.105
52.215.68.151
52.217.85.16
52.28.162.206
52.46.130.91
52.89.213.37
54.187.25.111
54.194.104.251
62.149.0.72
64.74.236.63
66.155.71.25
72.251.241.196
72.251.249.13
76.223.111.18
85.114.159.93
02355aa57f07068f48ce739f70f73bd9264ed16f066e946b3eca256d814356ff
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
084f6476011a1c250d41279bc05a27a78c804a91bd11610eb2be4bb1b5a73c18
0924e6ae85bbf093056ea4960d428569c4228385e29cb0bbda7028439050561e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d358ffaf0d76ff2acc41f17cb874a7a03fa6fa502936b48c4de3eab79752d32
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a2401c0f0f0989b66fea7819705936c7409ab0686efdc90c47f90584af8c63d
1ad142d89bfb17e68387ca8ecefb3850d8459d676c8f851aab1a2d67d9ab7b0d
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2a21d440ddb36b335b7c29c1356276d61c86d5c5f2f42c1c349fbe285008776b
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3112fccfa0c39fb02ce507b3f6ce23b9a465f852a49a32f8c664a802e1444688
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
384030f05a2241cb62e91acb3eb557b1dc64bccb7a1bf43011ef572b19b5c4d9
3b850fd9301b5a95c9c7ead67c57622e1a06680f69bf8d2f5ce57983011da3b1
3d022bdc2470de1ee83e2693341ae618f6fc08a90edbe3290e5c870faeefec4f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41e365250a82e0e0ee15c8661ca0efb65228a061f31c8ae3884127d0efa0d369
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4969fd737773f4ea35432a238a098a4145206b26aea3480033da952ee3eab80b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
501b84d7db37a158e0313efd545c334fc75d82750e1248fa383321c67728b1ce
537af3e7035e7f334c4414cf45d25f378f279843c35eeb375675639f24202ee8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5867c4e1ca42a3ae09b2f294bda3d6d8493d9dd2d1560ae7289ca58b6bb13e4e
587e4115909190b558d6542a6a6ebc8faeb19edd3e21b732b38c9aec3d36f185
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d8d13c958e7f08ce7c2be4315fe352515b00c28047ff52c5205199a9a37581e
5f6f0b1a73b3923455ddd8d7fe81135732102ea9b0b2489252071dc8acba2708
690d7ec1b7cadb8c57efcc5ca4d8062e2826ad74304a2cf1c8210821866f7571
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71579509feaec66395bc8bed449847a80a8eeeb006aa59d93fb2dbd44bbcb3fb
723d96e56379246e99aede7ade615f114e9cf2a95c105df46af8935e650146c1
724ffca6332d70f4cbb540b05753e0e5d59a9b25a0eefd2e46fbf841ad41889b
72974cf5c2f0384df6f0b6810376dee8106ab9bb157d8a3c441c6ba418c904da
732be07cfd0af57869ce60bc525acf0b5dbd06a47345945b41f551bcac33a432
75ad566950298a23b6ce73ed61b4597ae66a72daf102daa806efd58c18fa7c3d
7a2b44d696ca571e00b0db7d7a110984b48af49a176bd95ddddae23cdfe1ca65
7f59166cede1b29d613c38e7da6dcd9227fdb898893f6508356e2ca5ad7b7293
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8352a0484081022114518db98c4f7bd828fff01a3bba53b1e9fe55e31602413e
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
869234019eb34d15b2dbb218719491fefae65f17cf1103eb6355da24783f6dc7
89082227eb43e2295815f3f62d29cdc5f806cfef98416d0b88539131f79b5af5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419
9537144bb39250368e21895ffb3a0e5c0f976a68b191729a73f247bb0608f2a3
9875b9cc0672adaee70f87b3aa98dc40deb2ac1684fb6ce721131858dbe3c482
98853c314da19dd937694bcabe140f6549fe2bd27e641bcfbb534a9c804ff487
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9aaa0167f4abb8eb86f2182c46287c6bddc68d7538f0bfa9e71287db2c700a60
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2234e62f9f4f714bd6e6fc3e8b65aaeac70fa57b670274528e472c3f2dd35dc
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afb3501c74391644e2029381ab1df63c381d66334e33d74f5c7859236768604f
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b209eb175909bbe172d0e6f9762eabcf99f07ecab1ecc7da56ae44e25a650ce9
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b4dc13dc644c41fff30da814b78b35bd07d270a01e3fcbf58fbe484b94ea975b
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b985af57dc59fdf0a9743d410836168fdbceaa641b51d4e427f9edff6cc62625
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb6d1fca9040272fd9341da48df6827bbea229b08574eadc105dc55fb5c2fc9f
c32b66dae6aaac220d224bd147ce2e70a205a34bc53b62ca4f9eb0d7754ccfa4
c507ad3b9d297645f447934d8eb6e29712a6fc759daab791de19be72af08ed6b
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5926114e876f2c89a01dff181af963f57e14fe1df703045d8c024400466007
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d261bc09d55ca6390f043aa5a196a8c4d49d38bb48792e007e539a9b67a86bbb
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d74430c6c02b1f752d521694f0e346b93b9eddd6cf39f53015abe27fbecf301f
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
de2b4eba3c242546aae7f2ff97cd39bcb010dcf1847ec4bec38876d29e838b9c
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9bbac6ecbcbd46820ae9165f18bb5ad8e58a243850e838d0680bb50e0b7b229
ea3b8c6d48b3b39628750c41d1dbb2dfafdd65fbf1c12e1a7fa79126702bda72
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8ee0d666b3091eb93def38dd12b8f2a7009d640e6b0cf389cc35a2c4a425b09
fd0b79a723b6dbed0292bd8c0cb7c57ee81100a3f2f7b5c606210b85f8e5a567

www.postfun.com Open in urlscan Pro 104.92.81.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

235 Requests

81 %HTTPS

21 %IPv6

63 Domains

92 Subdomains

64 IPs

12 Countries

2027 kBTransfer

6635 kBSize

132 Cookies

9 Outgoing links

Redirected requests

235 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.postfun.com Open in urlscan Pro
104.92.81.94 Public Scan

Screenshot
Live screenshot

Full Image

235
Requests

81 %
HTTPS

21 %
IPv6

63
Domains

92
Subdomains

64
IPs

12
Countries

2027 kB
Transfer

6635 kB
Size

132
Cookies

235 HTTP transactions
0 data transactions