urlscan.io logo urlscan.io
SecurityTrails logo

thesource.com Open in urlscan Pro
192.124.249.167  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://thesource.com/
Effective URL: https://thesource.com/
Submission Tags: tranco_l324
Submission: On October 31 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 90 IPs in 15 countries across 67 domains to perform 381 HTTP transactions. The main IP is 192.124.249.167, located in United States and belongs to SUCURI-SEC, US. The main domain is thesource.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 18th 2020. Valid for: a year.
This is the only time thesource.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 65 192.124.249.167 30148 (SUCURI-SEC)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.219.98.106 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 52.222.210.175 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
16 142.250.184.194 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 13.32.99.90 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 3 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
1 18.66.127.89 16509 (AMAZON-02)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 34.197.208.127 14618 (AMAZON-AES)
9 2602:803:c002... 26667 (RUBICONPR...)
1 216.52.2.19 30282 (AS-INAPCD...)
1 7 35.244.159.8 15169 (GOOGLE)
5 18.156.195.47 16509 (AMAZON-02)
2 2.21.111.28 16625 (AKAMAI-AS)
1 8 185.33.220.240 29990 (ASN-APPNEX)
1 147.75.38.124 54825 (PACKET)
3 104.16.190.66 13335 (CLOUDFLAR...)
10 52.208.210.171 16509 (AMAZON-02)
1 35.156.28.35 16509 (AMAZON-02)
2 51.89.9.253 16276 (OVH)
1 35.211.85.235 15169 (GOOGLE)
1 104.244.42.8 13414 (TWITTER)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
29 194.146.38.205 41436 (CLOUDWEBM...)
4 23.218.208.200 16625 (AKAMAI-AS)
2 2 185.94.180.126 35220 (SPOTX-AMS)
1 2a0c:5c81:509... 55081 (24SHELLS)
13 185.167.96.211 41436 (CLOUDWEBM...)
5 10 18.194.61.148 16509 (AMAZON-02)
1 1 162.55.6.211 24940 (HETZNER-AS)
4 14 23.218.208.246 16625 (AKAMAI-AS)
2 3 185.33.221.87 29990 (ASN-APPNEX)
1 4 37.157.3.30 198622 (ADFORM)
3 34.204.254.218 14618 (AMAZON-AES)
5 6 2.21.142.210 16625 (AKAMAI-AS)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 2 46.249.52.248 50673 (SERVERIUS-AS)
3 2600:9000:223... 16509 (AMAZON-02)
2 3 37.157.4.40 198622 (ADFORM)
2 89.187.169.47 60068 (CDN77 ^_^)
1 13 54.93.135.255 16509 (AMAZON-02)
1 4 188.132.147.227 42910 (PREMIERDC...)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 194.213.62.37 5588 (GTSCE GTS...)
1 2a00:1450:400... 15169 (GOOGLE)
4 4 185.29.134.248 30419 (MEDIAMATH...)
1 1 185.33.223.217 29990 (ASN-APPNEX)
1 1 178.250.2.151 44788 (ASN-CRITE...)
2 2 72.251.244.140 29791 (VOXEL-DOT...)
1 142.251.5.156 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 141.95.3.10 16276 (OVH)
1 52.19.22.209 16509 (AMAZON-02)
1 7 52.223.40.198 16509 (AMAZON-02)
2 151.101.193.108 54113 (FASTLY)
4 23.79.143.124 16625 (AKAMAI-AS)
1 1 154.57.158.49 26558 (FREEWHEEL)
6 11 142.250.186.98 15169 (GOOGLE)
2 4 2a05:d018:d29... 16509 (AMAZON-02)
7 37.157.4.41 198622 (ADFORM)
3 6 209.54.177.54 16509 (AMAZON-02)
1 169.197.150.7 398989 (DEEPINTENT)
1 3.126.56.137 16509 (AMAZON-02)
1 1 52.86.210.192 14618 (AMAZON-AES)
3 2001:4860:480... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 37.157.2.248 198622 (ADFORM)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
3 69.173.144.165 26667 (RUBICONPR...)
2 3 151.101.194.49 54113 (FASTLY)
1 35.244.174.68 15169 (GOOGLE)
1 34.120.133.55 15169 (GOOGLE)
2 7 13.248.245.213 16509 (AMAZON-02)
2 2 35.227.248.159 15169 (GOOGLE)
1 2620:119:50e1... 14413 (LINKEDIN)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 50.31.142.63 23352 (SERVERCEN...)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 52.16.214.249 16509 (AMAZON-02)
1 35.241.40.233 15169 (GOOGLE)
1 172.217.16.130 15169 (GOOGLE)
6 172.217.23.98 15169 (GOOGLE)
3 3 78.46.46.18 24940 (HETZNER-AS)
3 188.40.110.203 24940 (HETZNER-AS)
1 34.98.67.61 15169 (GOOGLE)
2 2 18.195.105.17 ()
381 90
65    192.124.249.167 (United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10167.sucuri.net
thesource.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    52.219.98.106 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
hb-thesource.s3.us-east-2.amazonaws.com
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    52.222.210.175 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
16    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
4    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
3    13.32.99.90 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net
sb.scorecardresearch.com
5    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2600:9000:223c:ac00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    18.66.127.89 (United States)

ASN16509 (AMAZON-02, US)
cdn-images.mailchimp.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    34.197.208.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-208-127.compute-1.amazonaws.com
exchange.postrelease.com
9    2602:803:c002:200::52 (None, )

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
7    35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
thesource2-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
5    18.156.195.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
2    2.21.111.28 (Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
8    185.33.220.240 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
10    52.208.210.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    35.156.28.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-28-35.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    51.89.9.253 (Germany)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
1    35.211.85.235 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 235.85.211.35.bc.googleusercontent.com
grid.bidswitch.net
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
12    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
9    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com
tpc.googlesyndication.com
29    194.146.38.205 (None, )

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.primis.tech
4    23.218.208.200 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    185.94.180.126 (Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
13    185.167.96.211 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
video.primis.tech
10    18.194.61.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-61-148.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    162.55.6.211 (United States)

ASN24940 (HETZNER-AS, DE)
PTR: static.211.6.55.162.clients.your-server.de
csync.loopme.me
14    23.218.208.246 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
js-sec.indexww.com
dsum-sec.casalemedia.com
3    185.33.221.87 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
4    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
c1.adform.net
3    34.204.254.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-254-218.compute-1.amazonaws.com
prebid-server.rubiconproject.com
6    2.21.142.210 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-210.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
3    2600:9000:223f:6200:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
3    37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
2    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
cdn.admatic.com.tr
13    54.93.135.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
ih.adscale.de
4    188.132.147.227 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-227-147-132-188.sadecehosting.net
ads3.admatic.com.tr
ads4.admatic.com.tr
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    194.213.62.37 (Morkov, Czech Republic)

ASN5588 (GTSCE GTS Central Europe Antel Germany, CZ)
PTR: bbnautid4.ibillboard.com
bbnaut.ibillboard.com
1    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    185.33.223.217 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 823.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
adscale-emea.adnxs.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    72.251.244.140 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
tracking.m6r.eu
1    142.251.5.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f156.1e100.net
bid.g.doubleclick.net
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    141.95.3.10 (Germany)

ASN16276 (OVH, FR)
PTR: p31.id5-sync.com
id5-sync.com
1    52.19.22.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
7    52.223.40.198 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    23.79.143.124 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    154.57.158.49 (United States)

ASN26558 (FREEWHEEL, US)
1f2e7.v.fwmrm.net
11    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
4    2a05:d018:d29:3602:6f35:8046:ae1a:688f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
7    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
a1.adform.net
6    209.54.177.54 (Osaka, Japan)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    169.197.150.7 (Albuquerque, United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    52.86.210.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-210-192.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
3    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
8    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    34.120.133.55 (United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
7    13.248.245.213 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    35.227.248.159 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    50.31.142.63 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    52.16.214.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-214-249.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    35.241.40.233 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com
dmp.brand-display.com
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
googleads4.g.doubleclick.net
6    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
ade.googlesyndication.com
3    78.46.46.18 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h537.meetrics.de
s79.research.de.com
3    188.40.110.203 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h544.meetrics.de
b60.s79.research.de.com
1    34.98.67.61 (United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    18.195.105.17 (None, )

ASN- ()
ads.creative-serving.com
Apex Domain
Subdomains		 Transfer
65 thesource.com
thesource.com
6 MB
42 primis.tech
live.primis.tech
video.primis.tech
3 MB
39 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
bid.g.doubleclick.net
pubads.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
266 KB
27 googlesyndication.com
pagead2.googlesyndication.com
fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
77 KB
23 rubiconproject.com
fastlane.rubiconproject.com
prebid-server.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
37 KB
16 adscale.de
js.adscale.de
ih.adscale.de
17 KB
15 adform.net
adx.adform.net
cm.adform.net
track.adform.net
a1.adform.net
s1.adform.net
c1.adform.net
7 MB
14 adnxs.com
ib.adnxs.com
secure.adnxs.com
adscale-emea.adnxs.com
acdn.adnxs.com
56 KB
12 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
12 KB
12 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
82 KB
11 bidswitch.net
grid.bidswitch.net
x.bidswitch.net
4 KB
11 yahoo.com
c2shb.ssp.yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
4 KB
10 gumgum.com
g2.gumgum.com
rtb.gumgum.com
11 KB
8 3lift.com
tlx.3lift.com
eb2.3lift.com
6 KB
8 gstatic.com
fonts.gstatic.com
csi.gstatic.com
100 KB
7 adsrvr.org
match.adsrvr.org
2 KB
7 openx.net
thesource2-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
2 KB
7 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
22 KB
6 de.com
s79.research.de.com
b60.s79.research.de.com
2 KB
6 admatic.com.tr
cdn.admatic.com.tr
ads3.admatic.com.tr
ads4.admatic.com.tr
22 KB
6 stickyadstv.com
ads.stickyadstv.com
5 KB
6 onesignal.com
cdn.onesignal.com
onesignal.com
img.onesignal.com
90 KB
6 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
316 KB
5 criteo.com
dis.criteo.com
gum.criteo.com
mug.criteo.com
2 KB
5 google.com
www.google.com
adservice.google.com
2 KB
4 indexww.com
js-sec.indexww.com
4 KB
4 mathtag.com
sync.mathtag.com
2 KB
4 google-analytics.com
www.google-analytics.com
21 KB
3 everesttech.net
sync-tm.everesttech.net
875 B
3 districtm.io
dmx.districtm.io
cdn.districtm.io
317 B
3 twitter.com
platform.twitter.com
syndication.twitter.com
133 KB
3 google.de
www.google.de
adservice.google.de
1 KB
3 quantserve.com
secure.quantserve.com
pixel.quantserve.com
11 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 tapad.com
pixel.tapad.com
887 B
2 rlcdn.com
id.rlcdn.com
api.rlcdn.com
326 B
2 m6r.eu
tracking.m6r.eu
1 KB
2 e-planning.net
ads.us.e-planning.net
404 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 onetag-sys.com
onetag-sys.com
1 KB
2 facebook.net
connect.facebook.net
79 KB
2 googletagmanager.com
www.googletagmanager.com
72 KB
2 googletagservices.com
www.googletagservices.com
64 KB
1 mookie1.com
odr.mookie1.com
324 B
1 brand-display.com
dmp.brand-display.com
253 B
1 bidr.io
match.prod.bidr.io
430 B
1 turn.com
ad.turn.com
412 B
1 zemanta.com
b1sync.zemanta.com
301 B
1 bing.com
c.bing.com
592 B
1 linkedin.com
px.ads.linkedin.com
599 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
377 B
1 deepintent.com
match.deepintent.com
44 B
1 fwmrm.net
1f2e7.v.fwmrm.net
460 B
1 crwdcntrl.net
id.crwdcntrl.net
903 B
1 id5-sync.com
id5-sync.com
531 B
1 2mdn.net
s0.2mdn.net
17 KB
1 ibillboard.com
bbnaut.ibillboard.com
550 B
1 loopme.me
csync.loopme.me
243 B
1 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr Failed
1 KB
1 a-mo.net
prebid.a-mo.net
143 B
1 lijit.com
ap.lijit.com
519 B
1 postrelease.com
exchange.postrelease.com
391 B
1 mailchimp.com
cdn-images.mailchimp.com
2 KB
1 quantcount.com
rules.quantcount.com
1 KB
1 amazonaws.com
hb-thesource.s3.us-east-2.amazonaws.com
344 KB
0 demdex.net Failed
dpm.demdex.net Failed
381 67
Domain Requested by
65 thesource.com 1 redirects thesource.com
29 live.primis.tech thesource.com
live.primis.tech
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
13 video.primis.tech live.primis.tech
thesource.com
12 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
thesource.com
11 cm.g.doubleclick.net 6 redirects thesource.com
hb-thesource.s3.us-east-2.amazonaws.com
eu-u.openx.net
eb2.3lift.com
10 x.bidswitch.net 5 redirects thesource.com
ssum-sec.casalemedia.com
eb2.3lift.com
9 g2.gumgum.com hb-thesource.s3.us-east-2.amazonaws.com
9 fastlane.rubiconproject.com hb-thesource.s3.us-east-2.amazonaws.com
9 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
thesource.com
imasdk.googleapis.com
8 googleads.g.doubleclick.net thesource.com
8 ib.adnxs.com 1 redirects hb-thesource.s3.us-east-2.amazonaws.com
live.primis.tech
acdn.adnxs.com
7 eb2.3lift.com 2 redirects hb-thesource.s3.us-east-2.amazonaws.com
eb2.3lift.com
7 a1.adform.net imasdk.googleapis.com
thesource.com
7 match.adsrvr.org 1 redirects live.primis.tech
ssum-sec.casalemedia.com
thesource.com
hb-thesource.s3.us-east-2.amazonaws.com
eu-u.openx.net
eb2.3lift.com
7 pubads.g.doubleclick.net imasdk.googleapis.com
thesource.com
6 ade.googlesyndication.com thesource.com
6 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
eb2.3lift.com
6 ads.stickyadstv.com 5 redirects live.primis.tech
6 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
6 c.amazon-adsystem.com thesource.com
c.amazon-adsystem.com
live.primis.tech
5 fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 c2shb.ssp.yahoo.com hb-thesource.s3.us-east-2.amazonaws.com
5 fonts.gstatic.com fonts.googleapis.com
4 token.rubiconproject.com 4 redirects
4 pr-bh.ybp.yahoo.com 2 redirects thesource.com
ssum-sec.casalemedia.com
4 eus.rubiconproject.com live.primis.tech
eus.rubiconproject.com
hb-thesource.s3.us-east-2.amazonaws.com
4 js-sec.indexww.com live.primis.tech
ssum-sec.casalemedia.com
hb-thesource.s3.us-east-2.amazonaws.com
4 sync.mathtag.com 4 redirects
4 ads.pubmatic.com live.primis.tech
s.console.adtarget.com.tr
hb-thesource.s3.us-east-2.amazonaws.com
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
thesource.com
4 fonts.googleapis.com thesource.com
live.primis.tech
3 b60.s79.research.de.com thesource.com
3 s79.research.de.com 3 redirects
3 eu-u.openx.net hb-thesource.s3.us-east-2.amazonaws.com
eu-u.openx.net
3 sync-tm.everesttech.net 2 redirects ssum-sec.casalemedia.com
3 pixel.rubiconproject.com thesource.com
3 csi.gstatic.com imasdk.googleapis.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 ads3.admatic.com.tr cdn.admatic.com.tr
s.console.adtarget.com.tr
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 prebid-server.rubiconproject.com live.primis.tech
3 secure.adnxs.com 2 redirects ssum-sec.casalemedia.com
3 onesignal.com cdn.onesignal.com
3 www.google.com thesource.com
tpc.googlesyndication.com
3 sb.scorecardresearch.com 1 redirects thesource.com
2 ads.creative-serving.com 2 redirects
2 c1.adform.net 1 redirects ssum-sec.casalemedia.com
2 us-u.openx.net eu-u.openx.net
2 pixel.tapad.com 2 redirects
2 acdn.adnxs.com live.primis.tech
hb-thesource.s3.us-east-2.amazonaws.com
2 mug.criteo.com thesource.com
2 gum.criteo.com 1 redirects
2 tracking.m6r.eu 2 redirects
2 track.adform.net 2 redirects
2 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 ads.us.e-planning.net 1 redirects s.console.adtarget.com.tr
2 adx.adform.net live.primis.tech
2 sync.search.spotxchange.com 2 redirects
2 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
2 onetag-sys.com hb-thesource.s3.us-east-2.amazonaws.com
2 dmx.districtm.io hb-thesource.s3.us-east-2.amazonaws.com
2 htlb.casalemedia.com hb-thesource.s3.us-east-2.amazonaws.com
live.primis.tech
2 hbopenbid.pubmatic.com hb-thesource.s3.us-east-2.amazonaws.com
live.primis.tech
2 platform.twitter.com thesource.com
platform.twitter.com
2 pixel.quantserve.com 1 redirects thesource.com
2 www.google.de thesource.com
2 stats.g.doubleclick.net www.google-analytics.com
2 cdn.onesignal.com thesource.com
cdn.onesignal.com
2 connect.facebook.net thesource.com
connect.facebook.net
2 www.googletagmanager.com thesource.com
2 www.googletagservices.com thesource.com
1 ads4.admatic.com.tr 1 redirects
1 odr.mookie1.com s.console.adtarget.com.tr
1 googleads4.g.doubleclick.net thesource.com
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 rtb.gumgum.com thesource.com
1 cdn.districtm.io hb-thesource.s3.us-east-2.amazonaws.com
1 api.rlcdn.com hb-thesource.s3.us-east-2.amazonaws.com
1 id.rlcdn.com thesource.com
1 ads.yahoo.com thesource.com
1 s1.adform.net thesource.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 ups.analytics.yahoo.com ssum-sec.casalemedia.com
1 match.deepintent.com ssum-sec.casalemedia.com
1 1f2e7.v.fwmrm.net 1 redirects
1 id.crwdcntrl.net live.primis.tech
1 id5-sync.com live.primis.tech
1 bid.g.doubleclick.net imasdk.googleapis.com
1 dis.criteo.com 1 redirects
1 ssum.casalemedia.com 1 redirects
1 adscale-emea.adnxs.com 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 bbnaut.ibillboard.com 1 redirects
1 cm.adform.net s.console.adtarget.com.tr
1 image6.pubmatic.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 s.console.adtarget.com.tr live.primis.tech
1 u.openx.net 1 redirects
1 adservice.google.de securepubads.g.doubleclick.net
1 img.onesignal.com
1 syndication.twitter.com platform.twitter.com
1 grid.bidswitch.net hb-thesource.s3.us-east-2.amazonaws.com
1 tlx.3lift.com hb-thesource.s3.us-east-2.amazonaws.com
1 prebid.a-mo.net hb-thesource.s3.us-east-2.amazonaws.com
1 thesource2-d.openx.net hb-thesource.s3.us-east-2.amazonaws.com
1 ap.lijit.com hb-thesource.s3.us-east-2.amazonaws.com
1 exchange.postrelease.com hb-thesource.s3.us-east-2.amazonaws.com
1 cdn-images.mailchimp.com thesource.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com thesource.com
1 hb-thesource.s3.us-east-2.amazonaws.com thesource.com
0 dpm.demdex.net Failed thesource.com
0 sync.console.adtarget.com.tr Failed s.console.adtarget.com.tr
js.adscale.de
381 121

This site contains no links.

Subject Issuer Validity Valid
*.thesource.com
Go Daddy Secure Certificate Authority - G2		 2020-11-18 -
2021-11-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.s3.us-east-2.amazonaws.com
Amazon		 2021-03-24 -
2022-03-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-09 -
2021-11-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
cdn-images.mailchimp.com
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.a-mo.net
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
onetag-sys.com
R3		 2021-10-14 -
2022-01-12		 3 months crt.sh
grid.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2021-09-27 -
2022-10-23		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2021-10-29 -
2022-06-18		 8 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-09-30 -
2021-12-29		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
ads.us.e-planning.net
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
cdn.admatic.com.tr
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
ads4.admatic.com.tr
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh

This page contains 40 frames:

Primary Page: https://thesource.com/
Frame ID: AAC0F5968694D523D060A3E75954AB87
Requests: 181 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fthesource.com
Frame ID: B56DF6D6FB0205BED7EE332968D62FA6
Requests: 2 HTTP requests in this frame

Frame: https://fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AEB7E863118C5D08766441B486F7C44D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 76608223EA4C35499DF1120D73731E15
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DC453329C26C721EFF20E501361999C6
Requests: 2 HTTP requests in this frame

Frame: https://fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5F4F59558017FE2E5864FEFA6E9BB87B
Requests: 1 HTTP requests in this frame

Frame: https://fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 21C138B2B999E3351EF84013B9031EE0
Requests: 1 HTTP requests in this frame

Frame: https://fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7A69E9902F0ED7A3CE36A7CF459738BE
Requests: 1 HTTP requests in this frame

Frame: https://fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4323A88008DFC1A271855A41B4282D05
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=102992&cbuster=2105319222&cbuster=1635642358&pubUrlAuto=https%3A%2F%2Fthesource.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 94289FCAF52A73DB51609E116856917E
Requests: 34 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: BB61BC597FFF442350E4D6937F05BC63
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D617debf62e85b%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 3B7F21AA262D9E5C9E79CAE4F6EAC647
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=94&advUuid=b51d55dc-39e6-11ec-a7cf-1a3233820506
Frame ID: 685B56275DB876841D161DE41C543297
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=98&advUuid=58075d16-1ddd-079c-093a-138de63b3e43
Frame ID: CA2C2A00C391D0DDB12C4DEF2E10773F
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: EB25F7BF1EC32965EF9ACA693B7011D8
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=rLBFhaTYqF90bHBlgOyS&pi=admatic&tc=1
Frame ID: B15954A166B54C707B936FF9FF46D72B
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 1F1FB37CDFFE0428AB8B6431950CCD1A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 631264D02866B3DE68FE4C4C9EA13C77
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 7D8111F82E58FF5C6EB18B8DE63780D0
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 9417A26E01B492E57C9D452175249F23
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 8B57000189527AF23610408A24105CB0
Requests: 7 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: A126663AC6B11EFAFC859083062B5B99
Requests: 11 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html
Frame ID: 2E55CE1704EF694EFC7054167090958B
Requests: 46 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: 7940FA11C9050DCAE57F9E9464221246
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 892984D8103C788D0567C94DD7705FA1
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 21B6D81E6FBD8568775A03DBE0CDDEEA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: B413E6138415F2A4972536D315EE9FE7
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 8F03273A167E9338B750DEB37AE397C9
Requests: 10 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Frame ID: B3974162BB9B977B1C649CE2D496088C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8C699ED46E6DE81F432CEF9FF2C26A64
Requests: 3 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 236AA6CBEA496AA890F8C7BE5B229B20
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c0fb1dc9-c452-445e-87f1-f9e9fd9d4c24&gdpr=1
Frame ID: 7AD70C9F7D6BAE09580497C6DA64959F
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 311F99CEEC6E8949296376E8FC61C732
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1635642356863
Frame ID: 921786E026959714D54262924FE8A09B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158314
Frame ID: 1C9E0B998715D5D888D45D7C6871AB75
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2D5110E12FA92A39B7C04CA6A01B28DC
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 53677877CEF8A3660CD88569F6DBBDCA
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5F970FE50CE3BEAACBA1462AD33F620C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CAC0A2B2C7192558BAF7BC45C4EB60B2
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 5EE6C7711F8FA72705E7C49D6A342DF0
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://thesource.com/ HTTP 301
    https://thesource.com/ Page URL

Page Statistics

381
Requests

87 %
HTTPS

30 %
IPv6

67
Domains

121
Subdomains

90
IPs

15
Countries

17891 kB
Transfer

23098 kB
Size

102
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://thesource.com/ HTTP 301
    https://thesource.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74
  • https://sb.scorecardresearch.com/b?c1=2&c2=34210833&ns__t=1635642356250&ns_c=UTF-8&cv=3.5&c8=The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%2CCulture%20and%20Politics&c7=https%3A%2F%2Fthesource.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=34210833&ns__t=1635642356250&ns_c=UTF-8&cv=3.5&c8=The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%2CCulture%20and%20Politics&c7=https%3A%2F%2Fthesource.com%2F&c9=
Request Chain 172
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D617debf62e85b%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D617debf62e85b%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=b51d5621-39e6-11ec-a7cf-1a3233820506 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=94&advUuid=b51d55dc-39e6-11ec-a7cf-1a3233820506
Request Chain 173
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D617debf62e85b%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=98&advUuid=58075d16-1ddd-079c-093a-138de63b3e43
Request Chain 186
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D617debf62e85b%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=93&advUuid=f7c80629-1073-49a4-8e57-a43b3dd0a656
Request Chain 187
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D617debf62e85b%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D617debf62e85b%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=99&advUuid=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB
Request Chain 188
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D617debf62e85b%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=105&advUuid=1797836623355034328
Request Chain 210
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=rLBFhaTYqF90bHBlgOyS&pi=admatic&tc=1
Request Chain 211
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 218
  • https://ih.adscale.de/uu?cbfn=receive&t=1635642359 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1635642359&nut&uu=f98fd327af1b463bb7d085920b89edde
Request Chain 230
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=f98fd327af1b463bb7d085920b89edde&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb022aa4a5c94437bb2dbbbcb7783784e%2F1635642359324%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/img?tpid=101&tpuid=BBID-01-03103563594690148-16434108
Request Chain 234
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=d8d1fbc412992878be3e887b43438a8a3cc3cfbce9186f5100b3b7d44ae96c89&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb022aa4a5c94437bb2dbbbcb7783784e%2F1635642359324%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=d123617d-ebf7-4000-b9de-123c9cbe399a&gdpr=0&gdpr_consent=
Request Chain 236
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fb022aa4a5c94437bb2dbbbcb7783784e%2F1635642359324%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/img?tpid=75&tpuid=1797836623355034328&gdpr=0
Request Chain 239
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=ea77f8ab92b44388addf4b483711c18aaf1edb405c2df58b5e52de333034bffc&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb022aa4a5c94437bb2dbbbcb7783784e%2F1635642359324%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YX3r9sc2gUbpCPEsKJuTXAAA%261180
Request Chain 241
  • https://track.adform.net/serving/cookie/match/?party=9&uid=9548ba956aa9663bf11fd6ac3416d39692bb101253c8e29312b1b465f8812e8c&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb022aa4a5c94437bb2dbbbcb7783784e%2F1635642359324%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=9548ba956aa9663bf11fd6ac3416d39692bb101253c8e29312b1b465f8812e8c&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb022aa4a5c94437bb2dbbbcb7783784e%2F1635642359324%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/img?tpid=42&gdpr=0&tpuid=5648159648007441509
Request Chain 242
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=2b17d7e9971fc6092b5d66d24bbcf3c47b5186ca3b727322e19ab40a455f7525&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb022aa4a5c94437bb2dbbbcb7783784e%2F1635642359324%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=71014a8a-7415-4985-97df-9e0e38448b37&gdpr=0
Request Chain 243
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=efafacda77b251bbd1d2736b5e1ff5e675aff003469c0e0804fac53b43369a8d&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb022aa4a5c94437bb2dbbbcb7783784e%2F1635642359324%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d123617d-ebf7-4000-b9de-123c9cbe399a&gdpr=0&gdpr_consent=
Request Chain 244
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=8cb5c79947b27a55aa2182c3af6aae76ae437b265088371790409255d884ff15&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb022aa4a5c94437bb2dbbbcb7783784e%2F1635642359324%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=8cb5c79947b27a55aa2182c3af6aae76ae437b265088371790409255d884ff15&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb022aa4a5c94437bb2dbbbcb7783784e%2F1635642359324%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/js?tpid=48&tpuid=481abcac45320921bb2bd04d8b1f53d8
Request Chain 248
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthesource.com%2F&domain=thesource.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Z3zns3xKWDMwbC9aQ3pKWXZoS2ZYRkFnNllxWDBBa296a3MvdkdZTnJqWlp0UG9FOU90QmVEb3hmRG1zMXFmT1lRcnc0dE44UFhtbjl5YWtPeldRMHdza1VRZWFPSGJiUEltQkZmMlg2NGZSVTVrRUYrV3lTRU5Nc1B4UHlKTHN5WldvaWNuSVZSSURqY0M5dE5rR0NicFFVQjRlcHFrU1dZays5VkY0a3p6U01QeTNDaDhSc1k0ZDQ5OFVEc3hoc0xTcGJNaGhLQUhsY1c0L2x1eWx2bnNKSUJQVTZ4Rzl3ZXZ5TUMvM0pBS1pvUllmaU9VbkNzTXBXd1pRUXk3UzFmZWtPNVFsUDJodm9VMDNhNjRXVU1nWDhMUT09fA&cppv=2
Request Chain 256
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=3e85e1cacd50152a28e16abce2f30dd&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g070_7025030444152589491 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=M2U4NWUxY2FjZDUwMTUyYTI4ZTE2YWJjZTJmMzBkZA==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESENIGlLGNuhu93XSEjbNonTA&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=42c67c7c-2551-47a2-b8b1-c646ec192f1f HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=1797836623355034328 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/3e85e1cacd50152a28e16abce2f30dd&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=
Request Chain 262
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB&dcc=t
Request Chain 263
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YX3r9sc2gUbpCPEsKJuTXAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE8CytBrvPF18H4_x4NPbZk&google_cver=1&gdpr=1
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEItwgb9fn5UACIyiYnXiotY&google_cver=1
Request Chain 268
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=534d22b8-4c19-416b-9438-5016fdf12a1b&expiration=1667178360
Request Chain 280
  • https://token.rubiconproject.com/token?pid=26594&gdpr=1 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVEJ884V-Q-254P&sigv=1&esig=2~8f0fb6e6809438a12c66ebc833dd46557f86d8a9&gdpr=1
Request Chain 281
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZFSjg4NFYtUS0yNTRQ&gdpr=1
Request Chain 282
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d123617d-ebf7-4000-b9de-123c9cbe399a&expires=28
Request Chain 284
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/lsf1dGlDeogfXiJ8H-1NyQ?csrc=&gdpr=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2711708518973686868
Request Chain 285
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1&_test=YX3r_AAA5aMF6wAz HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YX3r_AAA5aMF6wAz&gdpr=1&_test=YX3r_AAA5aMF6wAz
Request Chain 286
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmUxNzYyYjRhZDhmY2ZkM2MzODQzNjAxYzI2OTY0MGEwOTYwNWQ0OQ&gdpr=1
Request Chain 294
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 300
  • https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOYGJ8wT-Ch21eG3X-Uwfp525acpra254xK5NACA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOYGJ8wT-Ch21eG3X-Uwfp525acpra254xK5NACA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=8d8ca382-7215-454c-944d-db3fe055fb88&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOYGJ8wT-Ch21eG3X-Uwfp525acpra254xK5NACA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=8d8ca382-7215-454c-944d-db3fe055fb88&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=3f76c14e-64a0-4258-9a06-77b23687f4f7&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEALrpJyyi7MqIeh3axMKPUY&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEALrpJyyi7MqIeh3axMKPUY&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1797836623355034328&opid=apx&ops=&utidl=tech:goo:CAESEALrpJyyi7MqIeh3axMKPUY&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A21933300780&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/4/6.gif?puid=6d01eb616b58e63cfef3ea1d0062d0ba&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOYGJ8wT-Ch21eG3X-Uwfp525acpra254xK5NACA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Request Chain 301
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=87c25a2a-f804-429f-91ad-a99abb86e6ad&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dthemediagrid%26user_id%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=87c25a2a-f804-429f-91ad-a99abb86e6ad&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dthemediagrid%26user_id%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=themediagrid&user_id=
Request Chain 303
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=1797836623355034328
Request Chain 306
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d123617d-ebf7-4000-b9de-123c9cbe399a
Request Chain 307
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=k33lWsAutAqIeuEHxin_CJR061-IdeEGlHosDbpp
Request Chain 308
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5648159648007441509
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOgZoLFPrQ6BpTDbyuG7Gls&google_cver=1
Request Chain 313
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL8E57WwqnVUtYlaeuswlVk&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 314
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyODAxOTI5NTk5NDUxMTQyNTg%3D
Request Chain 316
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/14280192959945114258?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-A3uyTqZE2oR9PlA7NOpk16GTqki8xvepJD5kAOIOHQ--~A&dongle=0883
Request Chain 319
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=14280192959945114258 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14280192959945114258&dcc=t
Request Chain 320
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 321
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=8412288169538698134&dongle=d407
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEItwgb9fn5UACIyiYnXiotY&google_cver=1
Request Chain 328
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB&dcc=t
Request Chain 348
  • https://s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size=1x1&sek=20&mod=1&dur=0&swf=0&tm=1&gdpr=&gdpr_consent= HTTP 302
  • https://b60.s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size=1x1&sek=20&mod=1&dur=0&swf=0&tm=1&gdpr=&gdpr_consent=&fcref=https%3A%2F%2Fimasdk.googleapis.com%2F
Request Chain 358
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=87c25a2a-f804-429f-91ad-a99abb86e6ad&ssp=admatic&gdpr=&gdpr_consent=
Request Chain 369
  • https://s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size=1x1&sek=20&mod=13&dur=25&swf=0&tm=53205&gdpr=&gdpr_consent= HTTP 302
  • https://b60.s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size=1x1&sek=20&mod=13&dur=25&swf=0&tm=53205&gdpr=&gdpr_consent=&fcref=https%3A%2F%2Fimasdk.googleapis.com%2F
Request Chain 373
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=87c25a2a-f804-429f-91ad-a99abb86e6ad HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=87c25a2a-f804-429f-91ad-a99abb86e6ad HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=19ab0e4e-3412-4418-983a-1e2a467ef4f5&ssp=admatic&expires=30&user_group=5&bsw_param=87c25a2a-f804-429f-91ad-a99abb86e6ad HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=87c25a2a-f804-429f-91ad-a99abb86e6ad&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=87c25a2a-f804-429f-91ad-a99abb86e6ad&dsp_uuid=&dsp_id=
Request Chain 377
  • https://s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size=1x1&sek=20&mod=13&dur=50&swf=0&tm=51561&gdpr=&gdpr_consent= HTTP 302
  • https://b60.s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size=1x1&sek=20&mod=13&dur=50&swf=0&tm=51561&gdpr=&gdpr_consent=&fcref=https%3A%2F%2Fimasdk.googleapis.com%2F

381 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thesource.com/
Redirect Chain
  • http://thesource.com/
  • https://thesource.com/
221 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
9085ca362d6d0358ed186ba3c7832868b039c9e613c5a00abf923b5adad3cda0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 31 Oct 2021 01:05:55 GMT
content-type
text/html; charset=UTF-8
x-sucuri-id
22017
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
link
<https://thesource.com/wp-json/>; rel="https://api.w.org/"
content-encoding
gzip
vary
Accept-Encoding,User-Agent
referrer-policy
no-referrer-when-downgrade
x-sucuri-cache
MISS

Redirect headers

Server
Sucuri/Cloudproxy
Date
Sun, 31 Oct 2021 01:05:54 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
230
Connection
keep-alive
X-Sucuri-ID
15017
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Location
https://thesource.com/
Cache-Control
max-age=3600
Expires
Sun, 31 Oct 2021 02:05:54 GMT
X-Sucuri-Cache
EXPIRED
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf26e5da31fbcf97b58ad60baa4121ab276efd4ab78661e842fee1ff975071
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1029 / 588 of 1000 / last-modified: 1635545117"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27325
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 31 Oct 2021 01:05:55 GMT
prebid.js
hb-thesource.s3.us-east-2.amazonaws.com/new/ 		344 KB
344 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.98.106 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
98ffd2e9ead379b7984557941a347bcf03792ac13a60782f1df3fbafa2b8cfe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 01:05:57 GMT
Last-Modified
Tue, 26 Oct 2021 06:24:39 GMT
Server
AmazonS3
x-amz-request-id
J28CQ340X35RHSBB
ETag
"be2d227198191cb83a4d39f294d2b644"
Content-Type
application/javascript
Cache-Control
max-age=2592000,public
Accept-Ranges
bytes
Content-Length
351768
x-amz-id-2
WJS17nEftbAuLTtFDRHaw6UA0YSuWMYPvv2+lN6PzwQW0kdfMgf8vX5+0ryfNsO4DBDpAHt2CDM=
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-63798235-1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2c95cc4a9f22bde75b987558e15ab8e9f1bc3f3ca67eb153ad273c38bf0d0bf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35718
x-xss-protection
0
last-modified
Sun, 31 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 31 Oct 2021 01:05:55 GMT
sfm_style.css
thesource.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/css/sfm_style.css?ver=5.6.5
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
dbe1bae9ac7d036a9652e5b014e300eb127e176460b1a9c5ac2db778e899b97a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
3184
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:19:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24c1074-3ad3-5bb344152cb88-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
sfm_widgetStyle.css
thesource.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/css/ 		1004 B
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/css/sfm_widgetStyle.css?ver=5.6.5
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
1c5e854ffb860ade7b6e01352612340dd82858360c56bec6af9e12acc924b538
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
378
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:19:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24c1073-3ec-5bb344152cb88-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.min.css
thesource.com/wp-includes/css/dist/block-library/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.5
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
7849
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Feb 2021 02:49:53 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1425684-c88a-5bbf7f90a8b15-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
gutenslider-blocks.style.build.css
thesource.com/wp-content/plugins/gutenslider/dist/ 		32 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/gutenslider/dist/gutenslider-blocks.style.build.css?ver=1611875587
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
0060af55b40b80f184a0e97d6d426a78b4662c10830484105a91d1b10f94f3c1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
3484
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Jan 2021 23:13:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2480be9-7e66-5b9fe07ca38c8-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
dashicons.min.css
thesource.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-includes/css/dashicons.min.css?ver=5.6.5
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
35730
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 15 Apr 2021 18:49:47 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1425739-e688-5c00753db6814-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
cursor.css
thesource.com/wp-content/plugins/animated-typing-effect/assets/css/ 		476 B
562 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/animated-typing-effect/assets/css/cursor.css?ver=5.6.5
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
a8f0cdba9af9734e31aa748a0953c3fd806d5ea2aa37d9bfebe494cd7f707ae6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
147
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:20:36 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2860d2e-1dc-5bb3443fe6988-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
codeboxrflexiblecountdown-public.css
thesource.com/wp-content/plugins/codeboxrflexiblecountdown/assets/css/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/codeboxrflexiblecountdown/assets/css/codeboxrflexiblecountdown-public.css?ver=1.8.0
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
b55bb81e3860986b9367a08c2d606ccce55724e6b3e72b983047da6d107f9758
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1418
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 21 Sep 2020 21:34:10 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1aa073a-3765-5afd99c62b211-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
styles.css
thesource.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
730
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 26 Dec 2020 23:26:34 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1aa01e4-780-5b7665f2942a0-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
morph.css
thesource.com/wp-content/plugins/morph-by-bonfire/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/morph-by-bonfire/morph.css?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
2259195eb1777a95ed2cf096f110800af53b0168aecd81673fb2a09802b0b364
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
6102
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 17 Jan 2021 05:06:39 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24600d8-925b-5b911920d1fef-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&ver=1.0.0
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 30 Oct 2021 23:11:30 GMT
server
ESF
date
Sun, 31 Oct 2021 01:05:55 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Sun, 31 Oct 2021 01:05:55 GMT
font-awesome.min.css
thesource.com/wp-content/plugins/morph-by-bonfire/fonts/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/morph-by-bonfire/fonts/font-awesome/css/font-awesome.min.css?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
7053
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 17 Jan 2021 05:06:39 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24600c7-7918-5b911920d104f-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
slick.css
thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 		2 KB
985 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/slick.css?ver=2.6
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
9f758ba27f5e68c0c2af1d56b729721d0bdd8a6235637c567043ab22e1eb29ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
570
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"288158d-62b-5bb3445c8dcee-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
recent-post-style.css
thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=2.6
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
31197c647656a22836cab642095b18602ae852b7a291188d677a0b4eea5a35e8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
2436
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2881590-3aa5-5bb3445c8dcee-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
frontend.min.css
thesource.com/wp-content/plugins/google-analytics-premium/assets/css/ 		36 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/google-analytics-premium/assets/css/frontend.min.css?ver=7.16.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
d98d7bdfe0f9ac78ec9ab3274b04e5663ef132767c4014ca899c820634b3f204
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
2914
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Mar 2021 05:42:23 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"292047f-8f1f-5bcaf6e847163-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
style-1020px.css
thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/css/ 		208 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/css/style-1020px.css?ver=5.1.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
0f63aebd33fe2858a5adc1469a271140e176e701fad42c8db359c5e7e77aee59
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
30740
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 01 Jun 2020 23:21:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1e407dd-34125-5a70e0d826ac2-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		5 KB
757 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic%7CKarla%3A400%2C700%2C400italic&subset=greek%2Cgreek-ext&ver=5.1.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
70856655dc5694a825c6bc9126f48e52fa3d0e3270604e64fc122076f9739451
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 31 Oct 2021 01:05:55 GMT
server
ESF
date
Sun, 31 Oct 2021 01:05:55 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Sun, 31 Oct 2021 01:05:55 GMT
font-awesome.min.css
thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/css/fontawesome/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/css/fontawesome/css/font-awesome.min.css?ver=4.3.0
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
5443
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 01 Jun 2020 23:21:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1e407f2-5cbb-5a70e0d826ac2-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
frontend-gtag.min.js
thesource.com/wp-content/plugins/google-analytics-premium/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=7.16.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
4da93c4c460686e5b52aebf600360f6aa476d4953fd1194010f1918ad6907308
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
2796
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Mar 2021 05:42:23 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"29204bf-23c0-5bcaf6e848104-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
thesource.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
30916
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 14 Dec 2020 02:42:38 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"15419fd-15d98-5b663986e5ab1-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
thesource.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
4169
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 14 Dec 2020 02:42:38 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1425c99-2bd8-5b663986e5ab1-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
morph-accordion.js
thesource.com/wp-content/plugins/morph-by-bonfire/js/ 		2 KB
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/morph-by-bonfire/js/morph-accordion.js?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
1b4d9184b3010223e94829223441cd37e850f296f893982756a478a736b590a3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
505
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 17 Jan 2021 05:06:39 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24600d7-65a-5b911920d1fef-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
modernizr.custom.min.js
thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/js/modernizr.custom.min.js?ver=2.6.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
5498eab9ddd9c6790d3e401556c0daaa159bcf36708cb89fee8184bf38e4b7aa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
6221
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 01 Jun 2020 23:21:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1e40839-3b16-5a70e0d827a63-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
nY_PcrO6M1v8rxrnAfvFh4iOgrD_tFp3
content-encoding
gzip
etag
3900a2c2d757386fb762bfd86288f882
age
110
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1EMGRY4PN3BBTHPQ3FQ5
date
Sun, 31 Oct 2021 01:04:06 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
_RP3KNduwbQazNM25B774gl8q7cuFQwp3uCRFsOhi8lg4CMwSGUk0w==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4439fc742b82f9cbec7e121338dc9478db865ad5c0d95c6ea0f311943f88d18d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
8hQoY+WtPtVg8o/Rl1zmdg==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
ZUQ5a8S9UWrxByRjFYWbfKV7GaR6reLOEkLxvkKLXE5CHuAG2tOAteCmD64DdgI/1qZpWAM8DsoUvfRzwUMYSw==
x-fb-trip-id
686109401
x-fb-content-md5
ac97f5ab24729e42c3b14a5478989c97
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 31 Oct 2021 01:05:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"e12b66b08c628297a7bf53d9db7dbc15"
timing-allow-origin
*
expires
Sun, 31 Oct 2021 01:17:25 GMT
pubads_impl_2021102701.js
securepubads.g.doubleclick.net/gpt/ 		353 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
9d07f01e075074db0154aae1cd5fc2f2f3ffe87d787783f686444f5583503437
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121586
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 08:34:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 31 Oct 2021 01:05:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		203 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=thesource.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
7c686f822d5dd41c8b26d0e637926eec6fa9dad55311250292f8164fdaff5d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127
x-xss-protection
0
expires
Sun, 31 Oct 2021 01:05:55 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-63798235-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
3922
date
Sun, 31 Oct 2021 00:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 31 Oct 2021 02:00:34 GMT
wp-emoji-release.min.js
thesource.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.5
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
4662
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Feb 2021 02:49:11 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1425d67-3795-5ba79bf963d39-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
source_logo_.svg
thesource.com/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/source_logo_.svg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
7c000e1bbe3d84a70b062afb26a85fee789771b492d23c40c7be77a8cdaf84cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1390
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
SAMEORIGIN
etag
"14200e8-d75-598cf3a31057c-gzip"
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
0-3-screenshot.png
thesource.com/wp-content/uploads/2021/10/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/10/0-3-screenshot.png
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
f509f832e10ff7e4224b8b07ed86a49d5a696e226f35d08d14c2106355f4900e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1113285
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 27 Oct 2021 04:49:07 GMT
server
nginx
etag
"182ed2e-10fcc5-5cf4e5071f337"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
unnamed-3-6.jpg
thesource.com/wp-content/uploads/2021/10/ 		1018 KB
1020 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/10/unnamed-3-6.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
ed437a1fb95ad79f6df72602854eb2a02104d41adf8eedcc65a701d995c1bdbb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1042507
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 27 Oct 2021 03:33:35 GMT
server
nginx
etag
"182ecbd-fe84b-5cf4d4250c3fb"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
lilnasxindustrybaby.jpg
thesource.com/wp-content/uploads/2021/07/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/07/lilnasxindustrybaby.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
eeda51c9c143717927f38b676240b491201f8833a985eec48a5e8b1b532c2f29
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
57906
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 20 Jul 2021 03:39:51 GMT
server
nginx
etag
"1826085-e232-5c785ce68d921"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
Kevin-Hart-is-Recovering-from-a-Successful-Back-Surgery-Following-Major-Car-Accident.jpg
thesource.com/wp-content/uploads/2019/09/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2019/09/Kevin-Hart-is-Recovering-from-a-Successful-Back-Surgery-Following-Major-Car-Accident.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
2625382d95e280866378667c65993970def7182a834d1ed7422529d81a9c7a63
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
38830
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Nov 2019 22:07:51 GMT
server
nginx
etag
"17c4fab-97ae-597a62db92775"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
harder-they-fall.jpeg
thesource.com/wp-content/uploads/2021/10/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/10/harder-they-fall.jpeg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
71de7869bf749d2801e84c0b1c257a69558009c9799dfd5ad64875e754a2448e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
134730
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Oct 2021 04:23:09 GMT
server
nginx
etag
"182f0b9-20e4a-5cf762f40fc78"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
BlocboyJB-DDNC-copy.jpg
thesource.com/wp-content/uploads/2021/10/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/10/BlocboyJB-DDNC-copy.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
4ec8994755e6258ff36e86dba18c1b326baff91ca961960815c5e5376c442445
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1598292
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 30 Oct 2021 16:36:39 GMT
server
nginx
etag
"182f291-186354-5cf948c526477"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
unnamed-9.png
thesource.com/wp-content/uploads/2021/10/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/10/unnamed-9.png
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
22d994a0c42f5a48362fd5eadac6762403c7addbd8e8b0d9025e067dff4679ae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1590103
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 30 Oct 2021 16:31:33 GMT
server
nginx
etag
"182f280-184357-5cf947a085700"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
TheSource-scaled.jpg
thesource.com/wp-content/uploads/2021/02/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/02/TheSource-scaled.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
91937d656c2490512dc253c12ca1119bb6612654aff5cdf93d857db973fbc0bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
81236
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 22 Feb 2021 20:33:56 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1844291-13d54-5bbf2b8950b3d"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
TSSDownload.jpg
thesource.com/wp-content/uploads/2021/02/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/02/TSSDownload.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
cb6c93ae56be1b80e9734a2e323c1f081735f4ae7ddc2f99b24ce7dba15b2364
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
135121
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 22 Feb 2021 20:42:53 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"18442a8-20fd1-5bbf2d898d441"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
slick.min.js
thesource.com/wp-content/plugins/gutenslider/src/vendor/slick/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/gutenslider/src/vendor/slick/slick.min.js?ver=1611875587
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
10442
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Jan 2021 23:13:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2480bf9-a76f-5b9fe07ca4868-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
gutenslider.js
thesource.com/wp-content/plugins/gutenslider/dist/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/gutenslider/dist/gutenslider.js?ver=1611875587
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
00bcc95e057fdbf8afa5fa49ef756cc654084b619188c64f0249064b141b8ffb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
3674
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Jan 2021 23:13:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2480be7-3411-5b9fe07ca38c8-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
typed.js
thesource.com/wp-content/plugins/typing-animation-block/vendor/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/typing-animation-block/vendor/typed.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
bc91070943a905f7972cf01972b38c24d80edf9c789eeaeb348fb6ee1a9e0da0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
7296
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:29 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"28c0a3d-8039-5bb3447193d41-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
frontend.js
thesource.com/wp-content/plugins/typing-animation-block/src/ 		852 B
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/typing-animation-block/src/frontend.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
bd45626491501bb2353467354cafb6c8256e75252c036050282ee97fae6709f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
492
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:29 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"28c0a4c-354-5bb3447193d41-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
typed.js
thesource.com/wp-content/plugins/animated-typing-effect/assets/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/animated-typing-effect/assets/js/typed.js?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
561cee3ce7c56f84f342daeef6d3be53a01f09375f48f915b006779a62852dc2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
4136
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:20:36 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2860d39-3cff-5bb3443fe6988-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
typed.fe.js
thesource.com/wp-content/plugins/animated-typing-effect/assets/js/ 		729 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/animated-typing-effect/assets/js/typed.fe.js?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
65fde5fc0a0151d33bea0bfc69398048f6037da276705d396761015b31ccba84
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
361
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:20:36 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2860d36-2d9-5bb3443fe6988-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
codeboxrflexiblecountdown-public.js
thesource.com/wp-content/plugins/codeboxrflexiblecountdown/assets/js/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/codeboxrflexiblecountdown/assets/js/codeboxrflexiblecountdown-public.js?ver=1.8.0
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
59545507a40fa184e27f685a5448e2094a921c354e35ba46ca778ea64ac88944
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
33125
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 21 Sep 2020 21:34:10 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1aa0743-1f714-5afd99c62b211-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
scripts.js
thesource.com/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
3951
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 26 Dec 2020 23:26:34 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1aa020b-37c8-5b7665f2942a0-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
morph.js
thesource.com/wp-content/plugins/morph-by-bonfire/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/morph-by-bonfire/js/morph.js?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
caecb1bf35e6ff8a91bf2e2a4837660e00c399d0d8692466a371373e54b90f75
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
728
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 17 Jan 2021 05:06:39 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24600d6-1506-5b911920d1fef-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
search.js
thesource.com/wp-content/plugins/morph-by-bonfire/js/ 		2 KB
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/morph-by-bonfire/js/search.js?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
fa48f7a91f25c7a1888f23288d2d8eec1b8c8e3bb92333b8a10b565b207c2375
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
456
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 17 Jan 2021 05:06:39 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24600d5-873-5b911920d1fef-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
retina.min.js
thesource.com/wp-content/plugins/morph-by-bonfire/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/morph-by-bonfire/js/retina.min.js?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
081ac47ebc414943049836ff8e1b06aceb20c1c27419aa8807f55f88e8dfa29b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
764
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 17 Jan 2021 05:06:39 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24600d4-5ec-5b911920d1fef-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.scrollbar.min.js
thesource.com/wp-content/plugins/morph-by-bonfire/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/morph-by-bonfire/js/jquery.scrollbar.min.js?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
cf2495ac055ca7ea80df330c2c0ea6d62babff156be8ff1645fcc2e2fa310c63
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
4089
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 17 Jan 2021 05:06:39 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24600d1-2ff3-5b911920d1fef-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
twitter-widgets.js
thesource.com/wp-content/plugins/easy-twitter-feed-widget/js/ 		486 B
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/easy-twitter-feed-widget/js/twitter-widgets.js?ver=1.0
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
d4a629c0feed21954dc06ea0116241bc40b7148d3cfc8ea9e6840b087773a132
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
315
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Nov 2019 22:08:20 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1900392-1e6-597a62f75ef0c-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.ext.js
thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/js/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/js/jquery.ext.js?ver=5.1.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
6ce3e020c5780b72d4a2aedd976cb668228ce2bb789c46dd46b19034f5504138
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
26056
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 01 Jun 2020 23:21:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1e4083a-137b4-5a70e0d827a63-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
cb-scripts.min.js
thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/js/cb-scripts.min.js?ver=5.1.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
6c9cac9b30dca2e7eeb9e9690b1bf8fb56416ac5e03f7a85f47d99c4a31df50c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
5051
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 01 Jun 2020 23:21:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1e40837-4280-5a70e0d827a63-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-embed.min.js
thesource.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-includes/js/wp-embed.min.js?ver=5.6.5
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
765
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Feb 2021 02:49:11 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1425c6a-592-5ba79bf963d39-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.6.5
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
324
etag
W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6a68fa55ded0440d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 03 Nov 2021 01:05:56 GMT
slick.min.js
thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/js/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/js/slick.min.js?ver=2.6
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
10442
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2881593-a76f-5bb3445c8dcee-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wppsac-public.js
thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/js/wppsac-public.js?ver=2.6
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
9f9adf40b90518185af5c536daeb039f575aef8f3bd5ef42c020c418ba799b9b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1467
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2881594-2268-5bb3445c8dcee-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 02:29:30 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
81387
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
ufwiFkCdx-kBiA0XxGWTKLO-_cVvHJ2KPJZJWtsMp-OCZkI5kHfBfQ==
gtm.js
www.googletagmanager.com/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTN2Q9
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
720ec95d60006f7535e2c3307783d368e5eb8147c971bf818cfd2c431b41e65c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37442
x-xss-protection
0
last-modified
Sun, 31 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 31 Oct 2021 01:05:56 GMT
/
thesource.com/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
link
<https://thesource.com/wp-json/>; rel="https://api.w.org/"
expires
Thu, 19 Nov 1981 08:52:00 GMT
source-logo_no-tag-NEW-CLASSIC.png
thesource.com/wp-content/uploads/2021/04/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/04/source-logo_no-tag-NEW-CLASSIC.png
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
5164bd05af39d3bfd75b96ecd577ea9e30ffd45f4249765dced7de4363559e3f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
14879
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Apr 2021 16:28:16 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"19035ea-3a1f-5bfc90033011b"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
qkBbXvYC6trAT7RVLtw.woff2
fonts.gstatic.com/s/karla/v15/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v15/qkBbXvYC6trAT7RVLtw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic%7CKarla%3A400%2C700%2C400italic&subset=greek%2Cgreek-ext&ver=5.1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb6e74951b276f25770b35ae0e206139f1494d73cce9c72382731c50c7b8880f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thesource.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 09:05:21 GMT
x-content-type-options
nosniff
age
316835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29268
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:11:53 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 27 Oct 2022 09:05:21 GMT
fontawesome-webfont.woff2
thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/css/fontawesome/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: thesource.com
URL: https://thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/css/fontawesome/css/font-awesome.min.css?ver=4.3.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/css/fontawesome/css/font-awesome.min.css?ver=4.3.0
Origin
https://thesource.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
56777
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
SAMEORIGIN
etag
"1e407f7-ddcc-5a70e0d826ac2-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/font-woff2
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v40/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic%7CKarla%3A400%2C700%2C400italic&subset=greek%2Cgreek-ext&ver=5.1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thesource.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 20:36:57 GMT
x-content-type-options
nosniff
age
188939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24080
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:47 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 28 Oct 2022 20:36:57 GMT
sdk.js
connect.facebook.net/en_US/ 		271 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=9f3f24c381bcd8e96ac574d0a6d1992a
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7f677da7121af31d9967b282fe0b1a91b0b04158e376860bc0b78250af30efff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://thesource.com/
Origin
https://thesource.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
YzXmyZO5ttjwPrVrpdovyA==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
78154
x-fb-rlafr
0
x-fb-debug
vIzbFEDIT/ZNQTmjJZquVEoNpg5khZiVGLaw7uMKUeFwg19oxCOYn70mjPbJ3qfh6SJbdCDrIQsmat5H+P5Nng==
x-fb-trip-id
686109401
x-fb-content-md5
937878eb0cc7f029a17a614769a200a7
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 31 Oct 2021 01:05:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"85678bf3a22142856cfcd6d12fc1c348"
timing-allow-origin
*
expires
Sun, 30 Oct 2022 23:30:04 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
72d43d4ff0adb982ce42d41ef08e5f88c1854e4c8ea6455771ace93761a067c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
gzip
etag
"f5gpBRZmwYYTVm3LkZ0l2w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sun, 07 Nov 2021 01:05:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thesource.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:31:41 GMT
x-content-type-options
nosniff
age
290055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 27 Oct 2022 16:31:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thesource.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 02:46:35 GMT
x-content-type-options
nosniff
age
166761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 29 Oct 2022 02:46:35 GMT
lilnasxindustrybaby-360x240.jpg
thesource.com/wp-content/uploads/2021/07/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/07/lilnasxindustrybaby-360x240.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
0131c747444baa95b7ed4d911e5646fde99602be0b61638bf5eb569726663846
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
11098
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 20 Jul 2021 03:39:51 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"182608c-2b5a-5c785ce6e288d"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
harder-they-fall-750x400.jpeg
thesource.com/wp-content/uploads/2021/10/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/10/harder-they-fall-750x400.jpeg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
465f48f07b60f99f39bb4c77f226e52689f26f370d652558754219b3702f1257
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:55 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
35130
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Oct 2021 04:23:11 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"182f0c8-893a-5cf762f5bb877"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:38:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 31 Oct 2021 01:38:41 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=34210833&ns__t=1635642356250&ns_c=UTF-8&cv=3.5&c8=The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%2CCulture%20and%20Politics&c7=https%3A%2F%2Ft...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=34210833&ns__t=1635642356250&ns_c=UTF-8&cv=3.5&c8=The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%2CCulture%20and%20Politics&c7=https%3A%2F%2F...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=34210833&ns__t=1635642356250&ns_c=UTF-8&cv=3.5&c8=The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%2CCulture%20and%20Politics&c7=https%3A%2F%2Fthesource.com%2F&c9=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Server
13.32.99.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
GrHtVA1ApcDC-Gtd7P2BRFd89vnd8QNmqHuT8jIU-YZZpgZ2Cv9-9g==

Redirect headers

date
Sun, 31 Oct 2021 01:05:56 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=34210833&ns__t=1635642356250&ns_c=UTF-8&cv=3.5&c8=The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%2CCulture%20and%20Politics&c7=https%3A%2F%2Fthesource.com%2F&c9=
content-length
239
x-amz-cf-id
3HCW4hQWHUWo1gsJHqGfLXtFqoFLaBQs6jkdL9qz5FOBzECwRBWCig==
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.6.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1544
etag
W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6a68fa587a06440d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 03 Nov 2021 01:05:56 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthesource.com%2F&pubid=52aaa0c8-2bfb-4323-8ca3-0f0fe48aaf4d
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 21:05:24 GMT
via
1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
server
Server
age
14431
x-cache
Hit from cloudfront
access-control-allow-origin
https://thesource.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
Wa4A5uAsl8YbDbyc9SU-AoeaVLC-iizaMWlubF4dzW20q1GPuoxj4g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
81211
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
date
Sat, 30 Oct 2021 02:32:26 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
bhvw9J6MMnEExoed1j2hAXZ0dzOdUR8xM9NDwcNu7DJARSxNDP261A==
rules-p-LZP_7FJpfuC2Z.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-LZP_7FJpfuC2Z.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ac00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3954c079cedc82e8ddac1125c3867f78b5ea5df0059c11e3f6834246f3b35b98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:34:42 GMT
content-encoding
gzip
age
2866
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Fri, 05 Jan 2018 16:04:56 GMT
server
AmazonS3
etag
W/"025943522efe6e2f31c0bf63be082b07"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 0c688bb347bc402edc1209f13e04d88c.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
m6euDw946soTYaYqOAhRO9P5fbuE9QHT3PKXDST_9hr1TTYO5PP_Tg==
collect
www.google-analytics.com/j/ 		2 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=452735977&t=pageview&_s=1&dl=https%3A%2F%2Fthesource.com%2F&ul=en-us&de=UTF-8&dt=The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%2CCulture%20and%20Politics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=596407756&gjid=1932872840&cid=26038121.1635642356&tid=UA-63798235-1&_gid=1863689432.1635642356&_r=1&gtm=2ouar0&did=dZGIzZG&z=1195858103
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-63798235-1&cid=26038121.1635642356&jid=440615183&gjid=1879849256&_gid=1863689432.1635642356&_u=aGDAgUIhAAAAAG~&z=976021920
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 31 Oct 2021 01:05:56 GMT
content-type
text/plain
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=452735977&t=pageview&_s=1&dl=https%3A%2F%2Fthesource.com%2F&ul=en-us&de=UTF-8&dt=The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%2CCulture%20and%20Politics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgUIhAAAAAC~&jid=440615183&gjid=1879849256&cid=26038121.1635642356&tid=UA-63798235-1&_gid=1863689432.1635642356&gtm=2wgar0NTN2Q9&z=1670441872
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Oct 2021 09:50:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54922
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-63798235-1&cid=26038121.1635642356&jid=596407756&gjid=1932872840&_gid=1863689432.1635642356&_u=aGBAAUIgAAAAAC~&z=1661370727
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 31 Oct 2021 01:05:56 GMT
content-type
text/plain
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-63798235-1&cid=26038121.1635642356&jid=440615183&_u=aGDAgUIhAAAAAG~&z=2120946536
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-63798235-1&cid=26038121.1635642356&jid=440615183&_u=aGDAgUIhAAAAAG~&z=2120946536
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-63798235-1&cid=26038121.1635642356&jid=596407756&_u=aGBAAUIgAAAAAC~&z=2116333787
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-63798235-1&cid=26038121.1635642356&jid=596407756&_u=aGBAAUIgAAAAAC~&z=2116333787
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=765085139;labels=title.The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%20Culture%20and%20Politics;rf=0;a=p-LZP_7FJpfuC2Z;url=https%3A%2F%2Fthesource.com%2F;uh=e51ed67dfb8d91dc24b...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=765085139;labels=title.The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%20Culture%20and%20Politics;rf=0;a=p-LZP_7FJpfuC2Z;url=https%3A%2F%2Fthesource.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1493024277-1635642356388;pbc=;ns=0;ce=1;qjs=1;qv=bb78f58d-20211025154311;cm=;gdpr=0;ref=;d=thesource.com;je=0;sr=1600x1200x24;dst=0;et=1635642356388;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%252CCulture%20and%20Politics%2Cdescription.The%20Magazine%20of%20Hip%20Hop%20Music%252CCulture%20and%20Politics%2Curl.https%3A%2F%2Fthesource%252Ecom%2F%2Csite_name.The%20Source
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: thesource.com
URL: https://thesource.com/wp-content/plugins/easy-twitter-feed-widget/js/twitter-widgets.js?ver=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674D) /
Resource Hash
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 01:05:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:33:56 GMT
Server
ECS (frb/674D)
Age
16
Etag
"a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29104
ajax-loader.gif
thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ajax-loader.gif
Requested by
Host: thesource.com
URL: https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/slick.css?ver=2.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/slick.css?ver=2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
4178
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"288158f-1052-5bb3445c8dcee"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
arrow-left.png
thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 		441 B
828 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/arrow-left.png
Requested by
Host: thesource.com
URL: https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=2.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
144dfc7f3c8315d272c4dc03429633b1b6766e898302f6ff059e7df0cf8c9021
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
441
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"288158a-1b9-5bb3445c8dcee"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
arrow-right.png
thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 		433 B
820 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/arrow-right.png
Requested by
Host: thesource.com
URL: https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=2.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
cab8a95ca8e2bf48b0f4e16f3b1298fbb408d416e575b6bb0b766a48d6ec7e45
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
433
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"288158c-1b1-5bb3445c8dcee"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
classic-081711.css
cdn-images.mailchimp.com/embedcode/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/classic-081711.css
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6f4e220da1d394544fa342b883483af7f0294f92a7c988f6606ae78775d6aba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 30 Oct 2021 14:00:50 GMT
Content-Encoding
gzip
Age
39907
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 18 Aug 2011 14:29:34 GMT
Server
AmazonS3
ETag
W/"d813facc50cef75301d8b012379bb198"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-amz-meta-s3fox-filesize
3553
x-amz-meta-s3fox-modifiedtime
1313677757000
X-Amz-Cf-Pop
FRA60-P2
X-Amz-Cf-Id
VJ1wbitaiiGPaYZwB6L3aTCjvciQ0kJdx4NIDtX2e9VeYWEpnheprw==
BlocboyJB-DDNC-copy-360x240.jpg
thesource.com/wp-content/uploads/2021/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/10/BlocboyJB-DDNC-copy-360x240.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
0285974cab4bcfd3b5d988c76243d60534d5232e37ed767a09aa883490ac9d16
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
22518
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 30 Oct 2021 16:36:43 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"182f29e-57f6-5cf948c83582a"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
unnamed-9-360x240.png
thesource.com/wp-content/uploads/2021/10/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/10/unnamed-9-360x240.png
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
79dc23697a4e2dbe616963984e4b344afbaa0ce0461fce7ddce32cd38595a138
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
102726
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 30 Oct 2021 16:31:36 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"182f289-19146-5cf947a363d6b"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
LeanneLeuterio-DaBaby-Day1-6689-750x400.jpg
thesource.com/wp-content/uploads/2021/10/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/10/LeanneLeuterio-DaBaby-Day1-6689-750x400.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
e6842f7c77bbbd05627f35fe95c4dbcad96618ff9fab1ef979045542ab0c3b18
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
40903
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 30 Oct 2021 16:22:29 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"182f21e-9fc7-5cf9459a852ca"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
unnamed-1-10-360x240.jpg
thesource.com/wp-content/uploads/2021/10/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/10/unnamed-1-10-360x240.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
341d60978be773324efc5675af22bf12fc60184826da150273899f267b4b00ac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
19621
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 30 Oct 2021 16:15:49 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"182f188-4ca5-5cf9441c4cf2a"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
Screen-Shot-2021-10-30-at-12.14.17-PM-360x240.png
thesource.com/wp-content/uploads/2021/10/ 		152 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/10/Screen-Shot-2021-10-30-at-12.14.17-PM-360x240.png
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
03f7699bbe17a575f73f368f2281dce304d2e0057c4a73c5963bd70b44d82003
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
155622
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 30 Oct 2021 16:15:04 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"182f178-25fe6-5cf943f1d5764"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
Ice-Cube-750x400.jpeg
thesource.com/wp-content/uploads/2021/10/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/10/Ice-Cube-750x400.jpeg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
b13ff92eca1c43f596132ca152d3d9b0ff6bb631645113fde351cdd5dda3a5b1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
38976
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 30 Oct 2021 14:40:17 GMT
server
nginx
etag
"182f16d-9840-5cf92ec21408b"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
22017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
web
onesignal.com/api/v1/sync/d4d4d594-0c3c-437a-8284-31682a5932cb/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/d4d4d594-0c3c-437a-8284-31682a5932cb/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bde834c9180505956402b7376a27f66509c5d4ec1fcc5f4376b7de5b2b028ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1412
cf-polished
origSize=3369
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
3c86ed89-c300-4622-a115-dd874194b0cd
x-runtime
0.025369
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3b69fdf3cbe9cac4aa1d4aacca0c1420"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6a68fa595b60440d-FRA
access-control-allow-headers
SDK-Version
expires
Sun, 31 Oct 2021 02:05:56 GMT
widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html
platform.twitter.com/widgets/ Frame B56D 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fthesource.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
788643
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 31 Oct 2021 01:05:56 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 18 Oct 2021 18:32:00 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6711)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthesource.com%2F&pid=2dJgQRY8udgVt&cb=0&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Leaderboard_A%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Leaderboard_B%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Leaderboard_C%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Leaderboard_D%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Sidebar_A%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Sidebar_B%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Sidebar_C%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Sidebar_D%22%7D%2C%7B%22sd%22%3A%228%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Sidebar_E%22%7D%2C%7B%22sd%22%3A%229%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Outstream%22%7D%2C%7B%22sd%22%3A%2210%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Adhesion%22%7D%2C%7B%22sd%22%3A%2211%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22301775111%2FUndertone_Test%2FUndertone_BrandReveal%22%7D%2C%7B%22sd%22%3A%2212%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22301775111%2FUndertone_Test%2FUndertone_PageGrabber%22%7D%2C%7B%22sd%22%3A%2213%22%2C%22s%22%3A%5B%221000x300%22%5D%2C%22sn%22%3A%22301775111%2FAdventive_Test%2FAdventive_1000x300%22%7D%2C%7B%22sd%22%3A%2214%22%2C%22s%22%3A%5B%221045x381%22%5D%2C%22sn%22%3A%22301775111%2FAdventive_Test%2FAdventive_1045x381%22%7D%2C%7B%22sd%22%3A%2215%22%2C%22s%22%3A%5B%221900x196%22%5D%2C%22sn%22%3A%22301775111%2FAdventive_Test%2FAdventive_1900x196%22%7D%5D&pubid=52aaa0c8-2bfb-4323-8ca3-0f0fe48aaf4d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
via
1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
NXV75BT4DQRJG8FNBVXB
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thesource.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
eatzcSyQ7Ev-5wFUw08S4em85xe3v9FpaQhTqtjbuey1XQzT-CEXVQ==
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thesource.com
date
Sun, 31 Oct 2021 01:05:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
exchange.postrelease.com/ 		0
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1132776,1132784,1132785,1132786,1132780,1132781,1132782,1132783&ntv_pb_rid=1127c22b0dff3af&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiZGl2LWdwdC1hZC1UaGVTb3VyY2VfRGVza3RvcF9MZWFkZXJib2FyZF9BIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbNzI4LDkwXSxbOTcwLDkwXV19fX0seyJhZFVuaXRDb2RlIjoiZGl2LWdwdC1hZC1UaGVTb3VyY2VfRGVza3RvcF9MZWFkZXJib2FyZF9CIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbNzI4LDkwXV19fX0seyJhZFVuaXRDb2RlIjoiZGl2LWdwdC1hZC1UaGVTb3VyY2VfRGVza3RvcF9MZWFkZXJib2FyZF9DIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbNzI4LDkwXV19fX0seyJhZFVuaXRDb2RlIjoiZGl2LWdwdC1hZC1UaGVTb3VyY2VfRGVza3RvcF9MZWFkZXJib2FyZF9EIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbNzI4LDkwXSxbOTcwLDkwXV19fX0seyJhZFVuaXRDb2RlIjoiZGl2LWdwdC1hZC1UaGVTb3VyY2VfRGVza3RvcF9TaWRlYmFyX0IiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzAwLDYwMF1dfX19LHsiYWRVbml0Q29kZSI6ImRpdi1ncHQtYWQtVGhlU291cmNlX0Rlc2t0b3BfU2lkZWJhcl9DIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19LHsiYWRVbml0Q29kZSI6ImRpdi1ncHQtYWQtVGhlU291cmNlX0Rlc2t0b3BfU2lkZWJhcl9EIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19LHsiYWRVbml0Q29kZSI6ImRpdi1ncHQtYWQtVGhlU291cmNlX0Rlc2t0b3BfU2lkZWJhcl9FIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XX0=&ntv_dbr=eyJkaXYtZ3B0LWFkLVRoZVNvdXJjZV9EZXNrdG9wX0xlYWRlcmJvYXJkX0EiOjAsImRpdi1ncHQtYWQtVGhlU291cmNlX0Rlc2t0b3BfTGVhZGVyYm9hcmRfQiI6MCwiZGl2LWdwdC1hZC1UaGVTb3VyY2VfRGVza3RvcF9MZWFkZXJib2FyZF9DIjowLCJkaXYtZ3B0LWFkLVRoZVNvdXJjZV9EZXNrdG9wX0xlYWRlcmJvYXJkX0QiOjAsImRpdi1ncHQtYWQtVGhlU291cmNlX0Rlc2t0b3BfU2lkZWJhcl9CIjowLCJkaXYtZ3B0LWFkLVRoZVNvdXJjZV9EZXNrdG9wX1NpZGViYXJfQyI6MCwiZGl2LWdwdC1hZC1UaGVTb3VyY2VfRGVza3RvcF9TaWRlYmFyX0QiOjAsImRpdi1ncHQtYWQtVGhlU291cmNlX0Rlc2t0b3BfU2lkZWJhcl9FIjowfQ==&ntv_url=https%3A%2F%2Fthesource.com%2F
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.208.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-208-127.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:57 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://thesource.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026936&size_id=2&alt_size_ids=55&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=77dcd86e-b69a-47bb-8a55-422ebb1c9231&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7672214921357412
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c002:200::52 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d349192a05badf9209a0502404030308b07c0a4fe2d3f2112c38c9b1b4ca9a72

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:05:57 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026950&size_id=2&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=469b92ed-0ea8-4aef-907f-e03c7f1da5bf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.30301286006017025
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c002:200::52 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9955ff5b4d6f476d52f790fc49c6fcdbe661b9d3b10497fad0647f1805041840

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:05:57 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026952&size_id=2&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=7c632025-1728-49ce-bf91-e544112415db&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.013735597252047205
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c002:200::52 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6c5334b0af6f781d81198801f4f3e64484efef498bf4ababcb6ba38d5d1e7dc4

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:05:57 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
1822
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026946&size_id=2&alt_size_ids=55&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=d5ab0b53-465d-4331-80f4-ed6bc2021c7d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.22173529436610373
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c002:200::52 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
2f0a2bb3afae151ec84e77031546e8e64126576f6ad0cb2d59305c9763001a7a

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:05:57 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026938&size_id=15&alt_size_ids=10&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=abb3000a-dc28-4447-9de6-fb1b8b4c52d0&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08849062671792773
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c002:200::52 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
3f59107ac558e710b1f23fdd902ff71148f023ad12c480d4f26b35fea16f3f17

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:05:57 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026940&size_id=15&alt_size_ids=10&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=7b344aa5-65f5-4f50-ac10-59685c2d01aa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5997697971440836
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c002:200::52 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
19aa16dbbf9b2726e7d4cabb35388d7e3cdae04c8debb75db795a7b08368d584

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:05:57 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026942&size_id=15&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=11b15ded-9232-4cbb-820d-72491d81e260&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.11569614089209512
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c002:200::52 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
3e7594a1fd86143e012cd8f373b17d0db7377a7ef18ee8803233eb5c222dd32b

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:05:57 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026944&size_id=15&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=a364fe32-cd59-44f3-b772-96df18beafa3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7574756471393498
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c002:200::52 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
665de0a395fad95f633e4ce2b6340c1b1d5ef0384ace44bd97f3d0f2e489f265

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:05:57 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026948&size_id=15&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=e9df74a9-add5-4ed8-aa31-e8ca4b50443b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.814123993793485
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c002:200::52 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9c232bf6a9ee129f2099fd572ecf9cc3be37b7c7f6d5c80165b9a20136a102d0

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:05:57 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		25 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.9.0
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
4e243bb5239106bc8d70d2507d95f55e905e88f5bb3cf019bcc71e2b105730ae

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 31 Oct 2021 01:05:56 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://thesource.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
arj
thesource2-d.openx.net/w/1.0/ 		172 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thesource2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthesource.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=77dcd86e-b69a-47bb-8a55-422ebb1c9231%2C7c632025-1728-49ce-bf91-e544112415db%2Cabb3000a-dc28-4447-9de6-fb1b8b4c52d0%2C11b15ded-9232-4cbb-820d-72491d81e260%2Ca364fe32-cd59-44f3-b772-96df18beafa3&nocache=1635642356738&schain=1.0%2C1!ascendeum.com%2Casc98064%2C1%2C%2C%2C&aus=728x90%2C970x90%7C728x90%7C300x250%2C300x600%7C300x250%7C300x250&divids=div-gpt-ad-TheSource_Desktop_Leaderboard_A%2Cdiv-gpt-ad-TheSource_Desktop_Leaderboard_C%2Cdiv-gpt-ad-TheSource_Desktop_Sidebar_A%2Cdiv-gpt-ad-TheSource_Desktop_Sidebar_C%2Cdiv-gpt-ad-TheSource_Desktop_Sidebar_D&aucs=%2C%2C%2C%2C&auid=543961637%2C543961648%2C543961651%2C543961668%2C543961673
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
7d736959634720b88a1f3eeaaef3f6f64c82913e39b96ce45eb408a1a37c3be8

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://thesource.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ba01777792dbf7939353af0023&pos=thesource_desktop_leaderboard_a&cmd=bid&secure=1
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
1198778c5f1ca6f8744178ab376cd8a11e2762ced950157042f3af6886417e3d

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://thesource.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ba01777792dbf7939353af0023&pos=thesource_desktop_leaderboard_c&cmd=bid&secure=1
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7eff15bd438824a844232923429d12d6f712bcd3b96b187b81f4cc322049f753

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://thesource.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ba01777792dbf7939353af0023&pos=thesource_desktop_sidebar_a&cmd=bid&secure=1
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
32eb18e44992225dae7868495be9c5cd91eeddf19d4463d23524eb61d6a71c1a

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://thesource.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ba01777792dbf7939353af0023&pos=thesource_desktop_sidebar_c&cmd=bid&secure=1
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6f75979e904437304463f1515cba4cfd887f21239fc5a985a84c45a33378cb00

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://thesource.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ba01777792dbf7939353af0023&pos=thesource_desktop_sidebar_d&cmd=bid&secure=1
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ec80cb1e2bb63b09a70521d1fcfe8bff5c899a04ce6338d4b551387c268893d9

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://thesource.com
access-control-allow-credentials
true
content-length
62
cygnus
htlb.casalemedia.com/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=277002&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225472de69445f77b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthesource.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A9%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A9%2C%22ren%22%3Afalse%2C%22version%22%3A%225.9.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2255c894d112655ee%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277002%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277002%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%225672437b90133da%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277008%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22578bcc146237c72%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277009%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22587ce7e90ad1f43%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277010%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277010%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2259904d5acecdb85%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277003%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22277003%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22602fe7a5869ac06%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277004%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22277004%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22618a74fbbfdd83e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277005%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2262fffaac600b3a9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277006%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22639e166dd73001e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277007%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ascendeum.com%22%2C%22sid%22%3A%22asc98064%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 , Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
20a110f361ac6da37ab5bd5ec466ce406bf6e4e26afacb32d06ff85aea0aec2c

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:57 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.83], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://thesource.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sun, 31 Oct 2021 01:05:57 GMT
prebid
ib.adnxs.com/ut/v3/ 		81 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ff0cc54ef9cd6fa7e18784c59f253eb1f18a09078ac81d04d71c650fa43f1f08
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 31 Oct 2021 01:05:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
136.243.198.83; 136.243.198.83; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9d2d0cec-ccc2-409f-9959-527112a92ef4
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		306 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
91533cb1c0d893f8c5f54b70cbc7f5c0520b6fdc8d609d4d2ac738001a125723
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:05:56 GMT
X-Proxy-Origin
136.243.198.83; 136.243.198.83; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c7b44297-eb44-4b55-84c9-1a5d7e06ed31
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
306
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thesource.com
x-nbr
1
date
Sun, 31 Oct 2021 01:05:56 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
vary
origin, Accept-Encoding
v1
dmx.districtm.io/b/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://thesource.com
access-control-allow-credentials
true
cf-ray
6a68fa5a3ec442db-FRA
access-control-allow-headers
Content-Type, Origin
v1
dmx.districtm.io/b/ 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://thesource.com
access-control-allow-credentials
true
cf-ray
6a68fa5a3ec642db-FRA
access-control-allow-headers
Content-Type, Origin
imp
g2.gumgum.com/hbid/ 		1006 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=58277&pi=3&bf=728x90%2C970x90&schain=1.0%2C1!ascendeum.com%2Casc98064%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fthesource.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.9.0%22%7D&ogu=https%3A%2F%2Fthesource.com%2F&ns=10240
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
16a683a32dc725cf4b14e088c0091cad5dbf6163ff2fdf863bff55fdd395832f

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://thesource.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1006 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=58277&pi=3&bf=728x90&schain=1.0%2C1!ascendeum.com%2Casc98064%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fthesource.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.9.0%22%7D&ogu=https%3A%2F%2Fthesource.com%2F&ns=10240
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c86c955a6101722630c75ea47e648fa650359f8bb57238dd171e1de03a7e5717

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://thesource.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1006 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=58277&pi=3&bf=728x90&schain=1.0%2C1!ascendeum.com%2Casc98064%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fthesource.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.9.0%22%7D&ogu=https%3A%2F%2Fthesource.com%2F&ns=10240
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bba62a931133ee78e59f545e2450c73f1480d0a00396b7597cc7443a2e36b9be

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://thesource.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1006 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=58277&pi=3&bf=728x90%2C970x90&schain=1.0%2C1!ascendeum.com%2Casc98064%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fthesource.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.9.0%22%7D&ogu=https%3A%2F%2Fthesource.com%2F&ns=10240
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
80d4bca766a8cec794630a9e75f8ee062e66987ba14284bb62c471ec22631c14

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://thesource.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=58279&pi=3&bf=300x250%2C300x600&schain=1.0%2C1!ascendeum.com%2Casc98064%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fthesource.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.9.0%22%7D&ogu=https%3A%2F%2Fthesource.com%2F&ns=10240
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e908de5ea6356614578c58a12dae5974c8952f5a528ed9264aab39233691b5eb

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://thesource.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=58279&pi=3&bf=300x250%2C300x600&schain=1.0%2C1!ascendeum.com%2Casc98064%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fthesource.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.9.0%22%7D&ogu=https%3A%2F%2Fthesource.com%2F&ns=10240
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9850a0068005146edb3fb7acdf76b5e82649ea45ed0713bc080694882f2a40bf

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://thesource.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=58279&pi=3&bf=300x250&schain=1.0%2C1!ascendeum.com%2Casc98064%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fthesource.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.9.0%22%7D&ogu=https%3A%2F%2Fthesource.com%2F&ns=10240
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
003e18006967c2b2b328b2de10e72f33ccc2811f54f78fad79e056e0ad41500d

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://thesource.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=58279&pi=3&bf=300x250&schain=1.0%2C1!ascendeum.com%2Casc98064%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fthesource.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.9.0%22%7D&ogu=https%3A%2F%2Fthesource.com%2F&ns=10240
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6dbaf9de57d7a7e03f1ff9e5b124ec507f685a8d8f6a95adb6bea365d4820b4b

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://thesource.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=58279&pi=3&bf=300x250&schain=1.0%2C1!ascendeum.com%2Casc98064%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fthesource.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.9.0%22%7D&ogu=https%3A%2F%2Fthesource.com%2F&ns=10240
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
add678ea9a5ba8c31bc6a606c8112c616e97fa26444f0465144b9a9998eec22a

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://thesource.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
auction
tlx.3lift.com/header/ 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.9.0&referrer=https%3A%2F%2Fthesource.com%2F&tmax=3000
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.28.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-28-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
55e832f18db6a78a05a4952a6047b2fd8eba9fe90050ab6b3ac862f88f48f727
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:57 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
3330
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid-request
onetag-sys.com/ 		15 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://thesource.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hbjson
grid.bidswitch.net/ 		2 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.85.235 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
235.85.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 31 Oct 2021 01:05:57 GMT
Server
nginx
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
settings
syndication.twitter.com/ Frame B56D 		232 B
447 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=f89f4e1a00fa893652addc67439011ba78aac261
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fthesource.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time
105
date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
gzip
last-modified
Sun, 31 Oct 2021 01:05:56 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
f667cacc00125c29ece14e28bc12490f49427fd90559b7c2393d192a9df2dede
content-length
166
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:56 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
904
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=259200
cf-ray
6a68fa5a8d03440d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 03 Nov 2021 01:05:56 GMT
icon
onesignal.com/api/v1/apps/d4d4d594-0c3c-437a-8284-31682a5932cb/ 		192 B
669 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/d4d4d594-0c3c-437a-8284-31682a5932cb/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d511d4dafdc47fb28b09a8a4ca8a86f589e96ee3cdb2f652bc1863085171765f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
1e69f588-0f83-4210-a46f-308f562ae602
x-runtime
0.007400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"d511d4dafdc47fb28b09a8a4ca8a86f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
6a68fa5b5cd14e0e-FRA
access-control-allow-headers
SDK-Version
45360640-cfac-4d25-9297-39c0cd53d3c7.png
img.onesignal.com/permanent/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/45360640-cfac-4d25-9297-39c0cd53d3c7.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e36c6c5a29efb8da343da850a8197df6aeaffebd1f936bd4978616419cbdc4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:57 GMT
cf-cache-status
HIT
age
3212
x-amz-meta-cache-control
public, maxage=604800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6989
x-amz-id-2
Z8PH6FXoII2ykh2klD/J9kFkOXM5YXGuB5wAnzKZMyLZM5/KaxlrTWqeqj0YVqddhhskCxMU8Pg=
last-modified
Fri, 15 May 2020 00:14:26 GMT
server
cloudflare
etag
"c0f5bd924b031517bc0e800cafb853f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
07RZ74ZH8M9EBEE5
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6a68fa5d68a0440d-FRA
expires
Wed, 01 Dec 2021 01:05:57 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=thesource.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 01:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thesource.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 01:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		537 KB
119 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1021529445738104&correlator=3914308712307145&output=ldjh&impl=fifs&eid=31063281%2C31063312%2C31063337%2C31063350&vrg=2021102701&ptt=17&sc=1&sfv=1-0-38&ecs=20211031&iu_parts=301775111%2CTheSource_Desktop_Leaderboard_A%2CTheSource_Desktop_Leaderboard_B%2CTheSource_Desktop_Leaderboard_C%2CTheSource_Desktop_Leaderboard_D%2CTheSource_Desktop_Sidebar_A%2CTheSource_Desktop_Sidebar_B%2CTheSource_Desktop_Sidebar_C%2CTheSource_Desktop_Sidebar_D%2CTheSource_Desktop_Sidebar_E%2CTheSource_Outstream%2CTheSource_Adhesion%2CUndertone_Test%2CUndertone_BrandReveal%2CUndertone_PageGrabber%2CAdventive_Test%2CAdventive_1000x300%2CAdventive_1045x381%2CAdventive_1900x196&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2F13%2C%2F0%2F12%2F14%2C%2F0%2F15%2F16%2C%2F0%2F15%2F17%2C%2F0%2F15%2F18&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%2C728x90%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%2C300x250%2C300x250%2C1x1%2C1x1%2C1x1%2C1x1%2C1000x300%2C1045x381%2C1900x196&prev_scp=amznbid%3D2%26amznp%3D2%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D14342a3c3861a794%26hb_bidder_appnexus%3Dappnexus%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D14342a3c3861a794%26hb_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2%26hb_size_triplelift%3D728x90%26hb_pb_triplelift%3D0.02%26hb_adid_triplelift%3D1508252dd4cb5a23%26hb_bidder_triplelift%3Dtriplelift%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D1447bf96023f663%26hb_bidder_appnexus%3Dappnexus%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D1508252dd4cb5a23%26hb_bidder%3Dtriplelift%7Camznbid%3D2%26amznp%3D2%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D155bc07ff4453cb1%26hb_bidder_rubicon%3Drubicon%26hb_size_triplelift%3D728x90%26hb_pb_triplelift%3D0.02%26hb_adid_triplelift%3D151def7adee00c0f%26hb_bidder_triplelift%3Dtriplelift%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D145e9cf1ba12b496%26hb_bidder_appnexus%3Dappnexus%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D155bc07ff4453cb1%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26hb_size_triplelift%3D728x90%26hb_pb_triplelift%3D0.10%26hb_adid_triplelift%3D152a5adabf211ea6%26hb_bidder_triplelift%3Dtriplelift%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D146948dec0d77bd5%26hb_bidder_appnexus%3Dappnexus%26hb_size%3D728x90%26hb_pb%3D0.10%26hb_adid%3D152a5adabf211ea6%26hb_bidder%3Dtriplelift%7Camznbid%3D2%26amznp%3D2%26hb_size_triplelift%3D300x250%26hb_pb_triplelift%3D0.05%26hb_adid_triplelift%3D153a0a1bdb7f70c5%26hb_bidder_triplelift%3Dtriplelift%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D147262804b6d59b3%26hb_bidder_appnexus%3Dappnexus%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D153a0a1bdb7f70c5%26hb_bidder%3Dtriplelift%7Camznbid%3D2%26amznp%3D2%26hb_size_triplelift%3D300x250%26hb_pb_triplelift%3D1.93%26hb_adid_triplelift%3D1545e1deab623fcb%26hb_bidder_triplelift%3Dtriplelift%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D1488fad1a7a11573%26hb_bidder_appnexus%3Dappnexus%26hb_size%3D300x250%26hb_pb%3D1.93%26hb_adid%3D1545e1deab623fcb%26hb_bidder%3Dtriplelift%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D149aba50404409c5%26hb_bidder_appnexus%3Dappnexus%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D149aba50404409c5%26hb_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=attsafe%3Dfalse%26post_id%3Dfalse%26page_type%3Dhomepage%26floortest%3D3%26sect%3DCUSTOMIZE%26subsect%3DCUSTOMIZE&cookie_enabled=1&bc=31&abxe=1&lmt=1635642357&dt=1635642357460&dlt=1635642355659&idt=560&frm=20&biw=1600&bih=1200&oid=2&adxs=4%2C-9%2C278%2C-9%2C-9%2C-9%2C1283%2C1283%2C1283%2C0%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=110%2C-9%2C919%2C-9%2C-9%2C-9%2C240%2C985%2C1045%2C110%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=4279775946%2C2081670634%2C440881433%2C298705735%2C3378158676%2C1603219723%2C2637052705%2C335390090%2C1746210956%2C1855928011%2C2205689003%2C2101424380%2C1000367340%2C2187003551%2C2742094566%2C493704654&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthesource.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1592x0%7C0x-1%7C960x8502%7C0x-1%7C0x-1%7C0x-1%7C300x0%7C300x0%7C300x0%7C1600x8742%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=1592x0%7C0x-1%7C960x0%7C0x-1%7C0x-1%7C0x-1%7C300x0%7C300x0%7C300x0%7C1600x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=26038121.1635642356&ga_sid=1635642357&ga_hid=452735977&ga_fc=true&fws=0%2C2%2C0%2C2%2C2%2C2%2C4%2C4%2C4%2C0%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C300%2C300%2C300%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C-1%7C0%7C-1%7C-1%7C-1%7C0%7C0%7C0%7C0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
939ae035abd4e9e5db5cda5b64f9e291f0ca10127e9aacb48e1122606254d195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121889
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,5404608427,-1,-1,-1,5726606579,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-1,138315379489,-1,-1,-1,138353725253,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thesource.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bde1c4561a86f292564d2646883781b4a07f08d1fd201c06a52f3ea9406a2f06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 01:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8619
x-xss-protection
0
container.html
fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AEB7 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 31 Oct 2021 01:05:57 GMT
expires
Mon, 31 Oct 2022 01:05:57 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 31 Oct 2021 01:05:57 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7660 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sat, 30 Oct 2021 22:31:15 GMT
expires
Sun, 30 Oct 2022 22:31:15 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9282
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame DC45 		783 B
968 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
145483c99459755d8fb23203ccbc857be7b98c87bf25b2d85803f88fde1911d9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2YEWbB5SRFgvnBiAhLr8Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 31 Oct 2021 01:05:57 GMT
date
Sun, 31 Oct 2021 01:05:57 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-2YEWbB5SRFgvnBiAhLr8Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
RoWIF5mDLIotv0Cy6dtZXjafFgIOcjS1qvYEJExYR_Y.js
pagead2.googlesyndication.com/bg/ Frame 7660 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/RoWIF5mDLIotv0Cy6dtZXjafFgIOcjS1qvYEJExYR_Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4685881799832c8a2dbf40b2e9db595e369f16020e7234b5aaf604244c5847f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 20:18:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
17259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13377
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 30 Oct 2022 20:18:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DC45 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102701&jk=1021529445738104&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=thesource.com&host=thesource.com&success=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5F4F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 31 Oct 2021 01:05:57 GMT
expires
Mon, 31 Oct 2022 01:05:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 21C1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 31 Oct 2021 01:05:57 GMT
expires
Mon, 31 Oct 2022 01:05:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7A69 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 31 Oct 2021 01:05:57 GMT
expires
Mon, 31 Oct 2022 01:05:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4323 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 31 Oct 2021 01:05:57 GMT
expires
Mon, 31 Oct 2022 01:05:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbCGzgrp_LcqD4McE_EvilXdkswJ7TTWIoy4BApxpAAfLB14gk1cHQHnI2QaqiphmZUsigWng-LnszsEHsEkO2sqmfDvYEwxrHva_VTwRmsDjp4ZA-ENv8Gzdf39uzJ4N4jXZxRNQdNCCkWYc2dL81JCCnxJ1qm0Ct1RV3Z5iCvn57B9W-Qn506sbFJXi3E0SahhpHb6_q_6g6gsk0PcxVAnlvFaHllf0ZmmMN8KtKRik1adX8kFpUbNAtu9p0lqO7E8XtbEUP7zJHhDXrKCRvbUgd052jPUgBii_mAKVulV9EGmJj2uoP-eX14XsuzVc&sai=AMfl-YSAP_0WhoqBCFO01vAHfpkb_Y_SblHpmMdNkA6RaJtKNy9I8By8r967rtCH-ys5cfJUakoaQlx0cuZ63p1ttRBUS0SispLFzoyBTkT2uzDxUJ6F_wBI2-DnmfU7_g0&sig=Cg0ArKJSzLckCXU_I62sEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 01:05:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 31 Oct 2021 01:05:58 GMT
liveView.php
live.primis.tech/live/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=102992&cbuster=2105319222
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
be4408a835c1dc3eaf8605f5ab3a367a5487535f7c834a438d06d47f8235773e

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635161763799786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 31 Oct 2021 01:05:58 GMT
liveView.php
live.primis.tech/live/ Frame 9428 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=102992&cbuster=2105319222&cbuster=1635642358&pubUrlAuto=https%3A%2F%2Fthesource.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=102992&cbuster=2105319222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
2e0bb38025e247364fd3be2e22e2439e553385542012209e76af9bc4250b11b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 9428 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=102992&cbuster=2105319222&cbuster=1635642358&pubUrlAuto=https%3A%2F%2Fthesource.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:57 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 31 Oct 2022 01:05:57 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 9428 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=102992&cbuster=2105319222&cbuster=1635642358&pubUrlAuto=https%3A%2F%2Fthesource.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:49 GMT
server
nginx
etag
W/"6024fccd-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 31 Oct 2022 01:05:58 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 9428 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=102992&cbuster=2105319222&cbuster=1635642358&pubUrlAuto=https%3A%2F%2Fthesource.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 31 Oct 2022 01:05:58 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame 9428 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=102992&cbuster=2105319222&cbuster=1635642358&pubUrlAuto=https%3A%2F%2Fthesource.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 31 Oct 2022 01:05:58 GMT
prebidVid.5.18.0_1.min.js
live.primis.tech/content/prebid/ Frame 9428 		482 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_1.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=102992&cbuster=2105319222&cbuster=1635642358&pubUrlAuto=https%3A%2F%2Fthesource.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
c518cbe4996d331e755dacf65728d3421e6358de619f7bf051295a22d0f8f936

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 12:43:40 GMT
server
nginx
etag
W/"6171607c-789a7"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Mon, 31 Oct 2022 01:05:58 GMT
liveVideo.php
live.primis.tech/live/ Frame 9428 		601 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31302D33315F30337D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B4C373737327DFEFE&userIpAddr=136.243.198.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=617debf62e85b&debugInfo=13734650_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=53.5795&geoLong=10.0592&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=102992&cbuster=2105319222&cbuster=1635642358&pubUrlAuto=https%3A%2F%2Fthesource.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
ef3be8704cbf6323800a010a481cb92135d73f0d2d0127c654d480f617bc5843

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
primisslate.css
live.primis.tech/content/video/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31302D33315F30337D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B4C373737327DFEFE&userIpAddr=136.243.198.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=617debf62e85b&debugInfo=13734650_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=53.5795&geoLong=10.0592&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 10:07:25 GMT
server
nginx
etag
W/"5f3ba85d-45c8"
content-type
text/css
apstag.js
c.amazon-adsystem.com/aax2/ Frame 9428 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31302D33315F30337D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B4C373737327DFEFE&userIpAddr=136.243.198.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=617debf62e85b&debugInfo=13734650_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=53.5795&geoLong=10.0592&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
nY_PcrO6M1v8rxrnAfvFh4iOgrD_tFp3
content-encoding
gzip
etag
3900a2c2d757386fb762bfd86288f882
age
112
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1EMGRY4PN3BBTHPQ3FQ5
date
Sun, 31 Oct 2021 01:04:06 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
kTON4KcD46gAPiv_fJdXhRR1f4aDA-jlUY0OWAtuHz09TEQLk8iDxg==
css
fonts.googleapis.com/ Frame BB61 		2 KB
646 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 30 Oct 2021 23:09:46 GMT
server
ESF
date
Sun, 31 Oct 2021 01:05:58 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Sun, 31 Oct 2021 01:05:58 GMT
css
fonts.googleapis.com/ 		2 KB
623 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31302D33315F30337D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B4C373737327DFEFE&userIpAddr=136.243.198.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=617debf62e85b&debugInfo=13734650_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=53.5795&geoLong=10.0592&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 30 Oct 2021 23:48:07 GMT
server
ESF
date
Sun, 31 Oct 2021 01:05:58 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Sun, 31 Oct 2021 01:05:58 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3B7F 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D617debf62e85b%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31302D33315F30337D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B4C373737327DFEFE&userIpAddr=136.243.198.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=617debf62e85b&debugInfo=13734650_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=53.5795&geoLong=10.0592&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=25518
expires
Sun, 31 Oct 2021 08:11:16 GMT
date
Sun, 31 Oct 2021 01:05:58 GMT
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame 685B
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D617debf62e85b%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D617debf62e85b%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=94&advUuid=b51d55dc-39e6-11ec-a7cf-1a3233820506
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=94&advUuid=b51d55dc-39e6-11ec-a7cf-1a3233820506
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31302D33315F30337D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B4C373737327DFEFE&userIpAddr=136.243.198.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=617debf62e85b&debugInfo=13734650_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=53.5795&geoLong=10.0592&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

server
nginx
date
Sun, 31 Oct 2021 01:05:58 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Sun, 31 Oct 2021 01:05:58 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=94&advUuid=b51d55dc-39e6-11ec-a7cf-1a3233820506
X-fe
86
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
liveCS.php
live.primis.tech/live/ Frame CA2C
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D617debf62e85b%26pixel%3D%26advId%3D98%26advU...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=98&advUuid=58075d16-1ddd-079c-093a-138de63b3e43
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=98&advUuid=58075d16-1ddd-079c-093a-138de63b3e43
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31302D33315F30337D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B4C373737327DFEFE&userIpAddr=136.243.198.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=617debf62e85b&debugInfo=13734650_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=53.5795&geoLong=10.0592&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

server
nginx
date
Sun, 31 Oct 2021 01:05:58 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

vary
Accept, Accept-Encoding
server
OXGW/16.217.1
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=98&advUuid=58075d16-1ddd-079c-093a-138de63b3e43
date
Sun, 31 Oct 2021 01:05:58 GMT
content-type
text/html
content-length
0
content-encoding
gzip
via
1.1 google
alt-svc
clear
sync.html
s.console.adtarget.com.tr/ Frame EB25 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31302D33315F30337D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B4C373737327DFEFE&userIpAddr=136.243.198.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=617debf62e85b&debugInfo=13734650_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=53.5795&geoLong=10.0592&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
10424daca90a3213938d84d8259098b2146af39aa01f3bdbee1d1b8f8d2f037c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

Server
VertaMedia 1.0
Date
Sun, 31 Oct 2021 01:05:57 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
824
Access-Control-Allow-Origin
https://thesource.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame 9428 		137 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhOCUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTQmOCUlRaZcZGViXmVyYmU0N2E0MwxmNwA5NTA3NmElMwYyMxZ2nWQ2MTU4YzY0YzFuMDJwMwI2MmEkNDtlLz1jNCZ2nWRsY29hqGVhqF9cZD0kODplNmYkJaZcZF9wo250ZW50X2Ryp2M9Qx1GKlUlODEyMwxzqzyxX2NioaRyoaRsqGy0oGU9Qx1GKlUlODEyMwxzqzyxX2NioaRyoaRsZHVlYXRco249ODIlJzRyYaVaSW5zo3JgYXRco249Jat9NTU2Jax9MmEmJaB1YyVloD1bqHRjplUmQSUlRvUlRaRbZXNiqXJwZS5wo20yMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMTJEMmEmMDJEMmMmMTVGMmAmMmqEN0I3MmMkMmMmNmMmMmQmNwM1MmA3RDqCNDMmNTM3N0Q3QwUmNwQ0NmY4NxM2MmMlMmxmMTYmNxQ0RTZDNEM2RDRFNmY2MwUkM0QmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNTM2MmM3RDqCNTxmMmMkMmp3RDqCNwYmMTqEN0I0QmM3MmpmNmMlN0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01Ml41Nmx1Jzqyo0kiozp9MTAhMDU5MvZ1p2VlSXBBZGRlPTEmNv4lNDMhMTx4LwtmJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY5NS4jLwQ2MmthNTQeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwE3ZGVvZwYlZTt1YvZwYaVmqGVlPTE2MmU2NDImNTtmNmIzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31302D33315F30337D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B4C373737327DFEFE&userIpAddr=136.243.198.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=617debf62e85b&debugInfo=13734650_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=53.5795&geoLong=10.0592&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
28fc7d0015adadc29f8b9460570dbfeb4e9a4ab9566d9a1f91ea8b627e782d90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://thesource.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
11319
liveView.php
live.primis.tech/live/ Frame 9428 		137 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhOCUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTQmOCUlRaZcZGViXmVyYmU0N2E0MwxmNwA5NTA3NmElMwYyMxZ2nWQ2MTU4YzY0YzFuMDJwMwI2MmEkNDtlLz1jNCZ2nWRsY29hqGVhqF9cZD0kODplNmYkJaZcZF9wo250ZW50X2Ryp2M9Qx1GKlUlODEyMwxzqzyxX2NioaRyoaRsqGy0oGU9Qx1GKlUlODEyMwxzqzyxX2NioaRyoaRsZHVlYXRco249ODIlJzRyYaVaSW5zo3JgYXRco249Jat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRaRbZXNiqXJwZS5wo20yMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMTJEMmEmMDJEMmMmMTVGMmAmMmqEN0I3MmMkMmMmNmMmMmQmNwM1MmA3RDqCNDMmNTM3N0Q3QwUmNwQ0NmY4NxM2MmMlMmxmMTYmNxQ0RTZDNEM2RDRFNmY2MwUkM0QmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNTM2MmM3RDqCNTxmMmMkMmp3RDqCNwYmMTqEN0I0QmM3MmpmNmMlN0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01Ml41Nmx1Jzqyo0kiozp9MTAhMDU5MvZ1p2VlSXBBZGRlPTEmNv4lNDMhMTx4LwtmJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY5NS4jLwQ2MmthNTQeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwE3ZGVvZwYlZTt1YvZwYaVmqGVlPTE2MmU2NDImNTtmNmMzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31302D33315F30337D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B4C373737327DFEFE&userIpAddr=136.243.198.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=617debf62e85b&debugInfo=13734650_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=53.5795&geoLong=10.0592&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
54095ffea20002f940af2ce79f119e9941dd28e4be51f66812e06d0ee9ba4235

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://thesource.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
11639
liveView.php
live.primis.tech/live/ Frame 9428 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhOCUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTQmOCUlRaZcZGViXmVyYmU0N2E0MwxmNwA5NTA3NmElMwYyMxZ2nWQ2MTU4YzY0YzFuMDJwMwI2MmEkNDtlLz1jNCZ2nWRsY29hqGVhqF9cZD0kODplNmYkJaZcZF9wo250ZW50X2Ryp2M9Qx1GKlUlODEyMwxzqzyxX2NioaRyoaRsqGy0oGU9Qx1GKlUlODEyMwxzqzyxX2NioaRyoaRsZHVlYXRco249ODIlJzRyYaVaSW5zo3JgYXRco249Jat9NTU2Jax9MmEmJaB1YyVloD1bqHRjplUmQSUlRvUlRaRbZXNiqXJwZS5wo20yMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMTJEMmEmMDJEMmMmMTVGMmAmMmqEN0I3MmMkMmMmNmMmMmQmNwM1MmA3RDqCNDMmNTM3N0Q3QwUmNwQ0NmY4NxM2MmMlMmxmMTYmNxQ0RTZDNEM2RDRFNmY2MwUkM0QmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNTM2MmM3RDqCNTxmMmMkMmp3RDqCNwYmMTqEN0I0QmM3MmpmNmMlN0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01Ml41Nmx1Jzqyo0kiozp9MTAhMDU5MvZ1p2VlSXBBZGRlPTEmNv4lNDMhMTx4LwtmJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY5NS4jLwQ2MmthNTQeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwE3ZGVvZwYlZTt1YvZwYaVmqGVlPTE2MmU2NDImNTtmNmtzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31302D33315F30337D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B4C373737327DFEFE&userIpAddr=136.243.198.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=617debf62e85b&debugInfo=13734650_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=53.5795&geoLong=10.0592&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
7638f024ec90f0dc877a4a0507d29c29392214ea97d6438cd07ac3949783883b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://thesource.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
3219
chunklist_480.m3u8
video.primis.tech/uploads/cn8/video/users/hls/29438/video_5ec547a429360950771226/vid6158bf4baa02c226311482.mp4/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn8/video/users/hls/29438/video_5ec547a429360950771226/vid6158bf4baa02c226311482.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
159b2f1e2bf40f0d510b5173fddc8cf04ef3d0dcd1b59930b5ba5f638f241d14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
last-modified
Sat, 02 Oct 2021 20:32:28 GMT
server
Tengine
etag
"6158c1dc-121a"
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
expires
Sun, 14 Nov 2021 01:05:58 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
4634
x-proxy-cache
HIT, HIT
vid6158bf4baa02c226311482_thumb.jpg
video.primis.tech/uploads/cn8/video/users/converted/29438/video_5ec547a429360950771226/ Frame BB61 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn8/video/users/converted/29438/video_5ec547a429360950771226/vid6158bf4baa02c226311482_thumb.jpg?cbuster=1633206153
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
bd1be72db23824111452a98d1cd7739a864364e5013c0bc1e47b5607400e754e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
last-modified
Sat, 02 Oct 2021 20:28:11 GMT
server
Tengine
etag
"6158c0db-43d"
x-cache-status
HIT
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 13 Nov 2021 21:53:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1085
x-proxy-cache
HIT
vid616448c5a93f4544755899_thumb.jpg
video.primis.tech/uploads/cn17/video/users/converted/29438/video_5ec547a429360950771226/ Frame BB61 		670 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn17/video/users/converted/29438/video_5ec547a429360950771226/vid616448c5a93f4544755899_thumb.jpg?cbuster=1633963323
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
751ec398a27a8bb89b445b6e65b3b3e14b51495f589cc19bafbf82379e2cbc2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
last-modified
Mon, 11 Oct 2021 14:25:05 GMT
server
Tengine
etag
"61644941-29e"
x-cache-status
HIT
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 08 Nov 2021 15:36:30 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
670
x-proxy-cache
HIT
vid617171cbe5f03289335677_thumb.jpg
video.primis.tech/uploads/cn2/video/users/converted/29438/video_617171544cf0d939186189/ Frame BB61 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn2/video/users/converted/29438/video_617171544cf0d939186189/vid617171cbe5f03289335677_thumb.jpg?cbuster=1634824678
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
87036c4e44dedfc1a3a30509c2e1d6be331eb51662462f6074239ef058ff1e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
last-modified
Thu, 21 Oct 2021 13:58:35 GMT
server
Tengine
etag
"6171720b-928"
x-cache-status
HIT
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 04 Nov 2021 15:48:07 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2344
x-proxy-cache
HIT
vid6070c8260a928566461432_thumb.jpg
video.primis.tech/uploads/cn1/video/users/converted/29438/video_60269ebb5b4f5815950568/ Frame BB61 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/29438/video_60269ebb5b4f5815950568/vid6070c8260a928566461432_thumb.jpg?cbuster=1618004037
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
219646582b9878c19d3d5157f6776ce1ddfe967fc0618facb1dd9f9f4c375c1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
last-modified
Wed, 28 Apr 2021 19:14:34 GMT
server
Tengine
etag
"6089b41a-669"
x-cache-status
HIT
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 10 Nov 2021 23:51:48 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1641
x-proxy-cache
HIT
vid5f6abb48b8b42308743463_thumb.jpg
video.primis.tech/uploads/cn16/video/users/converted/29438/video_5f6aba83de8cd420658506/ Frame BB61 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn16/video/users/converted/29438/video_5f6aba83de8cd420658506/vid5f6abb48b8b42308743463_thumb.jpg?cbuster=1600832704
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
0b105e772394ec65d339d16b14c4375a29e684361952c66a8cb65b48d2d188f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
last-modified
Wed, 28 Apr 2021 17:57:31 GMT
server
Tengine
etag
"6089a20b-a6c"
x-cache-status
HIT
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 09 Nov 2021 13:46:31 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2668
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTYmNTY0MwM1OCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTAlOTxlJaN0YT0jJat9NTYmJax9MmE3JaZcZF9jYXNmRG9gYWyhPXRbZXNiqXJwZS5wo20zp3VvSWQ9qGuyp291pzNyLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmElRDMkMmAlRDMmMmE1RwMjMmM3RDqCNmMmMTMmMmpmMmM0MmYmNTMjN0Q3QwQmMmUmNmqEN0I1MmY0NDp2ODZDNwMmMwM5MmE2MmZENEU2QmRDNxQ0RTp2NwI1MTNEM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmUmNwMmN0Q3QwU5MmMmMTM3N0Q3QwY2MmE3RDqCNEMmNmM3MmpmMwqERxVGRSZxnWFcZD0zqXNypxyjQWRxpw0kMmYhMwQmLwE5OC44MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5NS4jLwQ2MmthNTQyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkN2RyYzY2MzU4NWIzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTYmNTY0MwM1ODM2NSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MTqxZWJzNwM4MGY0JaB1YyVloD1bqHRjplUmQSUlRvUlRaRbZXNiqXJwZS5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
x.bidswitch.net/ Frame 9428 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&user_id=617debf62e85b&custom_data=617debf62e85b;live.primis.tech&gdpr=1&gdpr_consent=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.61.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-61-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 01:05:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 9428
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D617debf62e85b%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=93&advUuid=f7c80629-1073-49a4-8e57-a43b3dd0a656
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=93&advUuid=f7c80629-1073-49a4-8e57-a43b3dd0a656
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=93&advUuid=f7c80629-1073-49a4-8e57-a43b3dd0a656
date
Sun, 31 Oct 2021 01:05:58 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame 9428
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D617debf62e85b%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D617debf62e85b%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=99&advUuid=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=99&advUuid=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:05:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=99&advUuid=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Sun, 31 Oct 2021 01:05:58 GMT
liveCS.php
live.primis.tech/live/ Frame 9428
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D617debf62e85b%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=105&advUuid=1797836623355034328
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=105&advUuid=1797836623355034328
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:05:58 GMT
X-Proxy-Origin
136.243.198.83; 136.243.198.83; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
097783c6-aff4-4eff-a18e-359ea1758b9c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=617debf62e85b&pixel=&advId=105&advUuid=1797836623355034328
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid6158bf4baa02c226311482.jpg
video.primis.tech/uploads/cn8/video/users/converted/29438/video_5ec547a429360950771226/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn8/video/users/converted/29438/video_5ec547a429360950771226/vid6158bf4baa02c226311482.jpg?cbuster=1633206153
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
4316cb19092b33844173a54d8e0f5106a562446ad8375c0b8f057d7fe0782dcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
last-modified
Sat, 02 Oct 2021 20:28:10 GMT
server
Tengine
etag
"6158c0da-14d3"
x-cache-status
HIT
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 13 Nov 2021 21:55:52 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
5331
x-proxy-cache
HIT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BB61 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thesource.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:31:41 GMT
x-content-type-options
nosniff
age
290057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 27 Oct 2022 16:31:41 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 9428 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
81213
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
date
Sat, 30 Oct 2021 02:32:26 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
6DRixTWZ3lttRXLZMrdVvq2H-bNIv6i5lFwuA4FpmArjDrrsUANe7g==
truncated
/ 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6a6399612823757ae9a8e33e50351cbe10ee16c77a7ac354ac6cc1de165f734

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://thesource.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 31 Oct 2021 01:05:58 GMT
content-length
0
cache-control
private
access-control-allow-origin
https://thesource.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age
86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 9428 		173 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.254.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-254-218.compute-1.amazonaws.com
Software
/
Resource Hash
66034fa72dc9b2c8f165fe3a62e998fa2d2d8bb7ea420b2d2f6a75f676d3573e

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
167
expires
0
cygnus
htlb.casalemedia.com/ Frame 9428 		24 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=491831&v=8.1&ac=j&sd=1&nf=1&r={%22id%22:%22389552dc3fb3ba%22,%22site%22:{%22page%22:%22https%3A%2F%2Fthesource.com%2F%22},%22ext%22:{%22source%22:%22prebid%22,%22ixdiag%22:{%22msd%22:0,%22msi%22:0,%22mfu%22:0,%22bu%22:0,%22iu%22:1,%22nu%22:0,%22ou%22:0,%22allu%22:1,%22ren%22:false,%22version%22:%225.18.0%22,%22userIds%22:[]}},%22imp%22:[{%22id%22:%224b05bffcf9ce41%22,%22ext%22:{%22siteID%22:%22491831%22,%22sid%22:%22556x313%22,%22fl%22:%22x%22},%22video%22:{%22playerSize%22:[[556,313]],%22mimes%22:[%22video/mp4%22,%22application/javascript%22],%22minduration%22:1,%22maxduration%22:200,%22protocols%22:[1,2,3,4,5,6],%22linearity%22:1,%22api%22:[1,2],%22placement%22:1,%22startdelay%22:0,%22skip%22:1,%22w%22:556,%22h%22:313},%22bidfloor%22:3,%22bidfloorcur%22:%22USD%22}],%22source%22:{%22ext%22:{%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22primis.tech%22,%22sid%22:%2229438%22,%22hp%22:1}]}}},%22regs%22:{%22ext%22:{%22gdpr%22:1}},%22user%22:{%22ext%22:{%22consent%22:%22%22}}}
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 , Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0511402af2a03e93171f7c1c5cfc0bffc7d4e7c10a049954804dcf1714c0eaee

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.83], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://thesource.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Sun, 31 Oct 2021 01:05:58 GMT
translator
hbopenbid.pubmatic.com/ Frame 9428 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thesource.com
date
Sun, 31 Oct 2021 01:05:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
liveInternalSsp.php
live.primis.tech/live/ Frame 9428 		2 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveInternalSsp.php?sspData=%7B%22ver%22%3A%22ver_1.5%22%2C%22minBid%22%3A0%2C%22buzzer%22%3A%7B%22count%22%3A0%2C%22titleLen%22%3A100%2C%22w%22%3A200%2C%22h%22%3A160%7D%2C%22width%22%3A556%2C%22height%22%3A313%2C%22spaceId%22%3A%2258057%22%2C%22spaceType%22%3A%22vast%22%2C%22videoPlacementType%22%3A1%2C%22ip%22%3A%22136.243.198.83%22%2C%22geoId%22%3A57%2C%22alpha2Geo%22%3A%22DE%22%2C%22devicetype%22%3A2%2C%22txtDevicetype%22%3A%22desktop%22%2C%22browser%22%3A%22chrome%22%2C%22os%22%3A%22Windows%22%2C%22txtOs%22%3A%22windows%22%2C%22deviceModel%22%3A%22%22%2C%22osVersion%22%3A%2210.0%22%2C%22deviceManufacturer%22%3A%22%22%2C%22deviceCodeName%22%3A%22%22%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36%22%2C%22lat%22%3A%2253.5795%22%2C%22lon%22%3A%2210.0592%22%2C%22appName%22%3A%22%22%2C%22appId%22%3A%22%22%2C%22isApp%22%3A0%2C%22appBundleId%22%3A%22https%3A%2F%2Fthesource.com%2F%22%2C%22appStoreUrl%22%3A%22%22%2C%22appPrivacyPolicy%22%3A%22%22%2C%22appIsPaid%22%3A%22%22%2C%22appDeveloper%22%3A%22%22%2C%22ifa%22%3A%22%22%2C%22ifv%22%3A%22%22%2C%22atts%22%3A%22%22%2C%22appVersion%22%3A%22%22%2C%22referrer%22%3A%22https%3A%2F%2Fthesource.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fthesource.com%2F%22%2C%22gdpr%22%3A1%2C%22gdprConsent%22%3A%22%22%2C%22isWePassGdpr%22%3A%220%22%2C%22ccpa%22%3A0%2C%22ccpaConsent%22%3A%22%22%2C%22domain%22%3A%22thesource.com%22%2C%22website%22%3A%22www.sekindo.com%22%2C%22secure%22%3A1%2C%22geoSource%22%3A%22IP%22%2C%22coppa%22%3A0%2C%22uuid%22%3A%22617debf62e85b%22%2C%22blockBrands%22%3A%5B%5D%2C%22extUserIds%22%3A%5B%5D%2C%22mraidAllowed%22%3A0%2C%22debugInformation%22%3A%22%22%2C%22siteId%22%3A102992%2C%22publisherId%22%3A29438%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22primis.tech%22%2C%22sid%22%3A%2229438%22%2C%22hp%22%3A1%7D%5D%7D%2C%22region%22%3A%22EU%22%2C%22campaigns%22%3A%7B%2269492%22%3A%7B%22tracker%22%3A%22campaignFreqCap%3D0%252F0%26campaignId%3D69492%26space2AdId%3D13734703%22%2C%22prebidNsspIndex%22%3A0%2C%22space2AdId%22%3A%2213734703%22%2C%22deal%22%3A%7B%22isRtbDeal%22%3A0%2C%22rtbDealId%22%3A%22%22%2C%22rtbSeatId%22%3A%22%22%7D%2C%22rtbWSeat%22%3A%22%22%2C%22campaignId%22%3A69492%2C%22campaignScope%22%3A%22public%22%2C%22buyerUid%22%3A%22%22%2C%22adUserId%22%3A29475%2C%22bcat%22%3A%22%22%2C%22bidfloor%22%3A3%2C%22ext%22%3A%7B%22partner%22%3A%2292%22%2C%22revShare%22%3A%221.00%22%7D%2C%22referenceId%22%3A14%7D%7D%2C%22pagecat%22%3A%5B%22IAB1-2%22%2C%22IAB11%22%2C%22IAB1-6%22%5D%2C%22placementCat%22%3A%5B%22IAB1-2%22%5D%2C%22contentcat%22%3A%5B%22IAB1-6%22%5D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:58 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://thesource.com
cache-control
no-store
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 9428 		67 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1635642358525&pKey=-20161624&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fthesource.com%2F&playerSize=556x313&schain=1.0,1!primis.tech,29438,1,,,
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:05:59 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1635642358278079-513
Expires
Sun, 31 Oct 2021 01:05:59 GMT
openrtb
adx.adform.net/adx/ Frame 9428 		0
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:58 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwM1NwQlMmU4JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTY3NDYjMwAzrD01NTYzrT0mMTMzoXN0YT0kMmpmNDY1MCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXRbZXNiqXJwZS5wo20zp3VvSWQ9qGuyp291pzNyLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaVmZXJJpEFxZHI9MTM2LwI0Ml4kOTthODMzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGOTUhMC40NwM4LwU0JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MTqxZWJzNwJyODVvJaJ2ow0xr1ZQX1JWTy9NQUNST30zYXR0ZW1jqE11oHRcpGkcZXI9MwAzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTYmNTY0MwM1ODUjMSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MTqxZWJzNwM4MGY0JaB1YyVloD1bqHRjplUmQSUlRvUlRaRbZXNiqXJwZS5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:58 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
w_480_00000.ts
video.primis.tech/uploads/cn8/video/users/hls/29438/video_5ec547a429360950771226/vid6158bf4baa02c226311482.mp4/ 		153 KB
154 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn8/video/users/hls/29438/video_5ec547a429360950771226/vid6158bf4baa02c226311482.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
c969809b097036109ea82e09b06f648b2505115b26b6da2782f47f366587d444

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
last-modified
Sat, 02 Oct 2021 20:31:33 GMT
server
Tengine
etag
"6158c1a5-26478"
content-type
video/mp2t
access-control-allow-origin
*
expires
Sun, 14 Nov 2021 01:05:58 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
156792
x-proxy-cache
HIT, HIT
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxtJSYECZBWUIa_GzoYRCc5O0P8fclhkKUtXsSee1J4BFUe0MFiKNE0rwQOhBGyBP9kRums1nXdj5Ml6YL0W17eHABwz6jQZhhZPRVqK2Be3nI1QaMVoZhUBruo0D_QUUWlf6h4WqXhEruPM7RObpQ3ogSBqMcaWnlACv8wS1uUPuIURunEdT-oJo4QasxHxCu79--3NSUTnCgzh1BI19cij1DkcsFKphFHKW8VbUbPLQ4P7PaO7kdgFq6fxQHMsBGII9114yArPbZRtd3-oiFxZ1yg8lbQq-7pfDozmzbj8-iBYEMPkyLI3X2v6ekumXgfg&sai=AMfl-YTZcl2Jpixjfijg7Kdt7jbPxM4p8-U2uLoX5LCSw7kzCUHU6UncT6hnnU8f0njFDn5j44vPMeubbNX5U1njc_mDskX0zZoWvEOqY8ywkjXnl4b9se-ocqKOlTLtHkM&sig=Cg0ArKJSzElo5Z3FRvdlEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 01:05:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 31 Oct 2021 01:05:58 GMT
cd344b57-92a1-4b45-a4dc-bf0db5d2e25b
https://thesource.com/ 		65 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://thesource.com/cd344b57-92a1-4b45-a4dc-bf0db5d2e25b
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
66258
Content-Type
text/javascript
PugMaster
image6.pubmatic.com/AdServer/ Frame 3B7F 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=64474107&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D617debf62e85b%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
content-length
0
w_480_00001.ts
video.primis.tech/uploads/cn8/video/users/hls/29438/video_5ec547a429360950771226/vid6158bf4baa02c226311482.mp4/ 		411 KB
412 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn8/video/users/hls/29438/video_5ec547a429360950771226/vid6158bf4baa02c226311482.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
ed037ff03e348aaff4d26d1bd2e7f1d9dc5782c97d278dc806acd8a34b1995b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
last-modified
Sat, 02 Oct 2021 20:31:33 GMT
server
Tengine
etag
"6158c1a5-66b88"
content-type
video/mp2t
access-control-allow-origin
*
expires
Sun, 14 Nov 2021 01:05:58 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
420744
x-proxy-cache
HIT, HIT
w_480_00002.ts
video.primis.tech/uploads/cn8/video/users/hls/29438/video_5ec547a429360950771226/vid6158bf4baa02c226311482.mp4/ 		369 KB
369 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn8/video/users/hls/29438/video_5ec547a429360950771226/vid6158bf4baa02c226311482.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
10bdb30d7a4d2ef26efef92d2234fd4f2f20ffaa731066efa3fb591c311fbeb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
last-modified
Sat, 02 Oct 2021 20:31:33 GMT
server
Tengine
etag
"6158c1a5-5c2a0"
content-type
video/mp2t
access-control-allow-origin
*
expires
Sun, 14 Nov 2021 01:05:58 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
377504
x-proxy-cache
HIT, HIT
w_480_00003.ts
video.primis.tech/uploads/cn8/video/users/hls/29438/video_5ec547a429360950771226/vid6158bf4baa02c226311482.mp4/ 		434 KB
434 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn8/video/users/hls/29438/video_5ec547a429360950771226/vid6158bf4baa02c226311482.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
e7384a26be1c444d8641d981891ae7b14d5cc663b218b1c57244b19ec74a807b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
last-modified
Sat, 02 Oct 2021 20:31:34 GMT
server
Tengine
etag
"6158c1a6-6c698"
content-type
video/mp2t
access-control-allow-origin
*
expires
Sun, 14 Nov 2021 01:05:58 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
444056
x-proxy-cache
HIT, HIT
w_480_00004.ts
video.primis.tech/uploads/cn8/video/users/hls/29438/video_5ec547a429360950771226/vid6158bf4baa02c226311482.mp4/ 		426 KB
427 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn8/video/users/hls/29438/video_5ec547a429360950771226/vid6158bf4baa02c226311482.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
88bf9334870a3a1908656ac6a75ef2271764490378380b71b8955099b6dedee0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
last-modified
Sat, 02 Oct 2021 20:31:34 GMT
server
Tengine
etag
"6158c1a6-6a9f4"
content-type
video/mp2t
access-control-allow-origin
*
expires
Sun, 14 Nov 2021 01:05:58 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
436724
x-proxy-cache
HIT, HIT
w_480_00005.ts
video.primis.tech/uploads/cn8/video/users/hls/29438/video_5ec547a429360950771226/vid6158bf4baa02c226311482.mp4/ 		328 KB
328 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn8/video/users/hls/29438/video_5ec547a429360950771226/vid6158bf4baa02c226311482.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
d060c7c53268283f14c087926ea5b2b028f1bd7ed94c0c8fcec2c82fb8bd6093

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:58 GMT
last-modified
Sat, 02 Oct 2021 20:31:35 GMT
server
Tengine
etag
"6158c1a7-51e20"
content-type
video/mp2t
access-control-allow-origin
*
expires
Sun, 14 Nov 2021 01:05:58 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
335392
x-proxy-cache
HIT, HIT
csync
sync.console.adtarget.com.tr/ Frame B159
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=rLBFhaTYqF90bHBlgOyS&pi=admatic&tc=1
0
0
/
ads.us.e-planning.net/uspd/1/ Frame 1F1F
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
13 B
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Sun, 31 Oct 2021 01:05:59 GMT
content-type
text/html
content-length
13
x-sid
AMS-731

Redirect headers

server
openresty
date
Sun, 31 Oct 2021 01:05:59 GMT
content-type
text/html; charset=iso-8859-1
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-731
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6312 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=25517
expires
Sun, 31 Oct 2021 08:11:16 GMT
date
Sun, 31 Oct 2021 01:05:59 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame 7D81 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Sat, 30 Oct 2021 08:34:20 GMT
x-amz-version-id
U73akTWLks4lIrgkSSqf5T0PpH7_kTbc
server
AmazonS3
content-encoding
br
date
Sun, 31 Oct 2021 00:34:23 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
MkFpubg_JS5ugUg0J74T3HSU5P5HtHKHmL9IX1hBJLzmAJLtUCs4UQ==
age
1897
cookie
cm.adform.net/ Frame 9417 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Sun, 31 Oct 2021 01:05:59 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame 8B57 		251 B
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Sun, 31 Oct 2021 01:05:59 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-756
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
DE
cdn-edgestorageid
756
cdn-storageserver
DE-51
cache-control
public, max-age=3600
cdn-fileserver
141
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-08-10 09:24:38
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
890d581de9c2fe042be4fcf06446c716
cdn-status
200
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame EB25 		0
0
bundle.js
cdn.admatic.com.tr/user/ Frame 8B57 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:59 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
141
cdn-storageserver
DE-51
cdn-cachedat
2021-08-12 13:48:34
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-DE1-756
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
ac22f38bced87fc97c51b8624e3ed584
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
uu
ih.adscale.de/ Frame 7D81
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1635642359
  • https://ih.adscale.de/uu?cbfn=receive&t=1635642359&nut&uu=f98fd327af1b463bb7d085920b89edde
44 B
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1635642359&nut&uu=f98fd327af1b463bb7d085920b89edde
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e5770433850b488f7681d9ac150e5f8c67a85a935fca0c27e8c8a2415a1b4e5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:59 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1635642359&nut&uu=f98fd327af1b463bb7d085920b89edde
date
Sun, 31 Oct 2021 01:05:59 GMT
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 9428 		145 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
36218c48c775ce2e3ef1d45f01a879d4af029cc2aaa951aea6730fc9c51835a4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:05:59 GMT
X-Proxy-Origin
136.243.198.83; 136.243.198.83; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
47741fe5-b938-4172-9b81-db772e661afc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 9428 		173 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.254.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-254-218.compute-1.amazonaws.com
Software
/
Resource Hash
3fd86f0a731bea37e8103d348ad4a60885e81e9fde75ed5013f8ab458faaceb0

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:59 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 9428 		173 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.254.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-254-218.compute-1.amazonaws.com
Software
/
Resource Hash
6d4e4309703bda0d8fb2d41a1f6a089996189a024f0f219f5f32086d52054b7d

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:59 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
expires
0
user
ads3.admatic.com.tr/ Frame 8B57 		52 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
2c9f2b3650188b8cbe189885b7670419be6df23ed3b63fdf87741443d0f6e27a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 01:05:59 GMT
content-encoding
br
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
56
userconnect.js
js.adscale.de/ Frame 7D81 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
dV8mNq1hjr1_aaU8apS5hh9ml3WiiOb2
content-encoding
br
last-modified
Sat, 30 Oct 2021 08:34:20 GMT
server
AmazonS3
age
1897
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Sun, 31 Oct 2021 00:34:23 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
jGfGIZtNWqIinckJCNWHRY2cIf3miWEcz-nZ1JV_IWQEuZ4dobsEFw==
csync
sync.console.adtarget.com.tr/ Frame 7D81 		0
0
userconnect
ih.adscale.de/ Frame 7D81 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1635642359305&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:59 GMT
content-length
149
content-type
application/javascript
map
ih.adscale.de/ Frame A126 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a83bd82c6e018df5014a0573c2a17f064afbb23ca63e58c1d3aefbdd424f70b5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Sun, 31 Oct 2021 01:05:59 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2702
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 9428 		370 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31302D33315F30337D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B4C373737327DFEFE&userIpAddr=136.243.198.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=617debf62e85b&debugInfo=13734650_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=53.5795&geoLong=10.0592&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a095c4b655aa774d4b1eb479908d0aa5ce3482b701c4b25af75050e0fe85ebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125402
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Sun, 31 Oct 2021 01:05:59 GMT
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwM1NwQlMmU4JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTM5OTYkMTpzrD01NTYzrT0mMTMzoXN0YT0kMmpmNDY1MCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXRbZXNiqXJwZS5wo20zp3VvSWQ9qGuyp291pzNyLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaZcZF9uqGx9VGuyU291pzNyX1BlnW1cp19EZXNeqG9jJaVmZXJJpEFxZHI9MTM2LwI0Ml4kOTthODMzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGOTUhMC40NwM4LwU0JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MTqxZWJzNwJyODVvJaJ2ow0kMmY2MCZuqHRyoXB0TXVfqGyjoGyypw0lMCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwM1NwQlMmU5MmQ0JaVcZD1TZWgcozRiU1BfYXyypwYkN2RyYzY2MmtjZwQzpHVvVXJfPWu0qHBmJTNBJTJGJTJGqGuyp291pzNyLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:59 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
match.js
js.adscale.de/ Frame A126 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
dQrh7G2a14y89t5LC_51xRJ15J3pwGql
content-encoding
br
last-modified
Sat, 30 Oct 2021 08:34:20 GMT
server
AmazonS3
age
1897
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Sun, 31 Oct 2021 00:34:23 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
L3hzJ2i7FeK0yGjKpaIy4PfAmX48JWtimgKOkSU8GpH7OMNGfsDdVQ==
img
ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/ Frame A126
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=f98fd327af1b463bb7d085920b89edde&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb022aa4a5c94437bb2dbbbcb7783784e%2F1635642359324%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/img?tpid=101&tpuid=BBID-01-03103563594690148-16434108
49 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/img?tpid=101&tpuid=BBID-01-03103563594690148-16434108
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:59 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 01:05:59 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/img?tpid=101&tpuid=BBID-01-03103563594690148-16434108
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
bridge3.486.2_en.html
imasdk.googleapis.com/js/core/ Frame 2E55 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e8c2a07175788df50b2ce8963f1f28fb6d0f88d26438f10b9575e99f9f4c020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194260
date
Fri, 29 Oct 2021 01:55:39 GMT
expires
Sat, 29 Oct 2022 01:55:39 GMT
last-modified
Mon, 25 Oct 2021 15:31:24 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
169820
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 9428 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 31 Oct 2021 01:05:59 GMT
integrator.js
adservice.google.com/adsid/ Frame 9428 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thesource.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 01:05:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame A126
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=d8d1fbc412992878be3e887...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=d123617d-ebf7-4000-b9de-123c9cbe399a&gdpr=0&gdpr_consent=
49 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=d123617d-ebf7-4000-b9de-123c9cbe399a&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:59 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 01:05:59 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x10 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=d123617d-ebf7-4000-b9de-123c9cbe399a&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 31 Oct 2021 01:05:58 GMT
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssx6cC_1yH9KNUDw3hAuFbmg536jp98b-BTKir1dbXKJnXPS0Ynvw0fMKuwvJsu9OLvHLjtXuUrGk3jHesAWHbe_4emTqTqZHssPte1HZAsw7dGjVAH&sig=Cg0ArKJSzMQUqfB4vNlVEAE&id=lidar2&mcvt=1003&p=0,0,333,1600&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20211025&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1855928011&rs=4&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635642354528&rpt=4027&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/ Frame A126
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fb022aa4a5c94437bb2dbbbcb7783784e%2F1635642359324%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/img?tpid=75&tpuid=1797836623355034328&gdpr=0
49 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/img?tpid=75&tpuid=1797836623355034328&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:59 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:05:59 GMT
X-Proxy-Origin
136.243.198.83; 136.243.198.83; 823.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
76ecb2d8-f158-4d0b-ab82-1529c8a6daa6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/img?tpid=75&tpuid=1797836623355034328&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
new
ads3.admatic.com.tr/user/ Frame 8B57 		146 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
c5b3cd976492748e41a6d1c56bba0c8a54062c38bd6f39681826624c36248389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 01:05:59 GMT
content-encoding
br
etag
ZcaVWldhZxevmj1sxi4dGdNqKMJmWgqiOpxZKTpBJixsOyNTcFHgTLQhi1_srlEEuzzV6ugRVKSgxp4_q0zvVA
last-modified
Sun, 31 Oct 2021 02:06:00 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
150
csync
sync.console.adtarget.com.tr/ Frame 8B57 		0
0
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame A126
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=ea77f8ab92b44388addf4b483...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YX3r9sc2gUbpCPEsKJuTXAAA%261180
49 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YX3r9sc2gUbpCPEsKJuTXAAA%261180
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:59 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:05:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YX3r9sc2gUbpCPEsKJuTXAAA%261180
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Sun, 31 Oct 2021 01:05:59 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 2E55 		26 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F301775111%2FTheSource_Primis_Desktop&description_url=https%3A%2F%2Fthesource.com%2F&env=vp&correlator=207059444812483&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&cust_params=prmsig%3Dspeczp&sdkv=h.3.486.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1488482687&sdk_apis=2%2C8&sid=3FDC4FA4-F29E-456F-91F7-14DD85907FA1&eid=44733246%2C44737473&url=https%3A%2F%2Fthesource.com%2F&dlt=1635642358172&idt=1339&dt=1635642359784&cookie=ID%3D33e95e3ecf3b2b61-227fdc0006cb00ce%3AT%3D1635642357%3AS%3DALNI_MbHEK3hcEldoED_OXUnXbAhYLobAQ&scor=3685475185425219&ged=ve4_td2_tt0_pd2_la2000_er-136.-2550.17.-2250_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
7960562d72b862a7531a70da1b1c0532451969084d429277c148c4ec4e8a46b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6873
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/ Frame A126
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=9548ba956aa9663bf11fd6ac3416d39692bb101253c8e29312b1b465f8812e8c&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb022aa4a5c94437bb2dbbb...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=9548ba956aa9663bf11fd6ac3416d39692bb101253c8e29312b1b465f8812e8c&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb022aa4a5c94437bb...
  • https://ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/img?tpid=42&gdpr=0&tpuid=5648159648007441509
49 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/img?tpid=42&gdpr=0&tpuid=5648159648007441509
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:59 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:59 GMT
server
nginx
location
https://ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/img?tpid=42&gdpr=0&tpuid=5648159648007441509
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame A126
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=71014a8a-7415-4985-97df-9e0e38448b37&gdpr=0
49 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=71014a8a-7415-4985-97df-9e0e38448b37&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:05:59 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:05:59 GMT
server
Kestrel
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=71014a8a-7415-4985-97df-9e0e38448b37&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1908160
content-length
0
expires
Sun, 31 Oct 2021 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame A126
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=efafacda77b251bbd1d2736b...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d123617d-ebf7-4000-b9de-123c9cbe399a&gdpr=0&gdpr_consent=
49 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d123617d-ebf7-4000-b9de-123c9cbe399a&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 01:05:59 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x14 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d123617d-ebf7-4000-b9de-123c9cbe399a&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 31 Oct 2021 01:05:58 GMT
js
ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/ Frame A126
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=8cb5c79947b27a55aa2182c3af6aae76ae437b265088371790409255d884ff15&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb022aa4a5c9443...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=8cb5c79947b27a55aa2182c3af6aae76ae437b265088371790409255d884ff15&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fb022aa4a5c9443...
  • https://ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/js?tpid=48&tpuid=481abcac45320921bb2bd04d8b1f53d8
44 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/js?tpid=48&tpuid=481abcac45320921bb2bd04d8b1f53d8
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
168a872cd1fb2c534154ab4d0874a55dec36be2b7413b6fbca4e1c41986a371a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Sun, 31 Oct 2021 01:06:00 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/b022aa4a5c94437bb2dbbbcb7783784e/1635642359324/0/js?tpid=48&tpuid=481abcac45320921bb2bd04d8b1f53d8
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
vast
bid.g.doubleclick.net/dbm/ Frame 2E55 		22 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C1mLQKN6U3U8CSaifnuAov8mxSVxS9recqGYOu-HlcBL4OY7CiNfTqY4zx493PWExFxkEKBAmRzeoTqlRT_y956xso7Q&cry=1&dbm_d=AKAmf-DIdPt5QwnGsUoZ-Z3leDp3jesbjTSNqQdRNlHQtKHr4HlVHVXIWNabrl0ub5eklevIUphTVJJ-36a0JtHZGK3BXAesGFfMXKVXPj5d7jUOpPx_y0-tui_CVsgJOGdjZlt6pCconUza_8F5HoaMYJ1yOxfDASC46SE9uZiEljt4xzqHGGeEWU74CFNKgJ3LV6SLb8W5vgFZyUDWcIRWm7j-EnuJvpie0BHxHUxCRH8iL5A7rJ9W0FG-K7Ymzhd2ROp42EoTgFbAJy9dIxIJ-2HnWctRM8al8nr73cM6xoicbmVHjIZFLjHNMuO6fI_ZWYJznTaUhbq2GDr70WNZzvP9QbP0uLib8ijNwQQL2p1zgyyHRsb5IDCiu-o2PDYR42_puPt74_cNPvIDm9f4kPvUEu4VuypvFehZAkz7A8tDiHqNgUP-0daMxyJioLcABrDk8mw70yrWBEELXeuhqzZbOLDzCqbKdZj84kjjZNMcGVXp0zO2ChwIYTIe46l4VqU5DNGhTd6oPfIlwNglqi6cwZyUlxrs9hB1iIavjMSxMvvy-RUHvDpfvPrtGIkn1EOolxPgBJ-DSmswfB-x06MfQCCYiuKFyzUxXy_5kSXQclVh-Q8PfGckLUG1lfdOmXw3sz4DOV47rAqxRpSIct6QbeAvH96NVEW1RLmebV5VMkv8XjiQXudp52x8yXlH4LwoiJib-lutqWa1b2wY7TWL1wkvvmLgWu_NLS1TAYrFNxLUGIbQG5hHl1JLYK1Q043JgFn9AclqhIMS1orK7FNS4b1MyhUVMlbmxKkDVpcaxjyspdwz5_XeodE-2Qs_HBc5uqNTQJQ7EoUCr75cqSnjwu20D8V0gF4HkLwWNYsF4zaQFl48Qnlay91A-SIxFYi19BHcTk6bOpEP-XrncZaKvhyktW0AmeGIvwS9BxHJK1_Dcsoj29UPA9FsZkCHpq6wpV2cQada018Xww5c9VS7k66l5jIqlJKcpe-jYszLJIVluIy0m0eQu5R_3jFgQqi9FhQfBmcCkPXAl3DE6lrGd1goddCKGINbQnfNeWSZKfZ5jJjlXKBYoAsBSZTWZkXXYCok_yO1aRkV-oKOZqq1mYAa7Wcm1Az1rOsmTgI6UCUzEycC-eGWNmc5cd8qm2OBZsRCUsidR-tD0jrozXLqhY8w8E-nautCUq4W8FAepNSkF9qnniOk7wYcffWKOZ5LjBl1O4HC8ru_yeHgtRwCg-IJo0C7m_TW2sN7d9daajp61PemQeCIiWINvJ6NhX5rnLe1ouxuaNcjJ5cK0Wp4_TTBtF8udcaT_8JyHKJ58HKUhP2lGvh5qEXFINW5yyPnozleWM9ik70CYcdYE4tXWKPHt-qlTA5CDut3sW0u41pbUkgCL3rFEtHa-lC3EoQMHWtMAMZgG8SC9Y34Mi85L6pvb21f78GbCgQrLR8z8GOQDley-fAyqBbK2Ioc7Rb6XkxLiIIuTlJxZZ7tGiJbcNigMFjQoK-0LwogRZgPIlJHmaSvIpE0pgnyzyTL_Ad_yJddouOXL--3XPA3kKts5yOKrt5IDKod2jmJ_KNVcoDN1jHAAci4lBXXCJnGmapZvpuwsWTI0xuxCkj5tkVTpbi5KbpZMwIaSUXQVm9nfVJoCRPn5XmBKMCqNSl7GCDCgucu5rJ882nNZnl6fOoP40dHgLuAk8V3dCB85EZKZz_EMlxiV9gfKa0nwalid-DM9XE1c5yxv9nxTG7vUUBe6xNlVUjxZxubKpJMU0Wpot8ZEFrbsQvJa02-fbiFi7zu7k6xZnRTohU_pyC9CpHKYSzJXEwR_tCEzGWDrwaCArymLgUeHnM4eoZj4E3OzdhP9VsbNIyd-N3lduIBmWIpLv6NOvgL44cY8RhwraucZWIUq1cFKTe155oJUFpMhpOwkmCpIdQv86mBFwSgKsXXVAljUnqLLamm3NrcnRAJma18t3xQzFDojuuSkOYw4xRxioTRyc-5aux_ybDfo6mVpb_aKLYM6xqy66W22-xalpNgKH21Jhp6o-OUKy-vjmUX9cLML4lGgpD4LbjubV96-k0D8oWjpJpIr8VZVsLOjd5UUU3xjnyI2kTBi0ewYZqHMSbT66PYgoa32obxyn_ZSbFIFAt2MPuThDk6XjiccQY24CDz1Zmky5kPA6ArkI7zpMnk_zaMfjJ2NFjZuymqpIyqIzv07yk6GkkXg9J7GZ42WBWIghw4qtnWcCxGD-V571mx12eyymQzgHE57N9s-ZKEy9e-DbFjXa2_MtYkwDt9XMQSv1FXerOUb4C3aFy7A0eYmL5gYvAMIVNYW8ieb1qhikNXVaHYCXprFU5OVoe7IxfDoniAg8s8jXvwuxvUjVJaHWqPGJxcTxTwDZ92ez9lM0dcMipMYtPVhj-xhtLqD6y6038ptZrk4q4e58NIPfWGPmH8o1kNZZfkhNM7lVn7fcWsHhLTrp0BQNYRPvQTxuuJFcsUswtwptoIZvk4wc5t2Dy5PL5CG2Z4wvvvXK_VDulX815ah3hREUb72VAUnqGFTeIgPHAaHtdp3DxdU4ExsCLI5QgIO2G63g6e0DssO4um-TUgBoCF0zV6j4C3FoCqhJf7rK6ydlvwFeuQJFqLcfXdvcOmqfGiVZ8sIDWqFDD_Ve8iKTrXcjI8X9CQSIVpMuXPSO2nzACaCtjGx7J31SDp9fkbkGLJg_uzzgIbkuEwN4_awxHSWI3DwKLTVO_LIK7loZGDWUyj7ijro0qRO2nK-wiSyAnp3i-g_eA5Z1i4HmTPQYwCvflG9W6kkCU_u6T0QDCO1fEtm7fVVcwYVrjnCG7LxOH4kAnZSUHE4STuLWe7fpj20FiZrV1x80a7H4520jKFIxWfj1el8x6-f0m2BfqwRKZu7uThxzhlhvDALTWvjkhccQV7y2tXO1TiosQK2gtPJUmmZiOp40-02DbfeGEugCyUdbJkSRaNefI4e5sFyszzScLtnJPFvN1kHz7qKUE2a3OY7RfoZJfgZT0zMTbcQbLL8_FYL4dcGkbONXfMbKkiVjOItHm-KbU&cid=CAASEuRoZ4SSZg3ncqWfshZZFEV78g&sdkv=h.3.486.2&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1488482687&sdk_apis=2%2C8&sid=3FDC4FA4-F29E-456F-91F7-14DD85907FA1&eid=44733246%2C44737473&url=https%3A%2F%2Fthesource.com%2F&dlt=1635642358172&idt=1339&dt=1635642360060&ged=ve4_td2_tt0_pd2_la2000_er-136.-2550.17.-2250_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f156.1e100.net
Software
cafe /
Resource Hash
e9cba3c034092986a22fbf5602c1dcb9f4019334c95296c90d9cfb4134001a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13077
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 2E55 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=1920x1080&iu=16916245%2FDFPAudienceExtension&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&url=https%3A%2F%2Fthesource.com%2F&correlator=207059444812483&ad_rule=0&cust_params=camp%3D5805505572&sdkv=h.3.486.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1488482687&sdk_apis=2%2C8&sid=3FDC4FA4-F29E-456F-91F7-14DD85907FA1&eid=44733246%2C44737473&dlt=1635642358172&idt=1339&dt=1635642360155&cookie=ID%3D33e95e3ecf3b2b61-227fdc0006cb00ce%3AT%3D1635642357%3AS%3DALNI_MbHEK3hcEldoED_OXUnXbAhYLobAQ&scor=3685475185425219&fbidx=-1&ged=ve4_td2_tt0_pd2_la2000_er-136.-2550.17.-2250_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
2a64f7ae28c4fd57a38d669d38d16c5b8e65dd27a3e7e492360eda99402378bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2714
x-xss-protection
0
google-lineitem-id
5805505572
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138367143079
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthesource.com%2F&domain=thesource.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://thesource.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://thesource.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
2435
date
Sun, 31 Oct 2021 01:05:59 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 9428
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthesource.com%2F&domain=thesource.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=Z3zns3xKWDMwbC9aQ3pKWXZoS2ZYRkFnNllxWDBBa296a3MvdkdZTnJqWlp0UG9FOU90QmVEb3hmRG1zMXFmT1lRcnc0dE44UFhtbjl5YWtPeldRMHdza1VRZWFPSGJiUEltQkZmMlg2NGZSVTVrRUYrV3lTRU5Nc1B4UH...
422 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Z3zns3xKWDMwbC9aQ3pKWXZoS2ZYRkFnNllxWDBBa296a3MvdkdZTnJqWlp0UG9FOU90QmVEb3hmRG1zMXFmT1lRcnc0dE44UFhtbjl5YWtPeldRMHdza1VRZWFPSGJiUEltQkZmMlg2NGZSVTVrRUYrV3lTRU5Nc1B4UHlKTHN5WldvaWNuSVZSSURqY0M5dE5rR0NicFFVQjRlcHFrU1dZays5VkY0a3p6U01QeTNDaDhSc1k0ZDQ5OFVEc3hoc0xTcGJNaGhLQUhsY1c0L2x1eWx2bnNKSUJQVTZ4Rzl3ZXZ5TUMvM0pBS1pvUllmaU9VbkNzTXBXd1pRUXk3UzFmZWtPNVFsUDJodm9VMDNhNjRXVU1nWDhMUT09fA&cppv=2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4b015095108fcc45a008b16388ac47c2beb6a2d56b757fa86163471d19e33161
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 31 Oct 2021 01:06:00 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2808
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 31 Oct 2021 01:06:00 GMT
location
https://mug.criteo.com/sid?cpp=Z3zns3xKWDMwbC9aQ3pKWXZoS2ZYRkFnNllxWDBBa296a3MvdkdZTnJqWlp0UG9FOU90QmVEb3hmRG1zMXFmT1lRcnc0dE44UFhtbjl5YWtPeldRMHdza1VRZWFPSGJiUEltQkZmMlg2NGZSVTVrRUYrV3lTRU5Nc1B4UHlKTHN5WldvaWNuSVZSSURqY0M5dE5rR0NicFFVQjRlcHFrU1dZays5VkY0a3p6U01QeTNDaDhSc1k0ZDQ5OFVEc3hoc0xTcGJNaGhLQUhsY1c0L2x1eWx2bnNKSUJQVTZ4Rzl3ZXZ5TUMvM0pBS1pvUllmaU9VbkNzTXBXd1pRUXk3UzFmZWtPNVFsUDJodm9VMDNhNjRXVU1nWDhMUT09fA&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1764
content-length
541
expires
0
212.json
id5-sync.com/g/v2/ Frame 9428 		213 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.3.10 , Germany, ASN16276 (OVH, FR),
Reverse DNS
p31.id5-sync.com
Software
/
Resource Hash
bd310ad190dca5a7d53118df8deb0727dd6eaa186a66d20b48a168a1cfde6d60
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thesource.com
Date
Sun, 31 Oct 2021 01:05:59 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 9428 		154 B
903 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
26e1a1ff525af06dbc26454eac5775fa1b39bb596bc9f4cef1dd6d97ab00c84f

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://thesource.com
cache-control
no-cache
x-server
10.45.4.207
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
rid
match.adsrvr.org/track/ Frame 9428 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e803b9b7061f834b932969816a610e763bc20914987fc7b44552f254dad8655e

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thesource.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 30 Nov 2021 01:06:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7940 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=25516
expires
Sun, 31 Oct 2021 08:11:16 GMT
date
Sun, 31 Oct 2021 01:06:00 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8929 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 25 Oct 2021 05:07:02 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 31 Oct 2021 01:06:00 GMT
Age
71946
X-Served-By
cache-lga21933-LGA, cache-fra19123-FRA
X-Cache
HIT, HIT
X-Cache-Hits
3, 471065
X-Timer
S1635642360.268424,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 21B6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sun, 31 Oct 2021 01:06:00 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame B413 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 31 Oct 2021 01:06:00 GMT
Connection
keep-alive
Vary
Accept-Encoding
3e85e1cacd50152a28e16abce2f30dd&gdpr=0&gdpr_consent=
pr-bh.ybp.yahoo.com/sync/stickyads/ Frame 9428
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=3e85e1cacd50152a28e16abce2f30dd&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g070_7025030444152589491
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=M2U4NWUxY2FjZDUwMTUyYTI4ZTE2YWJjZTJmMzBkZA==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESENIGlLGNuhu93XSEjbNonTA&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=42c67c7c-2551-47a2-b8b1-c646ec192f1f
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=1797836623355034328
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/3e85e1cacd50152a28e16abce2f30dd&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=
43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/stickyads/3e85e1cacd50152a28e16abce2f30dd&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Server
2a05:d018:d29:3602:6f35:8046:ae1a:688f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:00 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://pr-bh.ybp.yahoo.com/sync/stickyads/3e85e1cacd50152a28e16abce2f30dd&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1635642360420022-410
Expires
Sun, 31 Oct 2021 01:06:00 GMT
/
a1.adform.net/serving/videoad/ Frame 2E55 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/serving/videoad/?bn=50039133&v=4&gdpr=&gdpr_consent=&ord=1961768440
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ad95230eda873640b7eeb6ca8e85b511c63d2c3c7cc21034b1c5c2d318eaacf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://imasdk.googleapis.com
access-control-max-age
86400
cache-control
private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/xml; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
2767
sium
ih.adscale.de/ Frame A126 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Sun, 31 Oct 2021 01:06:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
usermatch
ssum-sec.casalemedia.com/ Frame 8F03 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8bb7282c105b0dabca2636d427a220ea825ae3c8e13fd0786a8b6c4c077233db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|45|230|39|176|206|8|51
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1571
Expires
Sun, 31 Oct 2021 01:06:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:00 GMT
Connection
keep-alive
usync.js
eus.rubiconproject.com/ Frame B413 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6a6eff7272461a487603a4b3dec6e9a690a86f10f520312f2d51ab12cf15aaa8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 01:06:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Oct 2021 15:56:57 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46874
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9396
Expires
Sun, 31 Oct 2021 14:07:14 GMT
async_usersync
ib.adnxs.com/ Frame 8929 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:00 GMT
X-Proxy-Origin
136.243.198.83; 136.243.198.83; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e69bdb61-c256-4a6b-8357-803ced9cbaeb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8F03
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.177.54 Osaka, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
T52Y5QYQ7MCRYPAQ9MS2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
S58QK91A9Y4ZV7DCZHSH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8F03
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YX3r9sc2gUbpCPEsKJuTXAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE8CytBrvPF18H4_x4NPbZk&google_cver=1&gdpr=1
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE8CytBrvPF18H4_x4NPbZk&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 31 Oct 2021 01:06:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE8CytBrvPF18H4_x4NPbZk&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8F03
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEItwgb9fn5UACIyiYnXiotY&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEItwgb9fn5UACIyiYnXiotY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 31 Oct 2021 01:06:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEItwgb9fn5UACIyiYnXiotY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8F03 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
113
match.deepintent.com/usersync/ Frame 8F03 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 Albuquerque, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
content-length
0
server
b
sync
ups.analytics.yahoo.com/ups/55940/ Frame 8F03 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 01:06:00 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 8F03
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=534d22b8-4c19-416b-9438-5016fdf12a1b&expiration=1667178360
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=534d22b8-4c19-416b-9438-5016fdf12a1b&expiration=1667178360
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 31 Oct 2021 01:06:00 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=534d22b8-4c19-416b-9438-5016fdf12a1b&expiration=1667178360
date
Sun, 31 Oct 2021 01:06:00 GMT
server
Kestrel
content-length
0
sync
x.bidswitch.net/ Frame 8F03 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.61.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-61-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 01:06:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 8F03 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YX3r9sc2gUbpCPEsKJuTXAAA%261180
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 01:06:00 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3122
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 31 Oct 2021 01:58:02 GMT
csi
csi.gstatic.com/ Frame 2E55 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kvej89u8&c=864789314951&slotId=432394657475.5&qqid=CMfW2M668_MCFfXFuwgdZRQNnA&gqid=9-t9YbO9MJHQ7_UP9M6e-Ac&fb=ima_html5-lima&sdkv=h.3.486.2&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&wta=1&ghmsh_eids=44733246%2C44737473&vmfc=1&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI2JaNypaZypyRcoWU9MTYmNTY0MwM1OCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9NTtjNTpzp3RuPTEmOTx2MTE3Jat9NTU2Jax9MmEmJz1mqGE9MTM3MmQ2NTAzqzyxX3Zup3RUrXByPTMzqzyxX3ZcZXquYzyfnXR5U3RuqGU9MSZ2nWRspGFmp0RioWFcow10nGVmo3VlY2UhY29gJaN1YxyxPXRbZXNiqXJwZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZ2nWRsYXRcPVRbZVNiqXJwZV9QpzygnXNsRGVmn3RipCZ1p2VlSXBBZGRlPTEmNv4lNDMhMTx4LwtmJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwx1LwAhNDYmOC41NCUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwE3ZGVvZwYlZTt1YvZlqz49MTM2NwAzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzp3NjX2Fxo209JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2MmU2NDImNwAmNTtzqWyxPVNyn2yhZG9TUGkurWVlNwE3ZGVvZwYmODBzNCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ0nGVmo3VlY2UhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQkJaNypaZypyRcoWU9MTYmNTY0MwM1OCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9NTtjNTpzp3RuPTEmOTx2MTE3Jat9NTU2Jax9MmEmJz1mqGE9MTM3MmQ2NTAzqzyxX3Zup3RUrXByPTMzqzyxX3ZcZXquYzyfnXR5U3RuqGU9MSZ2nWRspGFmp0RioWFcow10nGVmo3VlY2UhY29gJaN1YxyxPXRbZXNiqXJwZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZ2nWRsYXRcPVRbZVNiqXJwZV9QpzygnXNsRGVmn3RipCZ1p2VlSXBBZGRlPTEmNv4lNDMhMTx4LwtmJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwx1LwAhNDYmOC41NCUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwE3ZGVvZwYlZTt1YvZlqz49MTM2NwAzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzp3NjX2Fxo209JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2MmU2NDImNwAmNTxzqWyxPVNyn2yhZG9TUGkurWVlNwE3ZGVvZwYmODBzNCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ0nGVmo3VlY2UhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 2E55 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBK08l-JAEh4BHQYr8mG6VVlg1a1tZb_KD6At9m82c-JOVWH_lqzVVxlIJPOwyHSCs5Rm6CVWKMMcBjVrvsYj1-IU2MICf0W0pTFjT3plrK-DsL_AnOaG36Jhwky7CVmXZD2bqp5fFD86apE25YO-g0MRXlMnv1Jp4gKkiAiMooH9hjuiBEuqeA9W_nkRCPhJtNvttJRz59KtgjXyhuTfOf9TQPez331q3aC3fkw4cm4-xaF7AuFt7zRNPQL9klC_LDy-HPYltYtOQ9Gq7n7t9jSwJyRn9EJEjSB9udytLJpl71ukbb5g9TrHRgTIQsDx8a9sX&sig=Cg0ArKJSzLMDzhDYv4z8EAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&sdkv=h.3.486.2&vci=CkIIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTExMjAwNTM2NjJAiQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDg5NTAyMjEyCTE1OTI4NjczOEBcCkAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDU1MDU1NzIyDDEzODM2NzE0MzA3OUBNCm0IARINYTEuYWRmb3JtLm5ldBoGQWRmb3JtIAQqJDBiZmUzZmZiLTRmOTQtNDgyYy1iNmI4LTAxYTZiMGYwNGQ3MTIGMDAwMDAxQF5SIAiVHRAPJQAAcEEoAToHdW5rbm93bkIHdW5rbm93blAAGAE.&adurl=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2E55 		42 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CXjYM9-t9YYf_MfWL7_UP5ai04AmayrvXZd6MzqbiDsiAlZhDEAEgvb2feGCVgoCAwAfIAQWpAi6C9C-RZbM-qAMByAMTmAQAqgTsAU_Q7JjU3Pv_lj3_mnDwUpGkVJI7AceABD67QsyU9DjMlNNicpdVJzwStTuTA9otyrz2UyIlY8Wz14za_yr2ZUzSC-JZdLDUoCquvwpNr-Hl6aZTKTKEWvNONXy_GbmGdfK3HPJv4jJg2dzRNhqBqbiKylEFcsrlhW1Pr64ANostdffJaJ-D22D0BiTxbXdtx-V0_0Qi6lA2q8z9MPnF3YvV02fdmBQpPZQpeWZYO7B9QzNHyQRvNrKN0Eztxq44fSduO4EoeaW1brQ28EH8giiW8YDCshJLWNiTUHRAa9ym76GmgAwS6EHKPCC7wASw07XJ8gPgBAOQBgGgBnmAB4Gp5oUBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTk0OTE0MzQzODQ3MDMxN4AKA8gLAeALAYAMAbATvPCFDcgTmrbL3gPQEwDYEwqIFAHYFAHQFQGAFwE&sigh=X1fAnQZiDNs&label=show_ad&acvw=&sdkv=h.3.486.2&vci=CkIIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTExMjAwNTM2NjJAiQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDg5NTAyMjEyCTE1OTI4NjczOEBcCkAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDU1MDU1NzIyDDEzODM2NzE0MzA3OUBNCm0IARINYTEuYWRmb3JtLm5ldBoGQWRmb3JtIAQqJDBiZmUzZmZiLTRmOTQtNDgyYy1iNmI4LTAxYTZiMGYwNGQ3MTIGMDAwMDAxQF5SIAiVHRAPJQAAcEEoAToHdW5rbm93bkIHdW5rbm93blAAGAE.
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2E55 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CoDmP9-t9YYf_MfWL7_UP5ai04AmayrvXZd6MzqbiDsiAlZhDEAEgvb2feGCVgoCAwAfIAQWpAi6C9C-RZbM-qAMBmAQAqgTpAU_Q7JjU3Pv_lj3_mnDwUpGkVJI7AceABD67QsyU9DjMlNNicpdVJzwStTuTA9otyrz2UyIlY8Wz14za_yr2ZUzSC-JZdLDUoCquvwpNr-Hl6aZTKTKEWvNONXy_GbmGdfK3HPJv4jJg2dzRNhqBqbiKylEFcsrlhW1Pr64ANostdffJaJ-D22D0BiTxbXdtx-V0_0Qi6lA2q8z9MPnF3YvV02fdmBQpPZQpeWZYO7AlQqmyWpYppBN7Sks6XN2lr3L96fbprPN0k5Mr-sX1qzBjL02Uc-XoTPaLh_-KPk9WbbWKmK_RakYdwASw07XJ8gPgBAOIBcLXub43kgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ5gAeBqeaFAagH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHCxDZuPAYGISj-LYB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05OTQ5MTQzNDM4NDcwMzE3gAoDyAsBsBO88IUNyBOatsveA9ATANgTCogUAdgUAdAVAYAXAbIXHgocCAASFHB1Yi0zMDk5MzU5MTYyMzE3NTgyGLeFHQ&sigh=OrGhvHIbZN8&cmd=Ch1jYS12aWRlby1wdWItMzA5OTM1OTE2MjMxNzU4MhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&cid=CAQSOwCNIrLM4ybIRSl8bTlvTdqTVbTKYiBEyw5Qc7WDIaxU3a2Qb5qPvD1wQEsdBFHuzWiITb6LzmL8Me5i&vt=10&sdkv=h.3.486.2&vci=CkIIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTExMjAwNTM2NjJAiQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDg5NTAyMjEyCTE1OTI4NjczOEBcCkAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDU1MDU1NzIyDDEzODM2NzE0MzA3OUBNCm0IARINYTEuYWRmb3JtLm5ldBoGQWRmb3JtIAQqJDBiZmUzZmZiLTRmOTQtNDgyYy1iNmI4LTAxYTZiMGYwNGQ3MTIGMDAwMDAxQF5SIAiVHRAPJQAAcEEoAToHdW5rbm93bkIHdW5rbm93blAAGAE.
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 9428 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kvej89rs&c=864789314951&slotId=432394657475.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Z3zns3xKWDMwbC9aQ3pKWXZoS2ZYRkFnNllxWDBBa296a3MvdkdZTnJqWlp0UG9FOU90QmVEb3hmRG1zMXFmT1lRcnc0dE44UFhtbjl5YWtPeldRMHdza1VRZWFPSGJiUEltQkZmMlg2NGZSVTVrRUYrV3lTRU5Nc1B4UHlKTHN5WldvaWNuSVZSSURqY0M5dE5rR0NicFFVQjRlcHFrU1dZays5VkY0a3p6U01QeTNDaDhSc1k0ZDQ5OFVEc3hoc0xTcGJNaGhLQUhsY1c0L2x1eWx2bnNKSUJQVTZ4Rzl3ZXZ5TUMvM0pBS1pvUllmaU9VbkNzTXBXd1pRUXk3UzFmZWtPNVFsUDJodm9VMDNhNjRXVU1nWDhMUT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
2457
date
Sun, 31 Oct 2021 01:06:00 GMT
content-encoding
gzip
vary
Accept-Encoding
10354814.mp4
s1.adform.net/Banners/Elements/Files/2071536/ 		7 MB
7 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2071536/10354814.mp4?bv=0&ADFAssetID=10354814
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3ab2a68924f0981a376139bd3af6bca628c74cdbfcecd0721d0805aeadde786c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://thesource.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
last-modified
Thu, 07 Oct 2021 13:12:00 GMT
server
nginx
access-control-allow-origin
*
etag
"615ef220-6b1c50"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Content-Range
bytes 0-7019599/7019600
cache-control
public, max-age=604800
content-type
video/mp4
Content-Length
7019600
v1
ads.yahoo.com/cms/ Frame B413
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=1
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVEJ884V-Q-254P&sigv=1&esig=2~8f0fb6e6809438a12c66ebc833dd46557f86d8a9&gdpr=1
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVEJ884V-Q-254P&sigv=1&esig=2~8f0fb6e6809438a12c66ebc833dd46557f86d8a9&gdpr=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVEJ884V-Q-254P&sigv=1&esig=2~8f0fb6e6809438a12c66ebc833dd46557f86d8a9&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame B413
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZFSjg4NFYtUS0yNTRQ&gdpr=1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZFSjg4NFYtUS0yNTRQ&gdpr=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZFSjg4NFYtUS0yNTRQ&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B413
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=1
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d123617d-ebf7-4000-b9de-123c9cbe399a&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d123617d-ebf7-4000-b9de-123c9cbe399a&expires=28
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 01:06:00 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x11 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d123617d-ebf7-4000-b9de-123c9cbe399a&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 31 Oct 2021 01:05:59 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame B413 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame B413
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/lsf1dGlDeogfXiJ8H-1NyQ?csrc=&gdpr=1
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2711708518973686868
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2711708518973686868
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

date
Sun, 31 Oct 2021 01:06:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2711708518973686868
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame B413
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1&_test=YX3r_AAA5aMF6wAz
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YX3r_AAA5aMF6wAz&gdpr=1&_test=YX3r_AAA5aMF6wAz
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YX3r_AAA5aMF6wAz&gdpr=1&_test=YX3r_AAA5aMF6wAz
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1635642361.567393,VS0,VE0
x-served-by
cache-fra19121-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YX3r_AAA5aMF6wAz&gdpr=1&_test=YX3r_AAA5aMF6wAz
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame B413
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmUxNzYyYjRhZDhmY2ZkM2MzODQzNjAxYzI2OTY0MGEwOTYwNWQ0OQ&gdpr=1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmUxNzYyYjRhZDhmY2ZkM2MzODQzNjAxYzI2OTY0MGEwOTYwNWQ0OQ&gdpr=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmUxNzYyYjRhZDhmY2ZkM2MzODQzNjAxYzI2OTY0MGEwOTYwNWQ0OQ&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame B413 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?gdpr=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
envelope
api.rlcdn.com/api/identity/ 		44 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thesource.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://thesource.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTYmNTY0MwM1OCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTAlOTxlJaN0YT0jJat9NTYmJax9MmE3JaZcZF9jYXNmRG9gYWyhPXRbZXNiqXJwZS5wo20zp3VvSWQ9qGuyp291pzNyLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaVmZXJJpEFxZHI9MTM2LwI0Ml4kOTthODMzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGOTUhMC40NwM4LwU0JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MTqxZWJzNwJyODVvJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2MmU2NDImNwA0MwIzqWyxPVNyn2yhZG9TUGkurWVlNwE3ZGVvZwYmODBzNCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ0nGVmo3VlY2UhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B397 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

content-type
image/png
date
Sun, 31 Oct 2021 01:06:00 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8C69 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 25 Oct 2021 05:07:02 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 31 Oct 2021 01:06:00 GMT
Age
71946
X-Served-By
cache-lga21933-LGA, cache-fra19123-FRA
X-Cache
HIT, HIT
X-Cache-Hits
3, 471066
X-Timer
S1635642360.455344,VS0,VE0
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 236A 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pd
eu-u.openx.net/w/1.0/ Frame 7AD7 		668 B
723 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c0fb1dc9-c452-445e-87f1-f9e9fd9d4c24&gdpr=1
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
1bf472444186929fb9d5bc745df0194b9210e28d3d17c701e323f62d3b32fb9a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.217.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 31 Oct 2021 01:06:00 GMT
content-type
text/html
content-length
420
content-encoding
gzip
via
1.1 google
alt-svc
clear
sync
eb2.3lift.com/ Frame 311F
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
eb39886354c41adda1fa662de966a115856e86f4db9517f664b5210eb260cf33

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
content-type
text/html; charset=utf-8
content-length
465
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Sun, 31 Oct 2021 01:06:00 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/usync/ Frame 9217 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1635642356863
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1C9E 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158314
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=25516
expires
Sun, 31 Oct 2021 08:11:16 GMT
date
Sun, 31 Oct 2021 01:06:00 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2D51 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 31 Oct 2021 01:06:00 GMT
Connection
keep-alive
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame 5367 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6a68fa70fb1942db-FRA
ixmatch.html
js-sec.indexww.com/um/ Frame 5F97 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sun, 31 Oct 2021 01:06:00 GMT
Connection
keep-alive
ibs:dpid=463291&dpuuid=ID5-ZHMOYGJ8wT-Ch21eG3X-Uwfp525acpra254xK5NACA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr...
dpm.demdex.net/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOYGJ8wT-Ch21eG3X-Uwfp525acpra254xK5NACA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOYGJ8wT-Ch21eG3X-Uwfp525acpra254xK5NACA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3F...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=8d8ca382-7215-454c-944d-db3fe055fb88&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOYGJ8wT-Ch21eG3X-Uwfp525acpra254xK5NACA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=8d8ca382-7215-454c-944d-db3fe055fb88&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=3f76c14e-64a0-4258-9a06-77b23687f4f7&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEALrpJyyi7MqIeh3axMKPUY&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1797836623355034328&opid=apx&ops=&utidl=tech:goo:CAESEALrpJyyi7MqIeh3axMKPUY&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A21933300780&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/4/6.gif?puid=6d01eb616b58e63cfef3ea1d0062d0ba&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOYGJ8wT-Ch21eG3X-Uwfp525acpra254xK5NACA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
0
0
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=87c25a2a-f804-429f-91ad-a99abb86e6ad&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dthemediagrid...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=87c25a2a-f804-429f-91ad-a99abb86e6ad&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dthemed...
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=themediagrid&user_id=
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=437&ssp=themediagrid&user_id=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
HTTP/1.1
Server
18.194.61.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-61-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 01:06:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=437&ssp=themediagrid&user_id=
date
Sun, 31 Oct 2021 01:06:00 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
x.bidswitch.net/ 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.61.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-61-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 01:06:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usersync
rtb.gumgum.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=1797836623355034328
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=1797836623355034328
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:00 GMT
X-Proxy-Origin
136.243.198.83; 136.243.198.83; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
778df250-6250-4d51-af51-2edca9dfc203
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=1797836623355034328
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8C69 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:00 GMT
X-Proxy-Origin
136.243.198.83; 136.243.198.83; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6236d27d-0a35-4a18-9cf1-8f0a2dd24587
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 2D51 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6a6eff7272461a487603a4b3dec6e9a690a86f10f520312f2d51ab12cf15aaa8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 01:06:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Oct 2021 15:56:57 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46874
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9396
Expires
Sun, 31 Oct 2021 14:07:14 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7AD7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d123617d-ebf7-4000-b9de-123c9cbe399a
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d123617d-ebf7-4000-b9de-123c9cbe399a
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c0fb1dc9-c452-445e-87f1-f9e9fd9d4c24&gdpr=1
Protocol
H2
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 31 Oct 2021 01:06:00 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d123617d-ebf7-4000-b9de-123c9cbe399a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 31 Oct 2021 01:05:59 GMT
sd
us-u.openx.net/w/1.0/ Frame 7AD7
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=k33lWsAutAqIeuEHxin_CJR061-IdeEGlHosDbpp
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=k33lWsAutAqIeuEHxin_CJR061-IdeEGlHosDbpp
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c0fb1dc9-c452-445e-87f1-f9e9fd9d4c24&gdpr=1
Protocol
H2
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=k33lWsAutAqIeuEHxin_CJR061-IdeEGlHosDbpp
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7AD7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5648159648007441509
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5648159648007441509
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c0fb1dc9-c452-445e-87f1-f9e9fd9d4c24&gdpr=1
Protocol
H2
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5648159648007441509
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 7AD7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=afa2bba6-519b-3f6f-4d5f-85ae0a737d56&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c0fb1dc9-c452-445e-87f1-f9e9fd9d4c24&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7AD7 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODNjZDY4NmMtOThlYy02MWNiLTU4YmYtZGYxN2MwOTFiMzM2
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c0fb1dc9-c452-445e-87f1-f9e9fd9d4c24&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7AD7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOgZoLFPrQ6BpTDbyuG7Gls&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOgZoLFPrQ6BpTDbyuG7Gls&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c0fb1dc9-c452-445e-87f1-f9e9fd9d4c24&gdpr=1
Protocol
H2
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOgZoLFPrQ6BpTDbyuG7Gls&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 311F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 311F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL8E57WwqnVUtYlaeuswlVk&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL8E57WwqnVUtYlaeuswlVk&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL8E57WwqnVUtYlaeuswlVk&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 311F
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyODAxOTI5NTk5NDUxMTQyNTg%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyODAxOTI5NTk5NDUxMTQyNTg%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyODAxOTI5NTk5NDUxMTQyNTg%3D
date
Sun, 31 Oct 2021 01:06:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 311F 		0
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=14280192959945114258&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:06:01 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
QEoJsg/4shbwZYwxZCsAAA==
xuid
eb2.3lift.com/ Frame 311F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/14280192959945114258?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-A3uyTqZE2oR9PlA7NOpk16GTqki8xvepJD5kAOIOHQ--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-A3uyTqZE2oR9PlA7NOpk16GTqki8xvepJD5kAOIOHQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 31 Oct 2021 01:06:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-A3uyTqZE2oR9PlA7NOpk16GTqki8xvepJD5kAOIOHQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 311F 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=14280192959945114258&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.61.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-61-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 01:06:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 311F 		42 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=14280192959945114258&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
etag
"af5a8b34ac1d71:0"
last-modified
Thu, 14 Oct 2021 22:27:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AD6363C4B4834A75AF998D655850F08D Ref B: FRAEDGE1319 Ref C: 2021-10-31T01:06:00Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 311F
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=14280192959945114258
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14280192959945114258&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14280192959945114258&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
209.54.177.54 Osaka, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BSXJYFV6248DMNE4NW1D
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14280192959945114258&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 311F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:06:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 311F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=8412288169538698134&dongle=d407
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=8412288169538698134&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=8412288169538698134&dongle=d407
pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usermatch
ssum-sec.casalemedia.com/ Frame CAC0 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
49ee2cdd5b680bb2d61d658a50f6accd669d7bafc2974d958685e7c486ca7558

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|130|88|230|241|111|191
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1651
Expires
Sun, 31 Oct 2021 01:06:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:00 GMT
Connection
keep-alive
YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CAC0 		43 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:6f35:8046:ae1a:688f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:06:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
getuid
secure.adnxs.com/ Frame CAC0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
ie
match.prod.bidr.io/cookie-sync/ Frame CAC0 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-249.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:00 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame CAC0 		85 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1635642361.578735,VS0,VE93
x-served-by
cache-fra19121-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
usermatchredir
ssum-sec.casalemedia.com/ Frame CAC0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEItwgb9fn5UACIyiYnXiotY&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEItwgb9fn5UACIyiYnXiotY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 31 Oct 2021 01:06:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEItwgb9fn5UACIyiYnXiotY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame CAC0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.177.54 Osaka, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
M5BQMH1A5Y1M64JTNCTV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JHRAKW7D9X8FZKTJGK0S
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX3r9sc2gUbpCPEsKJuTXAAABJwAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame CAC0 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
index
dmp.brand-display.com/cm/api/ Frame CAC0 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
via
1.1 google
last-modified
Sun, 31 Oct 2021 01:06:00 GMT
server
nginx/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Sun, 31 Oct 2021 01:06:01 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame CAC0 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YX3r9sc2gUbpCPEsKJuTXAAA%261180
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 01:06:00 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3122
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 31 Oct 2021 01:58:02 GMT
csi
csi.gstatic.com/ Frame 2E55 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kvej8ahh&c=864789314951&slotId=432394657475.5&qqid=CMfW2M668_MCFfXFuwgdZRQNnA&gqid=9-t9YbO9MJHQ7_UP9M6e-Ac&fb=ima_html5-lima&sdkv=h.3.486.2&mrd=4&aab=0&itv=1&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&br=3733&mt=video%2Fmp4&vs=1920x1080&webm=0&vp9=0&vamt=video%2Fmp4&hvmf=false&vms=1&bit=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 2E55 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8pzL-Ot9YcGBDKSZlQeK15f4Ctiyp4pGAAAAEAEg1eS1HTgBWKeZzLqDBGCVgoCAwAeyAQ10aGVzb3VyY2UuY29tugEKNzI4eDkwX3htbMgBBdoBFmh0dHBzOi8vdGhlc291cmNlLmNvbS-YAujhAcACAuACAOoCHTE2OTE2MjQ1L0RGUEF1ZGllbmNlRXh0ZW5zaW9u-AKB0h6QA4wGmAPgA6gDAdAEkE7gBAHSBQYQpPij0BWQBgGgBiSoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA4Acf0ggJCIDhgBAQARgd2AgCgAoFmAsBgAwB0BUBgBcB&sigh=qEk-nLWGJC4&label=video_ad_loaded&acvw=&sdkv=h.3.486.2&vci=CkIIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTExMjAwNTM2NjJAiQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDg5NTAyMjEyCTE1OTI4NjczOEBcCkAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDU1MDU1NzIyDDEzODM2NzE0MzA3OUBNCm0IARINYTEuYWRmb3JtLm5ldBoGQWRmb3JtIAQqJDBiZmUzZmZiLTRmOTQtNDgyYy1iNmI4LTAxYTZiMGYwNGQ3MTIGMDAwMDAxQF5SIAiVHRAPJQAAcEEoAToHdW5rbm93bkIHdW5rbm93blAAGAE.
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2E55 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CXjYM9-t9YYf_MfWL7_UP5ai04AmayrvXZd6MzqbiDsiAlZhDEAEgvb2feGCVgoCAwAfIAQWpAi6C9C-RZbM-qAMByAMTmAQAqgTsAU_Q7JjU3Pv_lj3_mnDwUpGkVJI7AceABD67QsyU9DjMlNNicpdVJzwStTuTA9otyrz2UyIlY8Wz14za_yr2ZUzSC-JZdLDUoCquvwpNr-Hl6aZTKTKEWvNONXy_GbmGdfK3HPJv4jJg2dzRNhqBqbiKylEFcsrlhW1Pr64ANostdffJaJ-D22D0BiTxbXdtx-V0_0Qi6lA2q8z9MPnF3YvV02fdmBQpPZQpeWZYO7B9QzNHyQRvNrKN0Eztxq44fSduO4EoeaW1brQ28EH8giiW8YDCshJLWNiTUHRAa9ym76GmgAwS6EHKPCC7wASw07XJ8gPgBAOQBgGgBnmAB4Gp5oUBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTk0OTE0MzQzODQ3MDMxN4AKA8gLAeALAYAMAbATvPCFDcgTmrbL3gPQEwDYEwqIFAHYFAHQFQGAFwE&sigh=X1fAnQZiDNs&label=video_ad_loaded&acvw=&sdkv=h.3.486.2&vci=CkIIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTExMjAwNTM2NjJAiQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDg5NTAyMjEyCTE1OTI4NjczOEBcCkAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDU1MDU1NzIyDDEzODM2NzE0MzA3OUBNCm0IARINYTEuYWRmb3JtLm5ldBoGQWRmb3JtIAQqJDBiZmUzZmZiLTRmOTQtNDgyYy1iNmI4LTAxYTZiMGYwNGQ3MTIGMDAwMDAxQF5SIAiVHRAPJQAAcEEoAToHdW5rbm93bkIHdW5rbm93blAAGAE.
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 2E55 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 09:19:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 28 Oct 2022 09:19:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E55 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2E55 		0
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdpP44RDGMR7wOsM2q7-rZCZdC9NWBLIdXOm9l0aeCZAatTPsT_f65epJW0qUmCcH2Fd-6A5O2IiS-Hy0wBol_ua8bOpIrSQTlPTPU76rHflSoPEwPerDKjzex0pK29vOQuTpJhZqCra4FEZIiQQHXyNzWbGyV3J1LGRnos68aaLmUKXT4rCnkh_SMySBswdavVUmDXozQIxatP4YYbnHKM3rifSynxZTCUOvtQ8pAzJWrabSRgR_wq4Z_E47UhmUpuF1ubTPOt3eDzDOASCrlhgd3evsm_wbsA86xUhNi5WcoXsLBTx0C8_sDDwyPa1WOmg51DWwE4ptkpva1yMA9-QBpL0F_gTcSZ0J74GQU96s30uRZmdR1Xja4D8U9aL7lUOPDyYY0nEsfiei26Cq3qCJg_kgicuLwoFhvlRUpMNmlzRhIfaAFaTkTNU3lzCyFHU1ttiMP0cHMekqNSHP-rzRcNuvLhfO8fb4CMt58eMX6UkwLgF0NaZAf2Wk_nOQUwSEEVry28-mtziFR4-3Xj0IdcZNTPgI_4c89bqQNOWhIVF3eb8WO97gj12LGCj4XYGSxMWPL9yNAylJle7ggHnGSMQyULF4NVoFfOX2qiCVJ-YkZl2PM9vN5kTx2cNFjbbOfhXIWcU4Ke5VjDK-zM4gJIWjnsJ64T4yBVWowZpr9Ty2AWWoXdQeVo7AcnyU7R6CNQgzI9AGzt9guBRlB-9fGGU6xagGu-N_ygrZgA21toziuRXva5N5SEkrsayPtTAbtIPPJHuhg6RfIYOrG0hyXYnFJG21jQXpB1H6DA3ZmVQoqapaWDnrADHGJTHnTSsNvaqArPyk5Lfm2DUpM4l-5mjK88bZ3I4TBTshcsFBMiyfPP14X7aiFLPODcQw4uSDJQFu7jM2OSIT7W0bYbrdGXVbCYNymxw5OShKR7yJvwrXcxpFuBypo-yZxJYDH18m6AQzDjI1JHq7mwEAg2IkjiroCvjhQ1wFNgFYBV1TDA89g5lQYpfLNn5mBKW8myv_-CZSn3jxATKrcqy4_3HfSwX2n8POwxBNckiutGXyhjrf5LSL8di9eWgEvKKmb5OmyZMGIOZeHVFYbNsoU9ZoPOt2p0FRozOn_bMBVURwz1TQejxDRlLPoQkcMnCznycltucgpGvhL9uCgxdrA_xBN4Ui6smYvbsA&sai=AMfl-YRt1lFPjMJDJMYc4laboxiWp8ap4ZiKaiAHU7nvHIVebbexvnLksdtIGtB_oqBDZIHhbjHhcy1ADLN7XfV8eTnMuTXFNyJiDjGy98GX70Qn37P7wvziwTpQY91tRjD0WZZa_19laIRW7cqVTRV227I_vBzBFg&sig=Cg0ArKJSzDEdZzoBPlJnEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.486.2&adurl=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 31 Oct 2021 01:06:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2E55 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIrXJhCXgLsBGISj-LYBIAEwAQ&v=APEucNWGqb9nKyUeqAA3saeFwsNDLLT5NuxXyz_yCfDtvwObg5Yr01fTtKjGZa-H5AAr4ZBUWKvH7FqnevKSFkiy7dPIS5STwg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 2E55 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2RunNKvzkG-5nsH2NozoLy_sA2fklP9eYMzPOmjGpINy59Rzmeb1ELkbx5VTMjOdmvnjv9Mg6sf-JeWItR0BIgKj7q68vCJ0RuwrD9HJxhCsgmPxCpd_VY14BP-S9TipuNLmVVJ2mYf2K8zadjiuJEknv4R2k6X6-P5f_hgc-Qvu2eVkURCgNRRIyctnZrXnA_xWshRlONveHivo4a_EGkVAqGQahoLOKp1TC5TFCE1RISBcgpUX_VhdrPkeZYR75dqrFRG3sPff4gAGUqFiP0TgkEdDSDGLAUU-is4p_kLkcjVtuTJFD8Ju70tiIVw6Dmw&sig=Cg0ArKJSzAgOoXc5hhOrEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&sdkv=h.3.486.2&adurl=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
a1.adform.net/videoad/impr/ Frame 2E55 		35 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.adform.net/videoad/impr/?bn=50039133;rotseqno=1;smid=0;1x1inv=1;srctype=3;unloadid=6028354053768634370;idata=ebnL7rbF0U9csfRCEfrx9_EHH9FMkQEndeNWdFlBN9B-LKi7wx-77xipfFosOKP-ibefJffheCY1;videoserverside=0;videoip=-1;videoua=-1;ord=612220
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
/
a1.adform.net/videoad/event/ Frame 2E55 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.adform.net/videoad/event/?bn=50039133&event=40&time=0&banner=48654747&imprid=6028354053768634370&rnd=612220&icid=5648159648007441509&icidt=637712391603070453&eData=pmJiQk-IX2c5oYRkwyATgWX_-JYZSXaNYaJU2uM20NmBsOd57IDzcvtbIpYQ83AToXq7oFeVTRRo4kOyoBiwbg2&videoserverside=0&videoip=-1&videoua=-1&
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 2E55 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8pzL-Ot9YcGBDKSZlQeK15f4Ctiyp4pGAAAAEAEg1eS1HTgBWKeZzLqDBGCVgoCAwAeyAQ10aGVzb3VyY2UuY29tugEKNzI4eDkwX3htbMgBBdoBFmh0dHBzOi8vdGhlc291cmNlLmNvbS-YAujhAcACAuACAOoCHTE2OTE2MjQ1L0RGUEF1ZGllbmNlRXh0ZW5zaW9u-AKB0h6QA4wGmAPgA6gDAdAEkE7gBAHSBQYQpPij0BWQBgGgBiSoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA4Acf0ggJCIDhgBAQARgd2AgCgAoFmAsBgAwB0BUBgBcB&sigh=qEk-nLWGJC4&label=vast_creativeview&ad_mt=0&acvw=sv%3D904%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D-136,-2550,177,-1994%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15040%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1635642360631%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1635642360364&sdkv=h.3.486.2&vci=CkIIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTExMjAwNTM2NjJAiQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDg5NTAyMjEyCTE1OTI4NjczOEBcCkAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDU1MDU1NzIyDDEzODM2NzE0MzA3OUBNCnAIARINYTEuYWRmb3JtLm5ldBoGQWRmb3JtIAQqJDBiZmUzZmZiLTRmOTQtNDgyYy1iNmI4LTAxYTZiMGYwNGQ3MTIGMDAwMDAxQF5SIwiVHRAPJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkj5AVAAGAE.
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2E55 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CXjYM9-t9YYf_MfWL7_UP5ai04AmayrvXZd6MzqbiDsiAlZhDEAEgvb2feGCVgoCAwAfIAQWpAi6C9C-RZbM-qAMByAMTmAQAqgTsAU_Q7JjU3Pv_lj3_mnDwUpGkVJI7AceABD67QsyU9DjMlNNicpdVJzwStTuTA9otyrz2UyIlY8Wz14za_yr2ZUzSC-JZdLDUoCquvwpNr-Hl6aZTKTKEWvNONXy_GbmGdfK3HPJv4jJg2dzRNhqBqbiKylEFcsrlhW1Pr64ANostdffJaJ-D22D0BiTxbXdtx-V0_0Qi6lA2q8z9MPnF3YvV02fdmBQpPZQpeWZYO7B9QzNHyQRvNrKN0Eztxq44fSduO4EoeaW1brQ28EH8giiW8YDCshJLWNiTUHRAa9ym76GmgAwS6EHKPCC7wASw07XJ8gPgBAOQBgGgBnmAB4Gp5oUBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTk0OTE0MzQzODQ3MDMxN4AKA8gLAeALAYAMAbATvPCFDcgTmrbL3gPQEwDYEwqIFAHYFAHQFQGAFwE&sigh=X1fAnQZiDNs&label=vast_creativeview&ad_mt=0&acvw=sv%3D904%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D-136,-2550,177,-1994%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15040%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1635642360631%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1635642360364&sdkv=h.3.486.2&vci=CkIIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTExMjAwNTM2NjJAiQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDg5NTAyMjEyCTE1OTI4NjczOEBcCkAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDU1MDU1NzIyDDEzODM2NzE0MzA3OUBNCnAIARINYTEuYWRmb3JtLm5ldBoGQWRmb3JtIAQqJDBiZmUzZmZiLTRmOTQtNDgyYy1iNmI4LTAxYTZiMGYwNGQ3MTIGMDAwMDAxQF5SIwiVHRAPJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkj5AVAAGAE.
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2E55 		42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTc9Pl5PNF4nDpvX8KW_Kf3MX9L0RL2s_kS_0sVLS5UPG4i_zD6sp6CfDmafwJloIQrP49ZWeNRRp5owKJfHa8RTVkFRlhYtZNMUCQToh9u46oCovY&sig=Cg0ArKJSzN3-WW2ZAeddEAE&id=lidarv&acvw=sv%3D904%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D-136,-2550,177,-1994%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15040%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1635642360633%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1635642360364&avm=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIqo_rzrrz8wIVwWwbCh3w5QoEEAAYACDSi_pLOhoI0YqEhgEQsNO1yfIDGJq2y94DIN6MzqbiDkITCMfW2M668_MCFfXFuwgdZRQNnA;dc_rmcid=CAASEuRoZ4SSZg3ncqWfshZZFEV78g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D904%26cb%3D...
ade.googlesyndication.com/ddm/activity/ Frame 2E55 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIqo_rzrrz8wIVwWwbCh3w5QoEEAAYACDSi_pLOhoI0YqEhgEQsNO1yfIDGJq2y94DIN6MzqbiDkITCMfW2M668_MCFfXFuwgdZRQNnA;dc_rmcid=CAASEuRoZ4SSZg3ncqWfshZZFEV78g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D904%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D-136,-2550,177,-1994%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15040%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1635642360633%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1635642360364;ecn1=1;etm1=0;eid1=200101;
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2E55 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuY9lUhzddRfHvrjcN7W0hGve-MYBXMloPCtJ1TnI5nuvSsShdltbibk_lbU7sHD65uhpJBdcJsNbFlHPg0NObl4sRozb8cC0KRO8er&sai=AMfl-YTuoJ2Bh9M0n_umx6Xt0Iwy1gpjNys2I9ars0aWroN6RwbLBBEiKzf8fPoHy9teJj2DTwso5li_R27o2iI7W6EzWeXl0Mwyz3EYwQDJNVvG7wHX3iAsfX25G0E&sig=Cg0ArKJSzKkurDEtIXGhEAE&cid=CAASEuRoZ4SSZg3ncqWfshZZFEV78g&id=lidarv&acvw=sv%3D904%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D-136,-2550,177,-1994%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15040%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1635642360633%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1635642360364&avm=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
a1.adform.net/videoad/event/ Frame 2E55 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.adform.net/videoad/event/?bn=50039133&event=25&time=0&banner=48654747&imprid=6028354053768634370&rnd=612220&icid=5648159648007441509&icidt=637712391603070453&eData=pmJiQk-IX2c5oYRkwyATgWX_-JYZSXaNYaJU2uM20NmBsOd57IDzcvtbIpYQ83AToXq7oFeVTRRo4kOyoBiwbg2&videoserverside=0&videoip=-1&videoua=-1&
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
prime
b60.s79.research.de.com/bb-mx/ Frame 2E55
Redirect Chain
  • https://s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size=1x1...
  • https://b60.s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size...
43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b60.s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size=1x1&sek=20&mod=1&dur=0&swf=0&tm=1&gdpr=&gdpr_consent=&fcref=https%3A%2F%2Fimasdk.googleapis.com%2F
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
HTTP/1.1
Server
188.40.110.203 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h544.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:00 GMT
Server
nginx
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Sun, 31 Oct 2021 01:05:59 GMT

Redirect headers

Location
https://b60.s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size=1x1&sek=20&mod=1&dur=0&swf=0&tm=1&gdpr=&gdpr_consent=&fcref=https%3A%2F%2Fimasdk.googleapis.com%2F
Date
Sun, 31 Oct 2021 01:06:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
154
Content-Type
text/html
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 2E55 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8pzL-Ot9YcGBDKSZlQeK15f4Ctiyp4pGAAAAEAEg1eS1HTgBWKeZzLqDBGCVgoCAwAeyAQ10aGVzb3VyY2UuY29tugEKNzI4eDkwX3htbMgBBdoBFmh0dHBzOi8vdGhlc291cmNlLmNvbS-YAujhAcACAuACAOoCHTE2OTE2MjQ1L0RGUEF1ZGllbmNlRXh0ZW5zaW9u-AKB0h6QA4wGmAPgA6gDAdAEkE7gBAHSBQYQpPij0BWQBgGgBiSoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA4Acf0ggJCIDhgBAQARgd2AgCgAoFmAsBgAwB0BUBgBcB&sigh=qEk-nLWGJC4&label=part2viewed&ad_mt=0&acvw=sv%3D904%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D-136,-2550,177,-1994%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15040%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1635642360635%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1635642360364&sdkv=h.3.486.2&vci=CkIIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTExMjAwNTM2NjJAiQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDg5NTAyMjEyCTE1OTI4NjczOEBcCkAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDU1MDU1NzIyDDEzODM2NzE0MzA3OUBNCnAIARINYTEuYWRmb3JtLm5ldBoGQWRmb3JtIAQqJDBiZmUzZmZiLTRmOTQtNDgyYy1iNmI4LTAxYTZiMGYwNGQ3MTIGMDAwMDAxQF5SIwiVHRAPJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkj5AVAAGAE.
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIqo_rzrrz8wIVwWwbCh3w5QoEEAAYACDSi_pLOhoI0YqEhgEQsNO1yfIDGJq2y94DIN6MzqbiDkITCMfW2M668_MCFfXFuwgdZRQNnA;dc_rmcid=CAASEuRoZ4SSZg3ncqWfshZZFEV78g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D904%26cb%3D...
ade.googlesyndication.com/ddm/activity/ Frame 2E55 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIqo_rzrrz8wIVwWwbCh3w5QoEEAAYACDSi_pLOhoI0YqEhgEQsNO1yfIDGJq2y94DIN6MzqbiDkITCMfW2M668_MCFfXFuwgdZRQNnA;dc_rmcid=CAASEuRoZ4SSZg3ncqWfshZZFEV78g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D904%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D-136,-2550,177,-1994%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15040%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1635642360635%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1635642360364;dc_rfl=1,https%253A%252F%252Fthesource.com%252F%240;ecn1=1;etm1=0;eid1=11;
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2E55 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CXjYM9-t9YYf_MfWL7_UP5ai04AmayrvXZd6MzqbiDsiAlZhDEAEgvb2feGCVgoCAwAfIAQWpAi6C9C-RZbM-qAMByAMTmAQAqgTsAU_Q7JjU3Pv_lj3_mnDwUpGkVJI7AceABD67QsyU9DjMlNNicpdVJzwStTuTA9otyrz2UyIlY8Wz14za_yr2ZUzSC-JZdLDUoCquvwpNr-Hl6aZTKTKEWvNONXy_GbmGdfK3HPJv4jJg2dzRNhqBqbiKylEFcsrlhW1Pr64ANostdffJaJ-D22D0BiTxbXdtx-V0_0Qi6lA2q8z9MPnF3YvV02fdmBQpPZQpeWZYO7B9QzNHyQRvNrKN0Eztxq44fSduO4EoeaW1brQ28EH8giiW8YDCshJLWNiTUHRAa9ym76GmgAwS6EHKPCC7wASw07XJ8gPgBAOQBgGgBnmAB4Gp5oUBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTk0OTE0MzQzODQ3MDMxN4AKA8gLAeALAYAMAbATvPCFDcgTmrbL3gPQEwDYEwqIFAHYFAHQFQGAFwE&sigh=X1fAnQZiDNs&label=part2viewed&ad_mt=0&acvw=sv%3D904%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D-136,-2550,177,-1994%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15040%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1635642360635%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1635642360364&sdkv=h.3.486.2&vci=CkIIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTExMjAwNTM2NjJAiQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDg5NTAyMjEyCTE1OTI4NjczOEBcCkAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDU1MDU1NzIyDDEzODM2NzE0MzA3OUBNCnAIARINYTEuYWRmb3JtLm5ldBoGQWRmb3JtIAQqJDBiZmUzZmZiLTRmOTQtNDgyYy1iNmI4LTAxYTZiMGYwNGQ3MTIGMDAwMDAxQF5SIwiVHRAPJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkj5AVAAGAE.
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
a1.adform.net/videoad/event/ Frame 2E55 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.adform.net/videoad/event/?bn=50039133&event=34&time=0&banner=48654747&imprid=6028354053768634370&rnd=612220&icid=5648159648007441509&icidt=637712391603070453&eData=pmJiQk-IX2c5oYRkwyATgWX_-JYZSXaNYaJU2uM20NmBsOd57IDzcvtbIpYQ83AToXq7oFeVTRRo4kOyoBiwbg2&videoserverside=0&videoip=-1&videoua=-1&
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 2E55 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8pzL-Ot9YcGBDKSZlQeK15f4Ctiyp4pGAAAAEAEg1eS1HTgBWKeZzLqDBGCVgoCAwAeyAQ10aGVzb3VyY2UuY29tugEKNzI4eDkwX3htbMgBBdoBFmh0dHBzOi8vdGhlc291cmNlLmNvbS-YAujhAcACAuACAOoCHTE2OTE2MjQ1L0RGUEF1ZGllbmNlRXh0ZW5zaW9u-AKB0h6QA4wGmAPgA6gDAdAEkE7gBAHSBQYQpPij0BWQBgGgBiSoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA4Acf0ggJCIDhgBAQARgd2AgCgAoFmAsBgAwB0BUBgBcB&sigh=qEk-nLWGJC4&label=admute&ad_mt=0&acvw=sv%3D904%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D-136,-2550,177,-1994%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D21%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D21%26pst%3D-1%26dur%3D15040%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D21%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1635642360640%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1635642360364&sdkv=h.3.486.2&vci=CkIIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTExMjAwNTM2NjJAiQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDg5NTAyMjEyCTE1OTI4NjczOEBcCkAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDU1MDU1NzIyDDEzODM2NzE0MzA3OUBNCnAIARINYTEuYWRmb3JtLm5ldBoGQWRmb3JtIAQqJDBiZmUzZmZiLTRmOTQtNDgyYy1iNmI4LTAxYTZiMGYwNGQ3MTIGMDAwMDAxQF5SIwiVHRAPJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkj5AVAAGAE.
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIqo_rzrrz8wIVwWwbCh3w5QoEEAAYACDSi_pLOhoI0YqEhgEQsNO1yfIDGJq2y94DIN6MzqbiDkITCMfW2M668_MCFfXFuwgdZRQNnA;dc_rmcid=CAASEuRoZ4SSZg3ncqWfshZZFEV78g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D904%26cb%3D...
ade.googlesyndication.com/ddm/activity/ Frame 2E55 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIqo_rzrrz8wIVwWwbCh3w5QoEEAAYACDSi_pLOhoI0YqEhgEQsNO1yfIDGJq2y94DIN6MzqbiDkITCMfW2M668_MCFfXFuwgdZRQNnA;dc_rmcid=CAASEuRoZ4SSZg3ncqWfshZZFEV78g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D904%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D-136,-2550,177,-1994%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D21%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D21%26pst%3D-1%26dur%3D15040%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D21%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1635642360640%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1635642360364;ecn1=1;etm1=0;eid1=16;
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2E55 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CXjYM9-t9YYf_MfWL7_UP5ai04AmayrvXZd6MzqbiDsiAlZhDEAEgvb2feGCVgoCAwAfIAQWpAi6C9C-RZbM-qAMByAMTmAQAqgTsAU_Q7JjU3Pv_lj3_mnDwUpGkVJI7AceABD67QsyU9DjMlNNicpdVJzwStTuTA9otyrz2UyIlY8Wz14za_yr2ZUzSC-JZdLDUoCquvwpNr-Hl6aZTKTKEWvNONXy_GbmGdfK3HPJv4jJg2dzRNhqBqbiKylEFcsrlhW1Pr64ANostdffJaJ-D22D0BiTxbXdtx-V0_0Qi6lA2q8z9MPnF3YvV02fdmBQpPZQpeWZYO7B9QzNHyQRvNrKN0Eztxq44fSduO4EoeaW1brQ28EH8giiW8YDCshJLWNiTUHRAa9ym76GmgAwS6EHKPCC7wASw07XJ8gPgBAOQBgGgBnmAB4Gp5oUBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTk0OTE0MzQzODQ3MDMxN4AKA8gLAeALAYAMAbATvPCFDcgTmrbL3gPQEwDYEwqIFAHYFAHQFQGAFwE&sigh=X1fAnQZiDNs&label=admute&ad_mt=0&acvw=sv%3D904%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D-136,-2550,177,-1994%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D21%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D21%26pst%3D-1%26dur%3D15040%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D21%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1635642360640%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1635642360364&sdkv=h.3.486.2&vci=CkIIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTExMjAwNTM2NjJAiQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDg5NTAyMjEyCTE1OTI4NjczOEBcCkAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDU1MDU1NzIyDDEzODM2NzE0MzA3OUBNCnAIARINYTEuYWRmb3JtLm5ldBoGQWRmb3JtIAQqJDBiZmUzZmZiLTRmOTQtNDgyYy1iNmI4LTAxYTZiMGYwNGQ3MTIGMDAwMDAxQF5SIwiVHRAPJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkj5AVAAGAE.
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTAzp2VlqzVlVGygZT0kNwM1NwQlMmU4JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTM5OTYkMTpzrD01NTYzrT0mMTMzoXN0YT0kMmpmNDY1MCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXRbZXNiqXJwZS5wo20zp3VvSWQ9qGuyp291pzNyLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaZcZF9uqGx9VGuyU291pzNyX1BlnW1cp19EZXNeqG9jJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmElRDMkMmAlRDMmMmE1RwMjMmM3RDqCNmMmMTMmMmpmMmM0MmYmNTMjN0Q3QwQmMmUmNmqEN0I1MmY0NDp2ODZDNwMmMwM5MmE2MmZENEU2QmRDNxQ0RTp2NwI1MTNEM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmUmNwMmN0Q3QwU5MmMmMTM3N0Q3QwY2MmE3RDqCNEMmNmM3MmpmMwqERxVGRSZxnWFcZD0zqXNypxyjQWRxpw0kMmYhMwQmLwE5OC44MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5NS4jLwQ2MmthNTQyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkN2RyYzY2MzU4NWIzpaZhPTEmNwYjJzNioaRyoaRGnWkySWQ9MTt3Mwp2MSZgZWRcYVBfYXyMnXN0SWQ9NmA4MSZgZWRcYUkcp3RJZD0lNDY5NvZcp0V4Y2k1ZGVGpz9gT3B0PTAznXNDYWNbZWRCnWQ9MCZwo250ZW50TWF0Y2uUrXByPSZmp3BsYWRioT0zZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTYmNTY0MwM2MDY0NlZ1nWQ9U2VenW5xo1NQoGF5ZXI2MTqxZWJzNwM4MGY0JaB1YyVloD1bqHRjplUmQSUlRvUlRaRbZXNiqXJwZS5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTpzp2VlqzVlVGygZT0kNwM1NwQlMmU4JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTM5OTYkMTpzrD01NTYzrT0mMTMzoXN0YT0kMmpmNDY1MCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXRbZXNiqXJwZS5wo20zp3VvSWQ9qGuyp291pzNyLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaZcZF9uqGx9VGuyU291pzNyX1BlnW1cp19EZXNeqG9jJaVmZXJJpEFxZHI9MTM2LwI0Ml4kOTthODMzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGOTUhMC40NwM4LwU0JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MTqxZWJzNwJyODVvJaJ2ow0kMmY2MCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwM1NwQlMmYjNwUkJaVcZD1TZWgcozRiU1BfYXyypwYkN2RyYzY2MmtjZwQzpHVvVXJfPWu0qHBmJTNBJTJGJTJGqGuyp291pzNyLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
odr.mookie1.com/t/v2/ Frame 8B57
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=87c25a2a-f804-429f-91ad-a99abb86e6ad&ssp=admatic&gdpr=&gdpr_consent=
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=87c25a2a-f804-429f-91ad-a99abb86e6ad&ssp=admatic&gdpr=&gdpr_consent=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
34.98.67.61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=87c25a2a-f804-429f-91ad-a99abb86e6ad&ssp=admatic&gdpr=&gdpr_consent=
Date
Sun, 31 Oct 2021 01:06:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 5EE6 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
date
Fri, 29 Oct 2021 00:27:12 GMT
expires
Sat, 29 Oct 2022 00:27:12 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
175128
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js
pagead2.googlesyndication.com/bg/ Frame 5EE6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 21:14:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
273100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13354
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 27 Oct 2022 21:14:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5EE6 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.486.2&bgai=BCBY4-Ot9YaqzB8HZbfDLqyAAAAAAOAHgBAI&bg=!ysmlyY3NAAZzbWp4c207ACkAdvg8WnnM4vsw_N0lKiNSKntHLAxLIob3A9tq6mK2nHnEeexP9WTcLQIAAAB4UgAAAAtoAQcKABF-sBOtrKw2TvPwX4UlJ3ttcZkC2GYgNVsXNwiP59zC_Bo8LwirISUhmWdkR5RPWoKIxh0GmITX2hZ6rzGOolpx-Q9hWC66Hu3e-VfdTacvhTJ6fw6F2MksOP4fFmA6j6y3RlHtpY4KjyHZMYOf-ujIJ__VUJEXs-SpeDXPWhDYR-pTNcIjA8F3kX4a5bS2690xugHzc0KDNlh7NuiXVo7J_I4svoSZ_IpARyMfHNmMAxUVV5NC_U1sckhnuNlaL_B_ZCaevi4Dya3MRxQkXKbqiIyH0H8wEk6ZU0B_42dGx8o63lFZ9QTdsYY-D-eiPieDESE6NA3xhj9Ljnkifv2WRtj0rdQS9O4ACLHZw2myy6vN9NWxCft0ewdViZA633stF_lZNufitTgoOzlTpnhCIfzQYknhQdWXsDRmvZ5I6MQm-RIWK0xS-IYBDGUzRyF1LGHz6NOgZSzEwSg0c7qQI8wOyOiesGpfbteAUr6KXAiAEHnRsI0YIQJoTI9P063BriYXIuD2cho8Sg672vbKW4Pw5mJ7-Yjjxk42R4b9iXhf12j4tnugjTfQOKCKhnLZMdSabupRQVRZbloqgyz71wmOemRrdOBwqCAcZb1rSaA3p2dRaJ5g3puAx6zIDZaug5wmSsKKNL-PBgmTHEu-NlCgI5sIlHeyNXVakVyIH74RqRvgKkoB-MlgZhknwORuncA7WRfzjWWJvnsY7UPBhVP3WBmTUShW1AxnH5T9ZbwSTClnII1UWL6AzoGMCDhWmFsGfXZFHxu_00AsaWuYm5LmNDKfLTGKxl3ifkjCkJZ-FHHxAByI8IpqZWdX2rQ7_EtL-QKU_aCRp2CHhWLMzEYOwpIzFI31VmFnbHpwITHSbK6zdYFoL1P76EzftRNouq8cj_sBWFuoPgcytdkwx9iAhc6Kh80hkg-ShmzZgJ3aFPlsq0Sx3OXIWP7-Gt05htniTXWn0QsXR_lAVja2abGJaIXWPWlggrwi
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8929 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:01 GMT
X-Proxy-Origin
136.243.198.83; 136.243.198.83; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
16b28f78-335f-48f9-b21b-b6a85a53d1f6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8C69 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:01 GMT
X-Proxy-Origin
136.243.198.83; 136.243.198.83; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
14970853-80c7-4b91-b1fa-b5256ec59536
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTEmJaNypaZypyRcoWU9MTYmNTY0MwM1OCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9NTtjNTpzp3RuPTEmOTx2MTE3Jat9NTU2Jax9MmEmJz1mqGE9MTM3MmQ2NTAzqzyxX3Zup3RUrXByPTMzqzyxX3ZcZXquYzyfnXR5U3RuqGU9MSZ2nWRspGFmp0RioWFcow10nGVmo3VlY2UhY29gJaN1YxyxPXRbZXNiqXJwZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZ2nWRsYXRcPVRbZVNiqXJwZV9QpzygnXNsRGVmn3RipCZ1p2VlSXBBZGRlPTEmNv4lNDMhMTx4LwtmJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwx1LwAhNDYmOC41NCUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwE3ZGVvZwYlZTt1YvZlqz49MTM2NwAzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzp3NjX2Fxo209JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2MmU2NDImNwI2NDtzqWyxPVNyn2yhZG9TUGkurWVlNwE3ZGVvZwYmODBzNCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ0nGVmo3VlY2UhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:02 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 2E55 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTc9Pl5PNF4nDpvX8KW_Kf3MX9L0RL2s_kS_0sVLS5UPG4i_zD6sp6CfDmafwJloIQrP49ZWeNRRp5owKJfHa8RTVkFRlhYtZNMUCQToh9u46oCovY&sig=Cg0ArKJSzN3-WW2ZAeddEAE&id=lidarv&acvw=sv%3D904%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D20,450,333,1006%26tos%3D2006,0,0,0,0%26mtos%3D2006,2006,2006,2006,2006%26amtos%3D0,0,0,0,0%26mcvt%3D2006%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2228%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D645%26pst%3D423%26dur%3D15040%26vmtime%3D1927%26dtos%3D2006%26dtoss%3D1%26dvs%3D2006%26dfvs%3D2006%26dvpt%3D2207%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483645%26psv%3D3%26psfv%3D3%26psa%3D0%26ptlt%3D1635642362847%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2006&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.09%26t%3D1635642360364
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIqo_rzrrz8wIVwWwbCh3w5QoEEAAYACDSi_pLOhoI0YqEhgEQsNO1yfIDGJq2y94DIN6MzqbiDkITCMfW2M668_MCFfXFuwgdZRQNnA;dc_rmcid=CAASEuRoZ4SSZg3ncqWfshZZFEV78g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D904%26cb%3D...
ade.googlesyndication.com/ddm/activity/ Frame 2E55 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIqo_rzrrz8wIVwWwbCh3w5QoEEAAYACDSi_pLOhoI0YqEhgEQsNO1yfIDGJq2y94DIN6MzqbiDkITCMfW2M668_MCFfXFuwgdZRQNnA;dc_rmcid=CAASEuRoZ4SSZg3ncqWfshZZFEV78g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D904%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D20,450,333,1006%26tos%3D2006,0,0,0,0%26mtos%3D2006,2006,2006,2006,2006%26amtos%3D0,0,0,0,0%26mcvt%3D2006%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2228%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D645%26pst%3D423%26dur%3D15040%26vmtime%3D1927%26dtos%3D2006%26dtoss%3D1%26dvs%3D2006%26dfvs%3D2006%26dvpt%3D2207%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483645%26psv%3D3%26psfv%3D3%26psa%3D0%26ptlt%3D1635642362847%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2006;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.09%26t%3D1635642360364;ecn1=1;etm1=0;eid1=200000;
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2E55 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuY9lUhzddRfHvrjcN7W0hGve-MYBXMloPCtJ1TnI5nuvSsShdltbibk_lbU7sHD65uhpJBdcJsNbFlHPg0NObl4sRozb8cC0KRO8er&sai=AMfl-YTuoJ2Bh9M0n_umx6Xt0Iwy1gpjNys2I9ars0aWroN6RwbLBBEiKzf8fPoHy9teJj2DTwso5li_R27o2iI7W6EzWeXl0Mwyz3EYwQDJNVvG7wHX3iAsfX25G0E&sig=Cg0ArKJSzKkurDEtIXGhEAE&cid=CAASEuRoZ4SSZg3ncqWfshZZFEV78g&id=lidarv&acvw=sv%3D904%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D20,450,333,1006%26tos%3D2006,0,0,0,0%26mtos%3D2006,2006,2006,2006,2006%26amtos%3D0,0,0,0,0%26mcvt%3D2006%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2228%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D645%26pst%3D423%26dur%3D15040%26vmtime%3D1927%26dtos%3D2006%26dtoss%3D1%26dvs%3D2006%26dfvs%3D2006%26dvpt%3D2207%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483645%26psv%3D3%26psfv%3D3%26psa%3D0%26ptlt%3D1635642362847%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2006&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.09%26t%3D1635642360364
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
a1.adform.net/videoad/event/ Frame 2E55 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.adform.net/videoad/event/?bn=50039133&event=26&time=0&banner=48654747&imprid=6028354053768634370&rnd=612220&icid=5648159648007441509&icidt=637712391603070453&eData=pmJiQk-IX2c5oYRkwyATgWX_-JYZSXaNYaJU2uM20NmBsOd57IDzcvtbIpYQ83AToXq7oFeVTRRo4kOyoBiwbg2&videoserverside=0&videoip=-1&videoua=-1&
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:04 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
prime
b60.s79.research.de.com/bb-mx/ Frame 2E55
Redirect Chain
  • https://s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size=1x1...
  • https://b60.s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size...
43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b60.s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size=1x1&sek=20&mod=13&dur=25&swf=0&tm=53205&gdpr=&gdpr_consent=&fcref=https%3A%2F%2Fimasdk.googleapis.com%2F
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
HTTP/1.1
Server
188.40.110.203 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h544.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:04 GMT
Server
nginx
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Sun, 31 Oct 2021 01:06:03 GMT

Redirect headers

Location
https://b60.s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size=1x1&sek=20&mod=13&dur=25&swf=0&tm=53205&gdpr=&gdpr_consent=&fcref=https%3A%2F%2Fimasdk.googleapis.com%2F
Date
Sun, 31 Oct 2021 01:06:04 GMT
Server
nginx
Connection
keep-alive
Content-Length
154
Content-Type
text/html
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 2E55 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8pzL-Ot9YcGBDKSZlQeK15f4Ctiyp4pGAAAAEAEg1eS1HTgBWKeZzLqDBGCVgoCAwAeyAQ10aGVzb3VyY2UuY29tugEKNzI4eDkwX3htbMgBBdoBFmh0dHBzOi8vdGhlc291cmNlLmNvbS-YAujhAcACAuACAOoCHTE2OTE2MjQ1L0RGUEF1ZGllbmNlRXh0ZW5zaW9u-AKB0h6QA4wGmAPgA6gDAdAEkE7gBAHSBQYQpPij0BWQBgGgBiSoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA4Acf0ggJCIDhgBAQARgd2AgCgAoFmAsBgAwB0BUBgBcB&sigh=qEk-nLWGJC4&label=videoplaytime25&ad_mt=3927&acvw=sv%3D904%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D20,450,333,1006%26tos%3D3768,0,0,0,0%26mtos%3D3768,3768,3768,3768,3768%26amtos%3D0,0,0,0,0%26mcvt%3D3768%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3990%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D845%26pst%3D423%26dur%3D15040%26vmtime%3D3927%26dtos%3D1762%26dtoss%3D2%26dvs%3D1762%26dfvs%3D1762%26dvpt%3D1762%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3768,3768,3768,3768,3768%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D21%26emuc%3D0%26emb%3D19,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483633%26psv%3D15%26psfv%3D15%26psa%3D0%26ptlt%3D1635642364608%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3768&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.09%26t%3D1635642360364&sdkv=h.3.486.2&vci=CkIIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTExMjAwNTM2NjJAiQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDg5NTAyMjEyCTE1OTI4NjczOEBcCkAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDU1MDU1NzIyDDEzODM2NzE0MzA3OUBNCnAIARINYTEuYWRmb3JtLm5ldBoGQWRmb3JtIAQqJDBiZmUzZmZiLTRmOTQtNDgyYy1iNmI4LTAxYTZiMGYwNGQ3MTIGMDAwMDAxQF5SIwiVHRAPJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkj5AVAAGAE.
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIqo_rzrrz8wIVwWwbCh3w5QoEEAAYACDSi_pLOhoI0YqEhgEQsNO1yfIDGJq2y94DIN6MzqbiDkITCMfW2M668_MCFfXFuwgdZRQNnA;dc_rmcid=CAASEuRoZ4SSZg3ncqWfshZZFEV78g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D904%26cb%3D...
ade.googlesyndication.com/ddm/activity/ Frame 2E55 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIqo_rzrrz8wIVwWwbCh3w5QoEEAAYACDSi_pLOhoI0YqEhgEQsNO1yfIDGJq2y94DIN6MzqbiDkITCMfW2M668_MCFfXFuwgdZRQNnA;dc_rmcid=CAASEuRoZ4SSZg3ncqWfshZZFEV78g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D904%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D20,450,333,1006%26tos%3D3768,0,0,0,0%26mtos%3D3768,3768,3768,3768,3768%26amtos%3D0,0,0,0,0%26mcvt%3D3768%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3990%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D845%26pst%3D423%26dur%3D15040%26vmtime%3D3927%26dtos%3D1762%26dtoss%3D2%26dvs%3D1762%26dfvs%3D1762%26dvpt%3D1762%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3768,3768,3768,3768,3768%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D21%26emuc%3D0%26emb%3D19,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483633%26psv%3D15%26psfv%3D15%26psa%3D0%26ptlt%3D1635642364608%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3768;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.09%26t%3D1635642360364;ecn1=1;etm1=0;eid1=960584;
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2E55 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CXjYM9-t9YYf_MfWL7_UP5ai04AmayrvXZd6MzqbiDsiAlZhDEAEgvb2feGCVgoCAwAfIAQWpAi6C9C-RZbM-qAMByAMTmAQAqgTsAU_Q7JjU3Pv_lj3_mnDwUpGkVJI7AceABD67QsyU9DjMlNNicpdVJzwStTuTA9otyrz2UyIlY8Wz14za_yr2ZUzSC-JZdLDUoCquvwpNr-Hl6aZTKTKEWvNONXy_GbmGdfK3HPJv4jJg2dzRNhqBqbiKylEFcsrlhW1Pr64ANostdffJaJ-D22D0BiTxbXdtx-V0_0Qi6lA2q8z9MPnF3YvV02fdmBQpPZQpeWZYO7B9QzNHyQRvNrKN0Eztxq44fSduO4EoeaW1brQ28EH8giiW8YDCshJLWNiTUHRAa9ym76GmgAwS6EHKPCC7wASw07XJ8gPgBAOQBgGgBnmAB4Gp5oUBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTk0OTE0MzQzODQ3MDMxN4AKA8gLAeALAYAMAbATvPCFDcgTmrbL3gPQEwDYEwqIFAHYFAHQFQGAFwE&sigh=X1fAnQZiDNs&label=videoplaytime25&ad_mt=3927&acvw=sv%3D904%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D20,450,333,1006%26tos%3D3768,0,0,0,0%26mtos%3D3768,3768,3768,3768,3768%26amtos%3D0,0,0,0,0%26mcvt%3D3768%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3990%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D845%26pst%3D423%26dur%3D15040%26vmtime%3D3927%26dtos%3D1762%26dtoss%3D2%26dvs%3D1762%26dfvs%3D1762%26dvpt%3D1762%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3768,3768,3768,3768,3768%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D21%26emuc%3D0%26emb%3D19,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483633%26psv%3D15%26psfv%3D15%26psa%3D0%26ptlt%3D1635642364608%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3768&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.09%26t%3D1635642360364&sdkv=h.3.486.2&vci=CkIIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTExMjAwNTM2NjJAiQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDg5NTAyMjEyCTE1OTI4NjczOEBcCkAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDU1MDU1NzIyDDEzODM2NzE0MzA3OUBNCnAIARINYTEuYWRmb3JtLm5ldBoGQWRmb3JtIAQqJDBiZmUzZmZiLTRmOTQtNDgyYy1iNmI4LTAxYTZiMGYwNGQ3MTIGMDAwMDAxQF5SIwiVHRAPJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkj5AVAAGAE.
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user
ads3.admatic.com.tr/ Frame 8B57
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=87c25a2a-f804-429f-91ad-a99abb86e6ad
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=87c25a2a-f804-429f-91ad-a99abb86e6ad
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=19ab0e4e-3412-4418-983a-1e2a467ef4f5&ssp=admatic&expires=30&user_group=5&bsw_param=87c25a2a-f804-429f-91ad-a99abb86e6ad
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=87c25a2a-f804-429f-91ad-a99abb86e6ad&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=87c25a2a-f804-429f-91ad-a99abb86e6ad&dsp_uuid=&dsp_id=
35 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=87c25a2a-f804-429f-91ad-a99abb86e6ad&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:06:05 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 01:06:05 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=87c25a2a-f804-429f-91ad-a99abb86e6ad&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTYmNTY0MwM1OCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTAlOTxlJaN0YT0jJat9NTYmJax9MmE3JaZcZF9jYXNmRG9gYWyhPXRbZXNiqXJwZS5wo20zp3VvSWQ9qGuyp291pzNyLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaVmZXJJpEFxZHI9MTM2LwI0Ml4kOTthODMzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGOTUhMC40NwM4LwU0JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MTqxZWJzNwJyODVvJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzR1pw04MDAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTYmNTY0MwM2NwM5NCZ1nWQ9U2VenW5xo1NQoGF5ZXI2MTqxZWJzNwM4MGY0JaB1YyVloD1bqHRjplUmQSUlRvUlRaRbZXNiqXJwZS5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:06 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQlJaNypaZypyRcoWU9MTYmNTY0MwM1OCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTAlOTxlJaN0YT0jJat9NTYmJax9MmE3JaZcZF9jYXNmRG9gYWyhPXRbZXNiqXJwZS5wo20zp3VvSWQ9qGuyp291pzNyLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaVmZXJJpEFxZHI9MTM2LwI0Ml4kOTthODMzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGOTUhMC40NwM4LwU0JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MTqxZWJzNwJyODVvJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzR1pw04MDAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTYmNTY0MwM2NwQlMSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MTqxZWJzNwM4MGY0JaB1YyVloD1bqHRjplUmQSUlRvUlRaRbZXNiqXJwZS5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.205 -, , ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:06 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
/
a1.adform.net/videoad/event/ Frame 2E55 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.adform.net/videoad/event/?bn=50039133&event=27&time=0&banner=48654747&imprid=6028354053768634370&rnd=612220&icid=5648159648007441509&icidt=637712391603070453&eData=pmJiQk-IX2c5oYRkwyATgWX_-JYZSXaNYaJU2uM20NmBsOd57IDzcvtbIpYQ83AToXq7oFeVTRRo4kOyoBiwbg2&videoserverside=0&videoip=-1&videoua=-1&
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:08 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
prime
b60.s79.research.de.com/bb-mx/ Frame 2E55
Redirect Chain
  • https://s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size=1x1...
  • https://b60.s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size...
43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b60.s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size=1x1&sek=20&mod=13&dur=50&swf=0&tm=51561&gdpr=&gdpr_consent=&fcref=https%3A%2F%2Fimasdk.googleapis.com%2F
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
HTTP/1.1
Server
188.40.110.203 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h544.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 01:06:08 GMT
Server
nginx
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Sun, 31 Oct 2021 01:06:07 GMT

Redirect headers

Location
https://b60.s79.research.de.com/bb-mx/prime?pjid=914466&adv=Intern_Mindshare_mindshare-pkkv&cpid=2481923&apb=1833178&apa=Adgapid_025_800160_10011343_016_0_0_2&place=8172829&cid=50039133&site=0&size=1x1&sek=20&mod=13&dur=50&swf=0&tm=51561&gdpr=&gdpr_consent=&fcref=https%3A%2F%2Fimasdk.googleapis.com%2F
Date
Sun, 31 Oct 2021 01:06:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
154
Content-Type
text/html
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 2E55 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8pzL-Ot9YcGBDKSZlQeK15f4Ctiyp4pGAAAAEAEg1eS1HTgBWKeZzLqDBGCVgoCAwAeyAQ10aGVzb3VyY2UuY29tugEKNzI4eDkwX3htbMgBBdoBFmh0dHBzOi8vdGhlc291cmNlLmNvbS-YAujhAcACAuACAOoCHTE2OTE2MjQ1L0RGUEF1ZGllbmNlRXh0ZW5zaW9u-AKB0h6QA4wGmAPgA6gDAdAEkE7gBAHSBQYQpPij0BWQBgGgBiSoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA4Acf0ggJCIDhgBAQARgd2AgCgAoFmAsBgAwB0BUBgBcB&sigh=qEk-nLWGJC4&label=videoplaytime50&ad_mt=7677&acvw=sv%3D904%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D20,450,333,1006%26tos%3D7518,0,0,0,0%26mtos%3D7518,7518,7518,7518,7518%26amtos%3D0,0,0,0,0%26mcvt%3D7518%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7740%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1646%26pst%3D423%26dur%3D15040%26vmtime%3D7677%26dtos%3D3750%26dtoss%3D3%26dvs%3D3750%26dfvs%3D3750%26dvpt%3D3750%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3750,3750,3750,3750,3750%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D40%26emuc%3D0%26emb%3D38,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483393%26psv%3D255%26psfv%3D255%26psa%3D0%26ptlt%3D1635642368359%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7518&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.09%26t%3D1635642360364&sdkv=h.3.486.2&vci=CkIIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTExMjAwNTM2NjJAiQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDg5NTAyMjEyCTE1OTI4NjczOEBcCkAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDU1MDU1NzIyDDEzODM2NzE0MzA3OUBNCnAIARINYTEuYWRmb3JtLm5ldBoGQWRmb3JtIAQqJDBiZmUzZmZiLTRmOTQtNDgyYy1iNmI4LTAxYTZiMGYwNGQ3MTIGMDAwMDAxQF5SIwiVHRAPJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkj5AVAAGAE.
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIqo_rzrrz8wIVwWwbCh3w5QoEEAAYACDSi_pLOhoI0YqEhgEQsNO1yfIDGJq2y94DIN6MzqbiDkITCMfW2M668_MCFfXFuwgdZRQNnA;dc_rmcid=CAASEuRoZ4SSZg3ncqWfshZZFEV78g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D904%26cb%3D...
ade.googlesyndication.com/ddm/activity/ Frame 2E55 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIqo_rzrrz8wIVwWwbCh3w5QoEEAAYACDSi_pLOhoI0YqEhgEQsNO1yfIDGJq2y94DIN6MzqbiDkITCMfW2M668_MCFfXFuwgdZRQNnA;dc_rmcid=CAASEuRoZ4SSZg3ncqWfshZZFEV78g;eps=CIDhgBAQARgd;met=1;acvw=sv%3D904%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D20,450,333,1006%26tos%3D7518,0,0,0,0%26mtos%3D7518,7518,7518,7518,7518%26amtos%3D0,0,0,0,0%26mcvt%3D7518%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7740%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1646%26pst%3D423%26dur%3D15040%26vmtime%3D7677%26dtos%3D3750%26dtoss%3D3%26dvs%3D3750%26dfvs%3D3750%26dvpt%3D3750%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3750,3750,3750,3750,3750%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D40%26emuc%3D0%26emb%3D38,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483393%26psv%3D255%26psfv%3D255%26psa%3D0%26ptlt%3D1635642368359%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7518;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.09%26t%3D1635642360364;ecn1=1;etm1=0;eid1=18;
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2E55 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CXjYM9-t9YYf_MfWL7_UP5ai04AmayrvXZd6MzqbiDsiAlZhDEAEgvb2feGCVgoCAwAfIAQWpAi6C9C-RZbM-qAMByAMTmAQAqgTsAU_Q7JjU3Pv_lj3_mnDwUpGkVJI7AceABD67QsyU9DjMlNNicpdVJzwStTuTA9otyrz2UyIlY8Wz14za_yr2ZUzSC-JZdLDUoCquvwpNr-Hl6aZTKTKEWvNONXy_GbmGdfK3HPJv4jJg2dzRNhqBqbiKylEFcsrlhW1Pr64ANostdffJaJ-D22D0BiTxbXdtx-V0_0Qi6lA2q8z9MPnF3YvV02fdmBQpPZQpeWZYO7B9QzNHyQRvNrKN0Eztxq44fSduO4EoeaW1brQ28EH8giiW8YDCshJLWNiTUHRAa9ym76GmgAwS6EHKPCC7wASw07XJ8gPgBAOQBgGgBnmAB4Gp5oUBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTk0OTE0MzQzODQ3MDMxN4AKA8gLAeALAYAMAbATvPCFDcgTmrbL3gPQEwDYEwqIFAHYFAHQFQGAFwE&sigh=X1fAnQZiDNs&label=videoplaytime50&ad_mt=7677&acvw=sv%3D904%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D20,450,333,1006%26tos%3D7518,0,0,0,0%26mtos%3D7518,7518,7518,7518,7518%26amtos%3D0,0,0,0,0%26mcvt%3D7518%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7740%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1646%26pst%3D423%26dur%3D15040%26vmtime%3D7677%26dtos%3D3750%26dtoss%3D3%26dvs%3D3750%26dfvs%3D3750%26dvpt%3D3750%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3750,3750,3750,3750,3750%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D863%26femvt%3D0%26emc%3D40%26emuc%3D0%26emb%3D38,0,0,0,0%26avms%3Dexc%26qi%3D352635464%26psm%3D-2147483393%26psv%3D255%26psfv%3D255%26psa%3D0%26ptlt%3D1635642368359%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7518&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.09%26t%3D1635642360364&sdkv=h.3.486.2&vci=CkIIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTExMjAwNTM2NjJAiQIKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDg5NTAyMjEyCTE1OTI4NjczOEBcCkAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDU1MDU1NzIyDDEzODM2NzE0MzA3OUBNCnAIARINYTEuYWRmb3JtLm5ldBoGQWRmb3JtIAQqJDBiZmUzZmZiLTRmOTQtNDgyYy1iNmI4LTAxYTZiMGYwNGQ3MTIGMDAwMDAxQF5SIwiVHRAPJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkj5AVAAGAE.
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 01:06:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=rLBFhaTYqF90bHBlgOyS&pi=admatic&tc=1
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?redir=
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=f98fd327af1b463bb7d085920b89edde
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=sTWlcWD8_kFvs9dcF9TcToQ1oIYw_u6Tf0t3l-85s7BzbdwpfHUiViW4vsRoBAbvAhLFaih-6ZbgZNAbRWr4Dg
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOYGJ8wT-Ch21eG3X-Uwfp525acpra254xK5NACA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| apstag number| adsStart function| detectWidth function| detectPage number| FAILSAFE_TIMEOUT object| _requestManager object| googletag object| pbjs boolean| tempTag function| invokeVideoPlayer object| adUnits object| a9Slots boolean| a9BidsBack number| tableBreakSize number| mobileBreakSize string| device string| pageType string| dfpNetwork object| mappingLeaderboard object| mappingMRU object| mapping320x50 object| mapping300x50 object| mappingMulti number| len function| biddersBack function| sendAdserverRequest function| requestHeaderBids object| ggeac object| google_js_reporting_queue object| google_tag_manager object| dataLayer string| mi_version boolean| mi_track_user string| mi_no_track_reason string| disableStr function| __gtagTrackerIsOptedOut function| __gtagTrackerOptout function| gaOptout function| __gtagTracker object| google_tag_data string| GoogleAnalyticsObject function| ga function| gtag function| __gaTracker object| _wpemojiSettings object| monsterinsights_frontend undefined| $ function| jQuery object| VPData function| documentInitOneSignal function| OneSignal object| _comscore object| displayOnDevices object| displayOnPages object| FB object| _qevents object| cbfc_strings object| wpcf7 object| cbExt object| cbScripts object| Wppsac function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery object| ai_front function| b64e function| b64d number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_run_753598400660 boolean| ai_js_code function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| gaplugins object| gaGlobal object| gaData function| udm_ object| ns_p object| COMSCORE boolean| apstagLOADED function| MonsterInsights object| MonsterInsightsObject object| html5 object| Modernizr function| yepnope function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| twemoji object| wp function| Typed function| cbfc_final_countdown_box_size function| cbfc_box_size function| cbfc_run object| Kinetic object| exports function| retinajs object| twttr function| tabberObj function| tabberAutomatic function| tabberAutomaticOnLoad function| EventEmitter object| eventie function| imagesLoaded undefined| cbYTPlayerHolder object| CbYTPlayer string| cbYouTubeVideoID undefined| tag undefined| firstScriptTag function| onYouTubeIframeAPIReady function| wppsac_post_slider_init function| wppsac_post_carousel_slider_init function| ai_document_write string| selector_string function| ai_process_lists number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| __twttrll object| __twttr function| pbjsChunk object| _pbjsGlobals object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| ampInaboxIframes object| ampInaboxPendingMessages boolean| inDapIF boolean| inGptIF object| dicnf number| google_srt object| viewReq function| vu object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent606 boolean| sekindoFlowingPlayerOn number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ object| freewheelssp_cache number| google_global_correlator object| closure_lm_381898 function| arrive function| unbindArrive function| leave function| unbindLeave

102 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgQIQqYWHn80vCgoI4gEQqYWHn80vCgoI5gEQqYWHn80vCgoIhwIQqYWHn80vCgkICRCphYefzS8KCQg6EKmFh5_NLwoJCAsQqYWHn80vCgoIjAIQqYWHn80vCgoIzgEQqYWHn80vCgkIXxCphYefzS8=
thesource.com/ Name: PHPSESSID
Value: 01571f48e50c44b404fa96cebc9d4753
.thesource.com/ Name: _ga
Value: GA1.2.26038121.1635642356
.thesource.com/ Name: _gid
Value: GA1.2.1863689432.1635642356
.scorecardresearch.com/ Name: UID
Value: 13HCW4HQWHUWO1GSJHQGFLg1635642356
.thesource.com/ Name: _gat_gtag_UA_63798235_1
Value: 1
.thesource.com/ Name: _dc_gtm_UA-63798235-1
Value: 1
.quantserve.com/ Name: mc
Value: 617debf4-639ce-6189a-93816
.thesource.com/ Name: __qca
Value: P0-1493024277-1635642356388
thesource.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.openx.net/ Name: i
Value: 7c0e84ff-f81c-0098-1789-4d466e544eab|1635642356
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlMo5FOs8RutYC8PKjsHgJevEtn_Pue_yFLzJQJWLko_E4tTAe96fqnK8lLW_nUGpZWyMc6vHbmtmWfw5_eNN_JKXEVwFRTn_Xc
.gumgum.com/ Name: vst
Value: e_3d6b09b6-c176-48e6-976b-486e5a6e31d3
.adnxs.com/ Name: icu
Value: ChgI7MpCEAoYASABKAEw9Nf3iwY4AUABSAEQ9Nf3iwYYAA..
.adnxs.com/ Name: uuid2
Value: 1797836623355034328
.rubiconproject.com/ Name: rsid
Value: 1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tj2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GLHAIlzGqoEKZaU66THvScWV7/AA==
.rubiconproject.com/ Name: khaos
Value: KVEJ884V-Q-254P
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bG2SmWtbUtDgOMH05QULE/jV/G9Z/GRzTwlMNVEfWi2yiNEQmLCFva7WVEdVTOS8p1ymPvo8pleP4s7PQmCKGhZbrF2mGERI4E=
.doubleclick.net/ Name: IDE
Value: AHWqTUkIvOzW-G2q6dVCOS0uUop2KJ5Fumo7HqvFZcRU_WxKIf4H-1SW8z0wuO8iSaA
.casalemedia.com/ Name: CMID
Value: YX3r9sc2gUbpCPEsKJuTXAAA
.casalemedia.com/ Name: CMPS
Value: 5235
.casalemedia.com/ Name: CMPRO
Value: 1180
.spotxchange.com/ Name: audience
Value: b51d55dc-39e6-11ec-a7cf-1a3233820506
ads.us.e-planning.net/ Name: CT
Value: 1
.creativecdn.com/ Name: u
Value: rLBFhaTYqF90bHBlgOyS
.creativecdn.com/ Name: ts
Value: 1635642359
ads.stickyadstv.com/ Name: UID
Value: 3e85e1cacd50152a28e16abce2f30dd
.adscale.de/ Name: uu
Value: f98fd327af1b463bb7d085920b89edde
.ibillboard.com/ Name: ibbid
Value: BBID-01-03103563594690148-16434108
.mathtag.com/ Name: uuid
Value: d123617d-ebf7-4000-b9de-123c9cbe399a
.ads3.admatic.com.tr/ Name: ARRAffinity
Value: 5cd954eb54859a62355d68180fae9f1a594237dad0b93ebb7a83a9787ee34388
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 5648159648007441509
.criteo.com/ Name: uid
Value: 71014a8a-7415-4985-97df-9e0e38448b37
.adscale.de/ Name: cct
Value: 1635642360014
.m6r.eu/ Name: test
Value: true
.m6r.eu/ Name: cct
Value: 1635642360223
.m6r.eu/ Name: id
Value: 481abcac45320921bb2bd04d8b1f53d8
ads.stickyadstv.com/ Name: sessionId
Value: 3d6aaa9becca8c1f1d7e5d8a196bd257
.ih.adscale.de/ Name: tu
Value: 4#1819094181#48~481abcac45320921bb2bd04d8b1f53d8~454345~0~0#101~BBID-01-03103563594690148-16434108~454345~0~0#39~d123617d-ebf7-4000-b9de-123c9cbe399a~454345~0~0#40~71014a8a-7415-4985-97df-9e0e38448b37~454345~0~0#42~5648159648007441509~454345~0~0#75~1797836623355034328~454345~0~0#108~d123617d-ebf7-4000-b9de-123c9cbe399a~454345~0~0#63~YX3r9sc2gUbpCPEsKJuTXAAA&1180~454345~0~0
.casalemedia.com/ Name: CMST
Value: YX3r9mF96-gA
.fwmrm.net/ Name: _uid
Value: "g070_7025030444152589491"
.thesource.com/ Name: __gads
Value: ID=33e95e3ecf3b2b61:T=1635642357:S=ALNI_Ma_qWJU42KUMJK67t0sUnkVnvpRXA
.adsrvr.org/ Name: TDID
Value: 42c67c7c-2551-47a2-b8b1-c646ec192f1f
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 6d01eb616b58e63cfef3ea1d0062d0ba
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEsxMExNMjM0SzK1SDUzTk5LTTNOTTRMMTAwM0oxSEpkAILE2tc%2FQDQUAABwQAwf"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIrH39A0hBAQAhZQLC"
ads.stickyadstv.com/ Name: uid-bp-36033
Value: g070_7025030444152589491
ads.stickyadstv.com/ Name: MRM_UID
Value: g070_7025030444152589491
thesource.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2242c67c7c-2551-47a2-b8b1-c646ec192f1f%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222021-10-31T01%3A06%3A00%22%7D
thesource.com/ Name: pbjs-unifiedid_last
Value: Sun%2C%2031%20Oct%202021%2001%3A06%3A00%20GMT
.thesource.com/ Name: panoramaId_expiry
Value: 1636247160323
.thesource.com/ Name: _cc_id
Value: 6d01eb616b58e63cfef3ea1d0062d0ba
.thesource.com/ Name: panoramaId
Value: 15bd615e4a03ef443597128e1f0d4945a7024a214c2838afbac373257b29d4aa
thesource.com/ Name: _lr_retry_request
Value: true
thesource.com/ Name: _lr_env_src_ats
Value: false
.mathtag.com/ Name: mt_mop
Value: 9:1635642360
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESENIGlLGNuhu93XSEjbNonTA
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: id5
Value: a7851b3d-3c74-4f3f-80fd-0de0aa738b25#1635642360461#1
.id5-sync.com/ Name: callback
Value:
.bidswitch.net/ Name: tuuid
Value: 87c25a2a-f804-429f-91ad-a99abb86e6ad
.bidswitch.net/ Name: c
Value: 1635642360
.bidswitch.net/ Name: tuuid_lu
Value: 1635642360
.openx.net/ Name: pd
Value: v2|1635642360|gekin0vNiygu
.3lift.com/ Name: tluid
Value: 14280192959945114258
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjy8pbZqoWOOhAFOAFaCXN0aWNreWFkc2AC
thesource.com/ Name: cto_bundle
Value: TDtND193dXlUOHFpWG1vTUNrUFlRR2UlMkJURU9YbUJtJTJGTzd2bm96bHZWdFFxaVpUM3haa3ZFeTJXVGlGS0hUaFFsMVY4UlFxSzJtMDZVJTJGUUMlMkJXTTdTJTJGcW4xYllHd0hxNGp1MW0wS3QlMkZlZ1BkcVpucjQlMkJPUXZEZkhPZWpzT0IlMkZmRGhnN1k1bmlEY05ORHY1VzZpOTkxNU9MRDhRJTNEJTNE
thesource.com/ Name: cto_bidid
Value: d1rqT19MbWRyVTlXJTJCVWdsajFCa09lM0tHJTJGSVpzeDNwdllKbVNXbnRoeHpLTE9wT1pSZ2p6c0trc0dZNVhsaEdTcFU0OGt4QjI1S3RldnNQYXoyOFRSd21lYTFJcVMxNUNrYXl6UiUyQndZeFM1ZXgwVSUzRA
.quantserve.com/ Name: d
Value: EOABDAHOJIqsMA
ads.stickyadstv.com/ Name: uid-bp-892
Value: 42c67c7c-2551-47a2-b8b1-c646ec192f1f
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YX3r_AAA5aMF6wAz
.tapad.com/ Name: TapAd_TS
Value: 1635642360544
.tapad.com/ Name: TapAd_DID
Value: bab572c6-861f-44e9-b748-4e01662fcaf3
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.360yield.com/ Name: tuuid
Value: 8d8ca382-7215-454c-944d-db3fe055fb88
.360yield.com/ Name: tuuid_lu
Value: 1635642360
.yahoo.com/ Name: A3
Value: d=AQABBPjrfWECEJoq05bklHDQ3i-3_7tFjScFEgEBAQE9f2GHYQAAAAAA_eMAAA&S=AQAAAlKaYbpe25mVZwVd1Yyu1Y0
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 534d22b8-4c19-416b-9438-5016fdf12a1b
beacon.lynx.cognitivlabs.com/ Name: ss
Value: NeoqZntNeS6w9l404YnT3U4uS%2FTMU5ycaEIbhynVv0LxvzPC%2FfSAEQaELuQc4mpVd9NFg01yErFPvxMt8aFAMQ%3D%3D
ads.stickyadstv.com/ Name: uid-bp-951
Value: 1797836623355034328
.casalemedia.com/ Name: CMRUM3
Value: 33617debf805a0&27617debf80b40&f1617debf805a0&49617debf805a0&2e617debf805a0&b0617debf805a00&ce617debf805a0&08617debf82760534d22b8-4c19-416b-9438-5016fdf12a1b&2d617debf82760CAESEE8CytBrvPF18H4_x4NPbZk&bf617debf805a0&6f617debf805a0&58617debf805a0&82617debf8a8c0&e6617debf82760
.bing.com/ Name: MUID
Value: 216676723B0D6CBD090666933ADF6D90
.360yield.com/ Name: um
Value: !79,wE1pd7GpW6cvuRaKwTW9vBNlwhl19xC0ZXYHezdpQNdcVcmZXdhb5hejadJjH-hVtT3WOiYSTC2b1JVH,1643418360!313,wE1pd-GQWcyVn8dE2qowYvY0zx85lWnzQUsR27J.dWctSV3Sm3TNhH3fzD8gR8h5b0Jk.zrzy7LOI9id,1643418360
.360yield.com/ Name: umeh
Value: !79,0,1697850360,-1!313,0,1697850360,-1
.turn.com/ Name: uid
Value: 8412288169538698134
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&4be1fcca-a8c4-4c03-8a3d-6d97e6bb76d0"
.linkedin.com/ Name: li_gc
Value: MTswOzE2MzU2NDIzNjA7MjswMjGZPW+BMB5SOy+8OvpmwNPGLAJVMG0Sfk9yffMu2EhPmA==
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2507:u=1:x=1:i=1635642361:t=1635728761:v=2:sig=AQE_uFIhptwQFOo7-k7huZ3_EGB4QvNu"
ads.avct.cloud/ Name: uuid
Value: 3f76c14e-64a0-4258-9a06-77b23687f4f7
.mediarithmics.com/ Name: mics_vid
Value: 21933300780
.mediarithmics.com/ Name: mics_uaid
Value: web:1:d659ef9e-bd07-48e2-84eb-87cd5ea44ee4
.mediarithmics.com/ Name: mics_lts
Value: 1635642361721
.id5-sync.com/ Name: 3pi
Value: 146#1635642361304#-1797225208|18#1635642361803#-234832272|19#1635642361896#-1752799335#6d01eb616b58e63cfef3ea1d0062d0ba|916#1635642360673#1797092545|441#1635642360479#48|124#1635642360758#1797092545

55 Console Messages

Source Level URL
Text
javascript warning URL: https://thesource.com/(Line 4454)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://live.primis.tech/live/liveView.php?s=102992&cbuster=2105319222, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://thesource.com/(Line 4454)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://thesource.com/(Line 4454)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://live.primis.tech/live/liveView.php?s=102992&cbuster=2105319222, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://thesource.com/(Line 4454)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74)
Message:
Origin trial controlled feature not enabled: 'trust-token-redemption'.
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=88
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/709414.gif?gdpr=1
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
deprecation warning
Message:
'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOYGJ8wT-Ch21eG3X-Uwfp525acpra254xK5NACA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
a1.adform.net
acdn.adnxs.com
ad.turn.com
ade.googlesyndication.com
ads.creative-serving.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ads.yahoo.com
ads3.admatic.com.tr
ads4.admatic.com.tr
adscale-emea.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
api.rlcdn.com
b1sync.zemanta.com
b60.s79.research.de.com
bbnaut.ibillboard.com
beacon.lynx.cognitivlabs.com
bid.g.doubleclick.net
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn-images.mailchimp.com
cdn.admatic.com.tr
cdn.districtm.io
cdn.onesignal.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
csync.loopme.me
dis.criteo.com
dmp.brand-display.com
dmx.districtm.io
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
exchange.postrelease.com
fa6e6050085c492614244ccd4c04ee84.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-thesource.s3.us-east-2.amazonaws.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
ih.adscale.de
image6.pubmatic.com
imasdk.googleapis.com
img.onesignal.com
js-sec.indexww.com
js.adscale.de
live.primis.tech
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mug.criteo.com
odr.mookie1.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
pubads.g.doubleclick.net
px.ads.linkedin.com
rtb.gumgum.com
rules.quantcount.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s0.2mdn.net
s1.adform.net
s79.research.de.com
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.console.adtarget.com.tr
sync.mathtag.com
sync.search.spotxchange.com
syndication.twitter.com
thesource.com
thesource2-d.openx.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
video.primis.tech
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
dpm.demdex.net
sync.console.adtarget.com.tr
104.16.190.66
104.244.42.8
13.248.245.213
13.32.99.90
141.95.3.10
142.250.184.194
142.250.186.98
142.251.5.156
147.75.38.124
151.101.193.108
151.101.194.49
154.57.158.49
162.55.6.211
169.197.150.7
172.217.16.130
172.217.23.98
178.250.0.157
178.250.2.151
18.156.195.47
18.194.61.148
18.195.105.17
18.66.127.89
185.167.96.211
185.29.134.248
185.33.220.240
185.33.221.87
185.33.223.217
185.64.189.112
185.64.190.78
185.94.180.126
188.132.147.227
188.40.110.203
192.124.249.167
194.146.38.205
194.213.62.37
2.21.111.28
2.21.142.210
2001:4860:4802:32::3
209.54.177.54
216.52.2.19
23.218.208.200
23.218.208.246
23.79.143.124
2600:9000:223c:ac00:6:44e3:f8c0:93a1
2600:9000:223f:6200:f:4f64:8940:93a1
2602:803:c002:200::52
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:e134
2606:4700::6812:e234
2620:112:f002:bbbb::21
2620:116:800d:21:f916:5049:f87f:108e
2620:119:50e1:101::6cae:b25
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:800::200e
2a00:1450:4001:808::2006
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c09::9a
2a02:2638::1c
2a03:2880:f01c:8012:face:b00c:0:3
2a05:d018:d29:3602:6f35:8046:ae1a:688f
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.126.56.137
34.120.133.55
34.197.208.127
34.204.254.218
34.98.67.61
35.156.28.35
35.211.85.235
35.227.248.159
35.241.40.233
35.244.159.8
35.244.174.68
37.157.2.248
37.157.3.30
37.157.4.40
37.157.4.41
46.249.52.248
50.31.142.63
51.89.9.253
52.16.214.249
52.19.22.209
52.208.210.171
52.219.98.106
52.222.210.175
52.223.40.198
52.86.210.192
54.93.135.255
69.173.144.138
69.173.144.165
72.251.244.140
78.46.46.18
89.187.169.47
003e18006967c2b2b328b2de10e72f33ccc2811f54f78fad79e056e0ad41500d
0060af55b40b80f184a0e97d6d426a78b4662c10830484105a91d1b10f94f3c1
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
00bcc95e057fdbf8afa5fa49ef756cc654084b619188c64f0249064b141b8ffb
0131c747444baa95b7ed4d911e5646fde99602be0b61638bf5eb569726663846
0285974cab4bcfd3b5d988c76243d60534d5232e37ed767a09aa883490ac9d16
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03f7699bbe17a575f73f368f2281dce304d2e0057c4a73c5963bd70b44d82003
0511402af2a03e93171f7c1c5cfc0bffc7d4e7c10a049954804dcf1714c0eaee
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
081ac47ebc414943049836ff8e1b06aceb20c1c27419aa8807f55f88e8dfa29b
0b105e772394ec65d339d16b14c4375a29e684361952c66a8cb65b48d2d188f0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0f63aebd33fe2858a5adc1469a271140e176e701fad42c8db359c5e7e77aee59
10424daca90a3213938d84d8259098b2146af39aa01f3bdbee1d1b8f8d2f037c
10bdb30d7a4d2ef26efef92d2234fd4f2f20ffaa731066efa3fb591c311fbeb3
1198778c5f1ca6f8744178ab376cd8a11e2762ced950157042f3af6886417e3d
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
144dfc7f3c8315d272c4dc03429633b1b6766e898302f6ff059e7df0cf8c9021
145483c99459755d8fb23203ccbc857be7b98c87bf25b2d85803f88fde1911d9
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
159b2f1e2bf40f0d510b5173fddc8cf04ef3d0dcd1b59930b5ba5f638f241d14
168a872cd1fb2c534154ab4d0874a55dec36be2b7413b6fbca4e1c41986a371a
16a683a32dc725cf4b14e088c0091cad5dbf6163ff2fdf863bff55fdd395832f
19aa16dbbf9b2726e7d4cabb35388d7e3cdae04c8debb75db795a7b08368d584
1b4d9184b3010223e94829223441cd37e850f296f893982756a478a736b590a3
1bf472444186929fb9d5bc745df0194b9210e28d3d17c701e323f62d3b32fb9a
1c5e854ffb860ade7b6e01352612340dd82858360c56bec6af9e12acc924b538
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20a110f361ac6da37ab5bd5ec466ce406bf6e4e26afacb32d06ff85aea0aec2c
219646582b9878c19d3d5157f6776ce1ddfe967fc0618facb1dd9f9f4c375c1f
2259195eb1777a95ed2cf096f110800af53b0168aecd81673fb2a09802b0b364
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22d994a0c42f5a48362fd5eadac6762403c7addbd8e8b0d9025e067dff4679ae
2625382d95e280866378667c65993970def7182a834d1ed7422529d81a9c7a63
26e1a1ff525af06dbc26454eac5775fa1b39bb596bc9f4cef1dd6d97ab00c84f
28fc7d0015adadc29f8b9460570dbfeb4e9a4ab9566d9a1f91ea8b627e782d90
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2a64f7ae28c4fd57a38d669d38d16c5b8e65dd27a3e7e492360eda99402378bf
2c95cc4a9f22bde75b987558e15ab8e9f1bc3f3ca67eb153ad273c38bf0d0bf6
2c9f2b3650188b8cbe189885b7670419be6df23ed3b63fdf87741443d0f6e27a
2e0bb38025e247364fd3be2e22e2439e553385542012209e76af9bc4250b11b4
2e36c6c5a29efb8da343da850a8197df6aeaffebd1f936bd4978616419cbdc4b
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2f0a2bb3afae151ec84e77031546e8e64126576f6ad0cb2d59305c9763001a7a
31197c647656a22836cab642095b18602ae852b7a291188d677a0b4eea5a35e8
32eb18e44992225dae7868495be9c5cd91eeddf19d4463d23524eb61d6a71c1a
341d60978be773324efc5675af22bf12fc60184826da150273899f267b4b00ac
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
36218c48c775ce2e3ef1d45f01a879d4af029cc2aaa951aea6730fc9c51835a4
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3954c079cedc82e8ddac1125c3867f78b5ea5df0059c11e3f6834246f3b35b98
3ab2a68924f0981a376139bd3af6bca628c74cdbfcecd0721d0805aeadde786c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7594a1fd86143e012cd8f373b17d0db7377a7ef18ee8803233eb5c222dd32b
3f59107ac558e710b1f23fdd902ff71148f023ad12c480d4f26b35fea16f3f17
3fd86f0a731bea37e8103d348ad4a60885e81e9fde75ed5013f8ab458faaceb0
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4316cb19092b33844173a54d8e0f5106a562446ad8375c0b8f057d7fe0782dcb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4439fc742b82f9cbec7e121338dc9478db865ad5c0d95c6ea0f311943f88d18d
465f48f07b60f99f39bb4c77f226e52689f26f370d652558754219b3702f1257
4685881799832c8a2dbf40b2e9db595e369f16020e7234b5aaf604244c5847f6
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49ee2cdd5b680bb2d61d658a50f6accd669d7bafc2974d958685e7c486ca7558
4a095c4b655aa774d4b1eb479908d0aa5ce3482b701c4b25af75050e0fe85ebb
4b015095108fcc45a008b16388ac47c2beb6a2d56b757fa86163471d19e33161
4da93c4c460686e5b52aebf600360f6aa476d4953fd1194010f1918ad6907308
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e243bb5239106bc8d70d2507d95f55e905e88f5bb3cf019bcc71e2b105730ae
4ec8994755e6258ff36e86dba18c1b326baff91ca961960815c5e5376c442445
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5164bd05af39d3bfd75b96ecd577ea9e30ffd45f4249765dced7de4363559e3f
54095ffea20002f940af2ce79f119e9941dd28e4be51f66812e06d0ee9ba4235
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5498eab9ddd9c6790d3e401556c0daaa159bcf36708cb89fee8184bf38e4b7aa
55e832f18db6a78a05a4952a6047b2fd8eba9fe90050ab6b3ac862f88f48f727
561cee3ce7c56f84f342daeef6d3be53a01f09375f48f915b006779a62852dc2
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
59545507a40fa184e27f685a5448e2094a921c354e35ba46ca778ea64ac88944
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5e8c2a07175788df50b2ce8963f1f28fb6d0f88d26438f10b9575e99f9f4c020
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
65fde5fc0a0151d33bea0bfc69398048f6037da276705d396761015b31ccba84
66034fa72dc9b2c8f165fe3a62e998fa2d2d8bb7ea420b2d2f6a75f676d3573e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
665de0a395fad95f633e4ce2b6340c1b1d5ef0384ace44bd97f3d0f2e489f265
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6a6eff7272461a487603a4b3dec6e9a690a86f10f520312f2d51ab12cf15aaa8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c5334b0af6f781d81198801f4f3e64484efef498bf4ababcb6ba38d5d1e7dc4
6c9cac9b30dca2e7eeb9e9690b1bf8fb56416ac5e03f7a85f47d99c4a31df50c
6ce3e020c5780b72d4a2aedd976cb668228ce2bb789c46dd46b19034f5504138
6d4e4309703bda0d8fb2d41a1f6a089996189a024f0f219f5f32086d52054b7d
6dbaf9de57d7a7e03f1ff9e5b124ec507f685a8d8f6a95adb6bea365d4820b4b
6f75979e904437304463f1515cba4cfd887f21239fc5a985a84c45a33378cb00
70856655dc5694a825c6bc9126f48e52fa3d0e3270604e64fc122076f9739451
71de7869bf749d2801e84c0b1c257a69558009c9799dfd5ad64875e754a2448e
720ec95d60006f7535e2c3307783d368e5eb8147c971bf818cfd2c431b41e65c
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72d43d4ff0adb982ce42d41ef08e5f88c1854e4c8ea6455771ace93761a067c4
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
751ec398a27a8bb89b445b6e65b3b3e14b51495f589cc19bafbf82379e2cbc2c
7638f024ec90f0dc877a4a0507d29c29392214ea97d6438cd07ac3949783883b
7960562d72b862a7531a70da1b1c0532451969084d429277c148c4ec4e8a46b8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79dc23697a4e2dbe616963984e4b344afbaa0ce0461fce7ddce32cd38595a138
7c000e1bbe3d84a70b062afb26a85fee789771b492d23c40c7be77a8cdaf84cf
7c686f822d5dd41c8b26d0e637926eec6fa9dad55311250292f8164fdaff5d14
7d736959634720b88a1f3eeaaef3f6f64c82913e39b96ce45eb408a1a37c3be8
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7eff15bd438824a844232923429d12d6f712bcd3b96b187b81f4cc322049f753
7f677da7121af31d9967b282fe0b1a91b0b04158e376860bc0b78250af30efff
80d4bca766a8cec794630a9e75f8ee062e66987ba14284bb62c471ec22631c14
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87036c4e44dedfc1a3a30509c2e1d6be331eb51662462f6074239ef058ff1e74
88bf9334870a3a1908656ac6a75ef2271764490378380b71b8955099b6dedee0
8acf26e5da31fbcf97b58ad60baa4121ab276efd4ab78661e842fee1ff975071
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8bb7282c105b0dabca2636d427a220ea825ae3c8e13fd0786a8b6c4c077233db
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
9085ca362d6d0358ed186ba3c7832868b039c9e613c5a00abf923b5adad3cda0
91533cb1c0d893f8c5f54b70cbc7f5c0520b6fdc8d609d4d2ac738001a125723
91937d656c2490512dc253c12ca1119bb6612654aff5cdf93d857db973fbc0bd
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
939ae035abd4e9e5db5cda5b64f9e291f0ca10127e9aacb48e1122606254d195
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd
9850a0068005146edb3fb7acdf76b5e82649ea45ed0713bc080694882f2a40bf
98ffd2e9ead379b7984557941a347bcf03792ac13a60782f1df3fbafa2b8cfe6
9955ff5b4d6f476d52f790fc49c6fcdbe661b9d3b10497fad0647f1805041840
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bde834c9180505956402b7376a27f66509c5d4ec1fcc5f4376b7de5b2b028ac
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
9c232bf6a9ee129f2099fd572ecf9cc3be37b7c7f6d5c80165b9a20136a102d0
9d07f01e075074db0154aae1cd5fc2f2f3ffe87d787783f686444f5583503437
9f758ba27f5e68c0c2af1d56b729721d0bdd8a6235637c567043ab22e1eb29ea
9f9adf40b90518185af5c536daeb039f575aef8f3bd5ef42c020c418ba799b9b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6a6399612823757ae9a8e33e50351cbe10ee16c77a7ac354ac6cc1de165f734
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a83bd82c6e018df5014a0573c2a17f064afbb23ca63e58c1d3aefbdd424f70b5
a8f0cdba9af9734e31aa748a0953c3fd806d5ea2aa37d9bfebe494cd7f707ae6
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad95230eda873640b7eeb6ca8e85b511c63d2c3c7cc21034b1c5c2d318eaacf7
add678ea9a5ba8c31bc6a606c8112c616e97fa26444f0465144b9a9998eec22a
b13ff92eca1c43f596132ca152d3d9b0ff6bb631645113fde351cdd5dda3a5b1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b55bb81e3860986b9367a08c2d606ccce55724e6b3e72b983047da6d107f9758
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b6f4e220da1d394544fa342b883483af7f0294f92a7c988f6606ae78775d6aba
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bba62a931133ee78e59f545e2450c73f1480d0a00396b7597cc7443a2e36b9be
bc91070943a905f7972cf01972b38c24d80edf9c789eeaeb348fb6ee1a9e0da0
bd1be72db23824111452a98d1cd7739a864364e5013c0bc1e47b5607400e754e
bd310ad190dca5a7d53118df8deb0727dd6eaa186a66d20b48a168a1cfde6d60
bd45626491501bb2353467354cafb6c8256e75252c036050282ee97fae6709f2
bde1c4561a86f292564d2646883781b4a07f08d1fd201c06a52f3ea9406a2f06
be4408a835c1dc3eaf8605f5ab3a367a5487535f7c834a438d06d47f8235773e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c518cbe4996d331e755dacf65728d3421e6358de619f7bf051295a22d0f8f936
c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e
c5b3cd976492748e41a6d1c56bba0c8a54062c38bd6f39681826624c36248389
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c86c955a6101722630c75ea47e648fa650359f8bb57238dd171e1de03a7e5717
c969809b097036109ea82e09b06f648b2505115b26b6da2782f47f366587d444
cab8a95ca8e2bf48b0f4e16f3b1298fbb408d416e575b6bb0b766a48d6ec7e45
caecb1bf35e6ff8a91bf2e2a4837660e00c399d0d8692466a371373e54b90f75
cb6c93ae56be1b80e9734a2e323c1f081735f4ae7ddc2f99b24ce7dba15b2364
cb6e74951b276f25770b35ae0e206139f1494d73cce9c72382731c50c7b8880f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf2495ac055ca7ea80df330c2c0ea6d62babff156be8ff1645fcc2e2fa310c63
d060c7c53268283f14c087926ea5b2b028f1bd7ed94c0c8fcec2c82fb8bd6093
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af
d349192a05badf9209a0502404030308b07c0a4fe2d3f2112c38c9b1b4ca9a72
d4a629c0feed21954dc06ea0116241bc40b7148d3cfc8ea9e6840b087773a132
d511d4dafdc47fb28b09a8a4ca8a86f589e96ee3cdb2f652bc1863085171765f
d98d7bdfe0f9ac78ec9ab3274b04e5663ef132767c4014ca899c820634b3f204
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbe1bae9ac7d036a9652e5b014e300eb127e176460b1a9c5ac2db778e899b97a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5770433850b488f7681d9ac150e5f8c67a85a935fca0c27e8c8a2415a1b4e5d
e6842f7c77bbbd05627f35fe95c4dbcad96618ff9fab1ef979045542ab0c3b18
e7384a26be1c444d8641d981891ae7b14d5cc663b218b1c57244b19ec74a807b
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e803b9b7061f834b932969816a610e763bc20914987fc7b44552f254dad8655e
e908de5ea6356614578c58a12dae5974c8952f5a528ed9264aab39233691b5eb
e9cba3c034092986a22fbf5602c1dcb9f4019334c95296c90d9cfb4134001a76
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
eb39886354c41adda1fa662de966a115856e86f4db9517f664b5210eb260cf33
ec80cb1e2bb63b09a70521d1fcfe8bff5c899a04ce6338d4b551387c268893d9
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ed037ff03e348aaff4d26d1bd2e7f1d9dc5782c97d278dc806acd8a34b1995b3
ed437a1fb95ad79f6df72602854eb2a02104d41adf8eedcc65a701d995c1bdbb
eeda51c9c143717927f38b676240b491201f8833a985eec48a5e8b1b532c2f29
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3be8704cbf6323800a010a481cb92135d73f0d2d0127c654d480f617bc5843
f509f832e10ff7e4224b8b07ed86a49d5a696e226f35d08d14c2106355f4900e
fa48f7a91f25c7a1888f23288d2d8eec1b8c8e3bb92333b8a10b565b207c2375
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
ff0cc54ef9cd6fa7e18784c59f253eb1f18a09078ac81d04d71c650fa43f1f08