urlscan.io logo urlscan.io
SecurityTrails logo

dailyvoice.com Open in urlscan Pro
34.196.251.150  Public Scan

Go To Rescan Add Verdict Report
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirad...
Submission: On January 24 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 176 IPs in 15 countries across 147 domains to perform 972 HTTP transactions. The main IP is 34.196.251.150, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is dailyvoice.com. The Cisco Umbrella rank of the primary domain is 96983.
TLS certificate: Issued by Amazon on December 28th 2021. Valid for: a year.
This is the only time dailyvoice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 34.196.251.150 14618 (AMAZON-AES)
23 2a04:4e42::393 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:21b... 16509 (AMAZON-02)
9 2600:9000:231... 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 4 99.86.3.116 16509 (AMAZON-02)
5 7 2620:116:800d... 16509 (AMAZON-02)
1 4 2600:9000:231... 16509 (AMAZON-02)
1 99.86.3.74 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.102.29.148 20940 (AKAMAI-ASN1)
1 184.30.24.121 16625 (AKAMAI-AS)
3 35.201.71.192 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 143.204.215.113 16509 (AMAZON-02)
34 142.250.185.130 15169 (GOOGLE)
3 3 2600:1f18:730... 14618 (AMAZON-AES)
3 52.5.181.6 14618 (AMAZON-AES)
1 65.9.61.80 16509 (AMAZON-02)
1 2600:9000:231... 16509 (AMAZON-02)
1 14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.102.30.13 20940 (AKAMAI-ASN1)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
6 2602:803:c004... 26667 (RUBICONPR...)
14 18.184.249.62 16509 (AMAZON-02)
3 23.37.38.181 16625 (AKAMAI-AS)
27 72.251.249.14 29791 (VOXEL-DOT...)
38 52.16.214.41 16509 (AMAZON-02)
1 34.107.148.139 15169 (GOOGLE)
1 2.18.232.7 16625 (AKAMAI-AS)
2 52.28.92.225 16509 (AMAZON-02)
1 52.86.121.102 14618 (AMAZON-AES)
9 3.217.216.1 14618 (AMAZON-AES)
1 99.86.3.91 16509 (AMAZON-02)
1 143.204.215.108 16509 (AMAZON-02)
2 108.157.4.109 16509 (AMAZON-02)
2 99.86.3.83 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 6 2a03:2880:f12... 32934 (FACEBOOK)
2 35.227.238.208 15169 (GOOGLE)
1 35.241.45.217 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
8 44 92.122.254.129 16625 (AKAMAI-AS)
5 108.156.255.177 16509 (AMAZON-02)
1 25 63.250.56.23 41436 (CLOUDWEBM...)
1 65.9.62.183 16509 (AMAZON-02)
16 2a00:1450:400... 15169 (GOOGLE)
6 151.101.130.133 54113 (FASTLY)
2 35.158.0.26 16509 (AMAZON-02)
1 104.111.219.144 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
48 2a00:1450:400... 15169 (GOOGLE)
1 54.36.109.46 16276 (OVH)
2 6 35.171.60.144 14618 (AMAZON-AES)
2 151.101.2.133 54113 (FASTLY)
9 104.102.28.254 20940 (AKAMAI-ASN1)
2 2 185.94.180.125 35220 (SPOTX-AMS)
5 11 34.98.64.218 15169 (GOOGLE)
1 2a0c:5c81:513... 55081 (24SHELLS)
11 63.250.60.65 204548 (CLOUDWEBM...)
29 30 3.125.210.171 16509 (AMAZON-02)
1 1 23.88.75.187 24940 (HETZNER-AS)
2 2 76.223.111.18 16509 (AMAZON-02)
1 18.66.248.43 16509 (AMAZON-02)
6 12 8.39.36.141 26667 (RUBICONPR...)
6 8 185.33.221.11 29990 (ASN-APPNEX)
1 142.250.185.166 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 18.156.195.47 16509 (AMAZON-02)
1 18.195.244.174 16509 (AMAZON-02)
58 2a00:1450:400... 15169 (GOOGLE)
1 130.211.23.194 15169 (GOOGLE)
8 11 185.33.221.13 29990 (ASN-APPNEX)
7 3.210.209.200 14618 (AMAZON-AES)
5 8 198.47.127.19 3257 (GTT-BACKB...)
9 15 185.29.134.248 30419 (MEDIAMATH...)
12 16 35.71.131.137 16509 (AMAZON-02)
2 2600:1f18:444... 14618 (AMAZON-AES)
3 4 52.17.105.123 16509 (AMAZON-02)
7 9 104.111.215.191 16625 (AKAMAI-AS)
7 7 193.0.160.128 54312 (ROCKETFUEL)
2 2a04:4e42:600... 54113 (FASTLY)
4 3.133.252.109 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 2620:1ec:46::45 8068 (MICROSOFT...)
1 2 46.249.52.248 50673 (SERVERIUS-AS)
1 8 37.157.2.236 198622 (ADFORM)
2 89.187.169.47 60068 (CDN77 ^_^)
5 5 185.184.8.65 204995 (RTB-HOUSE...)
8 62.149.0.72 15497 (COLOCALL ...)
3 2600:9000:226... 16509 (AMAZON-02)
2 2 18.233.233.139 14618 (AMAZON-AES)
18 49 142.250.185.98 15169 (GOOGLE)
11 52.49.5.47 16509 (AMAZON-02)
1 4 35.244.174.68 15169 (GOOGLE)
3 3.125.70.222 16509 (AMAZON-02)
1 69.169.86.38 29838 (AMC)
1 1 2600:1901:0:8... 15169 (GOOGLE)
1 1 66.155.71.25 13768 (COGECO-PEER1)
3 5.178.65.246 50673 (SERVERIUS-AS)
4 35.186.253.211 15169 (GOOGLE)
2 5 54.236.81.149 14618 (AMAZON-AES)
2 5.178.65.253 50673 (SERVERIUS-AS)
1 3 162.55.236.224 24940 (HETZNER-AS)
6 6 23.37.42.132 16625 (AKAMAI-AS)
18 104.92.74.8 16625 (AKAMAI-AS)
1 205.234.175.175 30081 (CACHENETW...)
5 51.89.9.253 16276 (OVH)
1 17 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13 35.157.38.3 16509 (AMAZON-02)
5 12 188.132.147.236 42910 (PREMIERDC...)
3 185.29.132.246 30419 (MEDIAMATH...)
1 2602:803:c004... 26667 (RUBICONPR...)
3 56 34.248.122.81 16509 (AMAZON-02)
8 67.202.105.23 32748 (STEADFAST)
9 185.86.139.103 201081 (SMARTADSE...)
4 6 72.251.249.13 29791 (VOXEL-DOT...)
24 26 213.19.147.45 26120 (RHYTHMONE)
4 178.162.133.149 60781 (LEASEWEB-...)
4 4 147.75.38.124 54825 (PACKET)
6 9 18.156.0.31 16509 (AMAZON-02)
6 65.9.61.117 16509 (AMAZON-02)
4 5 35.227.248.159 15169 (GOOGLE)
2 5 37.157.6.246 198622 (ADFORM)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 34.254.143.3 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.108 24961 (MYLOC-AS ...)
2 5 52.30.140.199 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 18.135.35.213 16509 (AMAZON-02)
2 34.98.67.61 15169 (GOOGLE)
6 9 151.101.2.49 54113 (FASTLY)
1 2 104.76.200.210 16625 (AKAMAI-AS)
1 2 52.94.222.140 16509 (AMAZON-02)
1 1 63.33.178.28 16509 (AMAZON-02)
1 144.76.104.53 24940 (HETZNER-AS)
6 104.111.233.227 16625 (AKAMAI-AS)
1 72.251.249.9 29791 (VOXEL-DOT...)
5 10 209.54.176.128 16509 (AMAZON-02)
4 4 51.178.20.139 16276 (OVH)
1 1 35.186.193.173 15169 (GOOGLE)
3 72.251.241.204 29791 (VOXEL-DOT...)
2 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
2 5 52.31.13.93 16509 (AMAZON-02)
1 1 34.194.30.250 14618 (AMAZON-AES)
1 35.167.45.107 16509 (AMAZON-02)
1 4 138.201.63.149 24940 (HETZNER-AS)
1 1 34.243.100.214 16509 (AMAZON-02)
1 13.227.219.97 16509 (AMAZON-02)
1 18.66.248.90 16509 (AMAZON-02)
2 2 52.214.119.250 16509 (AMAZON-02)
2 2 18.184.176.155 16509 (AMAZON-02)
9 10 64.202.112.63 23352 (SERVERCEN...)
11 11 70.42.32.191 22075 (AS-OUTBRAIN)
4 4 54.87.192.123 14618 (AMAZON-AES)
3 5 2a05:d018:d29... 16509 (AMAZON-02)
3 3 54.210.154.62 14618 (AMAZON-AES)
5 193.122.130.38 31898 (ORACLE-BM...)
5 169.197.150.7 398989 (DEEPINTENT)
5 5 54.76.172.32 16509 (AMAZON-02)
1 1 18.66.248.77 16509 (AMAZON-02)
4 4 198.148.27.139 19189 (PULSEPOINT)
5 5 3.120.83.159 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
2 2 96.46.183.20 7979 (SERVERS-COM)
4 16 185.86.138.114 201081 (SMARTADSE...)
1 1 162.254.186.187 33695 (SCALEMATRIX)
1 1 47.252.78.131 45102 (CNNIC-ALI...)
5 18.195.155.181 16509 (AMAZON-02)
5 5 124.146.215.50 2514 (INFOSPHER...)
1 51.158.29.12 12876 (Online SAS)
1 3.95.140.237 14618 (AMAZON-AES)
1 34.120.133.55 15169 (GOOGLE)
1 104.89.30.126 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 62.209.227.211 13036 (TMOBILE-)
10 2a00:1450:400... 15169 (GOOGLE)
2 3 66.155.71.149 13768 (COGECO-PEER1)
14 37.157.2.247 198622 (ADFORM)
2 37.157.2.239 198622 (ADFORM)
2 185.94.180.124 35220 (SPOTX-AMS)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 18.193.173.189 16509 (AMAZON-02)
2 185.86.139.96 201081 (SMARTADSE...)
2 2.18.234.233 16625 (AKAMAI-AS)
2 2 178.250.2.151 44788 (ASN-CRITE...)
1 1 18.210.218.247 14618 (AMAZON-AES)
1 1 18.234.22.74 14618 (AMAZON-AES)
4 6 104.111.242.53 16625 (AKAMAI-AS)
1 2 54.174.249.39 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
2 2 79.137.68.187 16276 (OVH)
4 142.250.184.226 15169 (GOOGLE)
3 3 18.196.172.172 16509 (AMAZON-02)
1 1 52.16.162.42 16509 (AMAZON-02)
1 1 185.33.220.219 29990 (ASN-APPNEX)
2 2 3.126.16.11 16509 (AMAZON-02)
2 2 72.251.244.140 29791 (VOXEL-DOT...)
3 52.215.102.174 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 87.98.228.78 16276 (OVH)
2 75.2.13.80 ()
1 1 51.75.146.160 ()
972 176
2    34.196.251.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-251-150.compute-1.amazonaws.com
dailyvoice.com
23    2a04:4e42::393 (United States)

ASN54113 (FASTLY, US)
daily-voice-res.cloudinary.com
res.cloudinary.com
4    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
5    2606:4700:20::681a:8b (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
1    2600:9000:21b3:1c00:3:f9b0:4040:93a1 (United States)

ASN16509 (AMAZON-02, US)
ccpa-wrapper.privacymanager.io
9    2600:9000:2315:d600:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
2    2600:9000:2057:7800:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    99.86.3.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-116.fra6.r.cloudfront.net
sb.scorecardresearch.com
7    2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
4    2600:9000:2315:2200:e:ec66:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.keywee.co
1    99.86.3.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-74.fra6.r.cloudfront.net
ats.rlcdn.com
12    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2600:9000:2057:1400:9:dc53:cc00:93a1 (United States)

ASN16509 (AMAZON-02, US)
ccpa.privacymanager.io
1    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    104.102.29.148 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-148.deploy.static.akamaitechnologies.com
s.ntv.io
1    184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com
s7.addthis.com
3    35.201.71.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.71.201.35.bc.googleusercontent.com
d.pub.network
c.pub.network
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    143.204.215.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-113.fra53.r.cloudfront.net
geo.privacymanager.io
34    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
3    2600:1f18:730:b120:5b38:df27:617f:9396 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
3    52.5.181.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-181-6.compute-1.amazonaws.com
rp4.liadm.com
1    65.9.61.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-80.fra56.r.cloudfront.net
get.s-onetag.com
1    2600:9000:2315:e000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
14    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    104.102.30.13 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-30-13.deploy.static.akamaitechnologies.com
z.moatads.com
1    2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
6    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
14    18.184.249.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
27    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
vap1ams1.lijit.com
38    52.16.214.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
2    52.28.92.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-92-225.eu-central-1.compute.amazonaws.com
pre.ads.justpremium.com
1    52.86.121.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-121-102.compute-1.amazonaws.com
pixel.keywee.co
9    3.217.216.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-216-1.compute-1.amazonaws.com
jadserve.postrelease.com
1    99.86.3.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-91.fra6.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.215.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-108.fra53.r.cloudfront.net
signal-beacon.s-onetag.com
2    108.157.4.109 (United States)

ASN16509 (AMAZON-02, US)
prebid.s-onetag.com
2    99.86.3.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-83.fra6.r.cloudfront.net
dau-prod.launch.liveramp.com
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.se
adservice.google.de
10    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
54ca66065a33f4bdf10b105b1e102c44.safeframe.googlesyndication.com
f48e19840c19f686d03efee28777f675.safeframe.googlesyndication.com
e5b1ca0460fdc8de5eaacafc33edcf4c.safeframe.googlesyndication.com
6    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    35.227.238.208 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 208.238.227.35.bc.googleusercontent.com
api.floors.dev
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
1    2606:4700:3039::6815:c076 (United States)

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
44    92.122.254.129 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-254-129.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
5    108.156.255.177 (United States)

ASN16509 (AMAZON-02, US)
c.amazon-adsystem.com
25    63.250.56.23 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.primis.tech
1    65.9.62.183 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-62-183.fra56.r.cloudfront.net
dggaenaawxe8z.cloudfront.net
16    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.se
googleads.g.doubleclick.net
adservice.google.de
6    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
2    35.158.0.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-0-26.eu-central-1.compute.amazonaws.com
uat5-a.investingchannel.com
1    104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
4    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
48    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    54.36.109.46 (France)

ASN16276 (OVH, FR)
PTR: p01.id5-sync.com
id5-sync.com
6    35.171.60.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-60-144.compute-1.amazonaws.com
i.liadm.com
2    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
consumer.krxd.net
9    104.102.28.254 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-28-254.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
11    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
primis-d.openx.net
1    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
11    63.250.60.65 (Frankfurt am Main, Germany)

ASN204548 (CLOUDWEBMANAGE-IL-FR, US)
video.primis.tech
30    3.125.210.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-210-171.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    23.88.75.187 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.75.88.23.clients.your-server.de
csync.loopme.me
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    18.66.248.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-43.dus51.r.cloudfront.net
sync.intentiq.com
12    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
8    185.33.221.11 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net
ad.doubleclick.net
1    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    18.195.244.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-244-174.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
58    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
11    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
7    3.210.209.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-209-200.compute-1.amazonaws.com
gw.geoedge.be
8    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
15    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
16    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    2600:1f18:444a:4602:2c20:3113:5c28:1366 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
4    52.17.105.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-105-123.eu-west-1.compute.amazonaws.com
dpm.demdex.net
9    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
stags.bluekai.com
tags.bluekai.com
e.dlx.addthis.com
7    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
4    3.133.252.109 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-133-252-109.us-east-2.compute.amazonaws.com
pba.aws.lijit.com
4    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
2    46.249.52.248 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
8    37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
adx.adform.net
2    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
cdn.admatic.com.tr
5    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
8    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.console.adtarget.com.tr
3    2600:9000:2260:f200:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
2    18.233.233.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-233-139.compute-1.amazonaws.com
usermatch.krxd.net
49    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
11    52.49.5.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
beacon.krxd.net
4    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
3    3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    69.169.86.38 (Cranford, United States)

ASN29838 (AMC, US)
global.ib-ibi.com
1    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
3    5.178.65.246 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
5    54.236.81.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-81-149.compute-1.amazonaws.com
a.audrte.com
2    5.178.65.253 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
3    162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de
sync.richaudience.com
6    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
18    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
5    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
17    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
13    35.157.38.3 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
ih.adscale.de
12    188.132.147.236 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-236-147-132-188.sadecehosting.net
ads3.admatic.com.tr
ads4.admatic.com.tr
3    185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
1    2602:803:c004:200::152 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
beacon-fra2.rubiconproject.com
56    34.248.122.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
8    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
pixel.33across.com
ssc-cms.33across.com
9    185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
6    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
26    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
4    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
9    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    65.9.61.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-117.fra56.r.cloudfront.net
tagan.adlightning.com
5    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
5    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    2600:1f18:6593:f607:11a7:cf56:2b1f:dc6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b002:aede:f4e4:326c:edc4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
1    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Milan, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    89.163.159.108 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
5    52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    18.135.35.213 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-35-213.eu-west-2.compute.amazonaws.com
aa.agkn.com
2    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
9    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    104.76.200.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-210.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    63.33.178.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-178-28.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
1    144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de
hal9000.redintelligence.net
6    104.111.233.227 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-227.deploy.static.akamaitechnologies.com
pxdrop.lijit.com
1    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
gslbeacon.lijit.com
10    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu
gu.dyntrk.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
3    72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
5    52.31.13.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    34.194.30.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-30-250.compute-1.amazonaws.com
sync.extend.tv
1    35.167.45.107 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-45-107.us-west-2.compute.amazonaws.com
dmp.brand-display.com
4    138.201.63.149 (Neulussheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de
hal90009.redintelligence.net
1    34.243.100.214 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-100-214.eu-west-1.compute.amazonaws.com
d.adroll.com
1    13.227.219.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-97.ams54.r.cloudfront.net
check.analytics.rlcdn.com
1    18.66.248.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-90.dus51.r.cloudfront.net
tags.crwdcntrl.net
2    52.214.119.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-119-250.eu-west-1.compute.amazonaws.com
r.scoota.co
2    18.184.176.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-176-155.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
10    64.202.112.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
11    70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
4    54.87.192.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-192-123.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    2a05:d018:d29:3605:6948:8012:aae3:d8b9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    54.210.154.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-154-62.compute-1.amazonaws.com
sync.ipredictive.com
5    193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
5    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
5    54.76.172.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-172-32.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    18.66.248.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-77.dus51.r.cloudfront.net
cm.smadex.com
4    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
5    3.120.83.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-83-159.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
2    2600:9000:2057:ce00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
16    185.86.138.114 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    162.254.186.187 (Temecula, United States)

ASN33695 (SCALEMATRIX, US)
PTR: www.abcbymebath.com
demand.trafficroots.com
1    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
5    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
5    124.146.215.50 (Shibuya, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    51.158.29.12 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-29-12.rev.poneytelecom.eu
js.cookieless-data.com
1    3.95.140.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-140-237.compute-1.amazonaws.com
idx.liadm.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    104.89.30.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-30-126.deploy.static.akamaitechnologies.com
contextual.media.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    62.209.227.211 (Prague, Czech Republic)

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid2.ibillboard.com
bbnaut.ibillboard.com
10    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
14    37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
2    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    18.193.173.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-173-189.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
2    185.86.139.96 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    18.210.218.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-218-247.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    18.234.22.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-22-74.compute-1.amazonaws.com
nep.advangelists.com
6    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
2    54.174.249.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-249-39.compute-1.amazonaws.com
um2.eqads.com
3    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
18    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
2    79.137.68.187 (France)

ASN16276 (OVH, FR)
PTR: gcm9.host.hit.gemius.pl
googlecm.hit.gemius.pl
4    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads4.g.doubleclick.net
3    18.196.172.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-172-172.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    52.16.162.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-162-42.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
1    185.33.220.219 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 884.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
adscale-emea.adnxs.com
2    3.126.16.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-16-11.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    72.251.244.140 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-01.ams2.m6r.eu
tracking.m6r.eu
3    52.215.102.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
1    87.98.228.78 (Spain)

ASN16276 (OVH, FR)
PTR: ip78.ip-87-98-228.eu
green.erne.co
2    75.2.13.80 (None, )

ASN- ()
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
1    51.75.146.160 (None, )

ASN- ()
ws.rqtrk.eu
Apex Domain
Subdomains		 Transfer
112 googlesyndication.com
0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
54ca66065a33f4bdf10b105b1e102c44.safeframe.googlesyndication.com
f48e19840c19f686d03efee28777f675.safeframe.googlesyndication.com
e5b1ca0460fdc8de5eaacafc33edcf4c.safeframe.googlesyndication.com
1 MB
98 doubleclick.net
static.doubleclick.net — Cisco Umbrella Rank: 356
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
ad.doubleclick.net — Cisco Umbrella Rank: 195
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
763 KB
56 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1545
rtb.gumgum.com — Cisco Umbrella Rank: 1288
17 KB
46 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 467
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095
eus.rubiconproject.com — Cisco Umbrella Rank: 541
beacon-fra2.rubiconproject.com — Cisco Umbrella Rank: 12775
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2741
token.rubiconproject.com — Cisco Umbrella Rank: 689
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1121
112 KB
44 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
pba.aws.lijit.com — Cisco Umbrella Rank: 16535
ce.lijit.com — Cisco Umbrella Rank: 816
pxdrop.lijit.com — Cisco Umbrella Rank: 3088
vap1ams1.lijit.com — Cisco Umbrella Rank: 70866
gslbeacon.lijit.com — Cisco Umbrella Rank: 10450
86 KB
42 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1823
public.servenobid.com — Cisco Umbrella Rank: 3540
40 KB
42 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 461
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
ssum.casalemedia.com — Cisco Umbrella Rank: 1337
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
dsum.casalemedia.com — Cisco Umbrella Rank: 1272
56 KB
36 primis.tech
live.primis.tech — Cisco Umbrella Rank: 3190
video.primis.tech — Cisco Umbrella Rank: 6710
3 MB
30 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
13 KB
29 adform.net
cm.adform.net — Cisco Umbrella Rank: 1786
dmp.adform.net — Cisco Umbrella Rank: 2434
c1.adform.net — Cisco Umbrella Rank: 608
track.adform.net — Cisco Umbrella Rank: 3933
s1.adform.net — Cisco Umbrella Rank: 7975
adx.adform.net — Cisco Umbrella Rank: 4833
225 KB
27 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1372
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 578
prg.smartadserver.com — Cisco Umbrella Rank: 1505
13 KB
24 google.com
www.google.com — Cisco Umbrella Rank: 13
adservice.google.com — Cisco Umbrella Rank: 80
5 KB
23 cloudinary.com
daily-voice-res.cloudinary.com — Cisco Umbrella Rank: 134952
res.cloudinary.com — Cisco Umbrella Rank: 2517
361 KB
21 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 1256
consumer.krxd.net — Cisco Umbrella Rank: 1549
usermatch.krxd.net — Cisco Umbrella Rank: 1214
beacon.krxd.net — Cisco Umbrella Rank: 408
180 KB
20 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
tags.mathtag.com — Cisco Umbrella Rank: 3608
pixel.mathtag.com — Cisco Umbrella Rank: 1240
12 KB
20 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 404
ib.adnxs.com — Cisco Umbrella Rank: 241
adscale-emea.adnxs.com — Cisco Umbrella Rank: 19094
15 KB
19 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 473
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459 Failed
image6.pubmatic.com — Cisco Umbrella Rank: 595
50 KB
18 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
571 KB
18 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 528
10 KB
18 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 4714
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1023
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
ads.yahoo.com — Cisco Umbrella Rank: 913
8 KB
17 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1427
mwzeom.zeotap.com — Cisco Umbrella Rank: 1680
5 KB
17 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 281
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1565
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
88 KB
17 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3664
rp.liadm.com — Cisco Umbrella Rank: 2775
rp4.liadm.com — Cisco Umbrella Rank: 10903
i.liadm.com — Cisco Umbrella Rank: 512
i6.liadm.com — Cisco Umbrella Rank: 1514
idx.liadm.com — Cisco Umbrella Rank: 6022
23 KB
16 adscale.de
js.adscale.de — Cisco Umbrella Rank: 7427
ih.adscale.de — Cisco Umbrella Rank: 3772
17 KB
16 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
7 KB
16 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 1604
gw.geoedge.be — Cisco Umbrella Rank: 1764
1 MB
15 openx.net
u.openx.net — Cisco Umbrella Rank: 710
rtb.openx.net — Cisco Umbrella Rank: 1548
us-u.openx.net — Cisco Umbrella Rank: 359
primis-d.openx.net — Cisco Umbrella Rank: 12817
2 KB
14 admatic.com.tr
cdn.admatic.com.tr — Cisco Umbrella Rank: 9839
ads3.admatic.com.tr — Cisco Umbrella Rank: 10680
ads4.admatic.com.tr — Cisco Umbrella Rank: 20051
22 KB
14 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1349
2 KB
12 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
436 KB
12 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 380
fonts.googleapis.com — Cisco Umbrella Rank: 47
ajax.googleapis.com — Cisco Umbrella Rank: 293
imasdk.googleapis.com — Cisco Umbrella Rank: 418
722 KB
11 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 588
6 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 324
204 KB
10 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 758
4 KB
10 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
pixel.everesttech.net — Cisco Umbrella Rank: 3397
2 KB
9 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 673
tags.crwdcntrl.net — Cisco Umbrella Rank: 2221
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
16 KB
9 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 6241
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 6623
4 KB
9 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1117
5 KB
8 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
4 KB
8 33across.com
pixel.33across.com — Cisco Umbrella Rank: 2343
ssc-cms.33across.com — Cisco Umbrella Rank: 877
8 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 3752
u-ams02.e-planning.net — Cisco Umbrella Rank: 59486
s.e-planning.net — Cisco Umbrella Rank: 6371
i.e-planning.net — Cisco Umbrella Rank: 6375
4 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
55 KB
8 pub.network
a.pub.network — Cisco Umbrella Rank: 6431
d.pub.network — Cisco Umbrella Rank: 6732
c.pub.network — Cisco Umbrella Rank: 6626
343 KB
7 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 702
5 KB
7 google.de
www.google.de — Cisco Umbrella Rank: 5557
adservice.google.de — Cisco Umbrella Rank: 8028
2 KB
7 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3723
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4374
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 4566
prebid.s-onetag.com — Cisco Umbrella Rank: 19073
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
140 KB
7 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1554
idsync.rlcdn.com — Cisco Umbrella Rank: 316
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4187
api.rlcdn.com — Cisco Umbrella Rank: 812
id.rlcdn.com — Cisco Umbrella Rank: 738
39 KB
7 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1019
pixel.quantserve.com — Cisco Umbrella Rank: 424
cms.quantserve.com — Cisco Umbrella Rank: 1255
12 KB
6 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 990
2 KB
6 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1362
128 KB
6 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 510
tags.bluekai.com — Cisco Umbrella Rank: 466
4 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
522 B
5 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1948
3 KB
5 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 908
5 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3972
3 KB
5 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
1 KB
5 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 921
131 B
5 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1292
1 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 524
2 KB
5 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 32669
hal90009.redintelligence.net — Cisco Umbrella Rank: 280690
8 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 419
2 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
4 KB
5 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3719
5 KB
5 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 698
1 KB
5 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 636
4 KB
5 keywee.co
cdn.keywee.co — Cisco Umbrella Rank: 9556
pixel.keywee.co — Cisco Umbrella Rank: 8355
35 KB
5 privacymanager.io
ccpa-wrapper.privacymanager.io — Cisco Umbrella Rank: 56748
ccpa.privacymanager.io — Cisco Umbrella Rank: 62381
geo.privacymanager.io — Cisco Umbrella Rank: 1747
45 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 577
2 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 973
2 KB
4 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1261
2 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1204
1010 B
4 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1044
2 KB
4 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3536
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
1 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 440
36 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
3 KB
4 advertising.com
ads.adaptv.advertising.com — Cisco Umbrella Rank: 1127
pixel.advertising.com — Cisco Umbrella Rank: 327
1 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 483
search.spotxchange.com — Cisco Umbrella Rank: 405
4 KB
4 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1501
x.dlx.addthis.com — Cisco Umbrella Rank: 1265
e.dlx.addthis.com — Cisco Umbrella Rank: 1902
116 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 138
3 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
355 B
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1187
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
d.turn.com — Cisco Umbrella Rank: 880
1 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1634
1 KB
3 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2070
744 B
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 916
2 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1286
sync.teads.tv — Cisco Umbrella Rank: 868
591 B
3 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2218
casale-match.dotomi.com — Cisco Umbrella Rank: 2733
1 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
201 KB
2 m6r.eu
tracking.m6r.eu — Cisco Umbrella Rank: 12770
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 876
1 KB
2 gemius.pl
googlecm.hit.gemius.pl — Cisco Umbrella Rank: 8640
551 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3893
563 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 691
991 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 677
1 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1818
1 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 707
477 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2615
1 KB
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 35707
1 KB
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 890
430 B
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27256
673 B
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1197
792 B
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 570
283 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 389
1005 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1872
id5-sync.com — Cisco Umbrella Rank: 596
11 KB
2 investingchannel.com
uat5-a.investingchannel.com — Cisco Umbrella Rank: 8123
448 B
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1249
api.btloader.com — Cisco Umbrella Rank: 1475
30 KB
2 floors.dev
api.floors.dev — Cisco Umbrella Rank: 9535
1 KB
2 google.se
adservice.google.se — Cisco Umbrella Rank: 57807
914 B
2 liveramp.com
dau-prod.launch.liveramp.com — Cisco Umbrella Rank: 71668
468 B
2 justpremium.com
pre.ads.justpremium.com — Cisco Umbrella Rank: 5982
5 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1360
contextual.media.net — Cisco Umbrella Rank: 516
9 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
2 dailyvoice.com
dailyvoice.com — Cisco Umbrella Rank: 96983
69 KB
1 rqtrk.eu
ws.rqtrk.eu
515 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 11838
298 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2192
232 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1483
378 B
1 ibillboard.com
bbnaut.ibillboard.com — Cisco Umbrella Rank: 20532
550 B
1 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 5866
535 B
1 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 3454
268 B
1 trafficroots.com
demand.trafficroots.com — Cisco Umbrella Rank: 2297
633 B
1 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 3785
534 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1561
112 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1929
261 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1830
546 B
1 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 3147
444 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 193308
215 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 442
386 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 20022
335 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1751
596 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 143344
659 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7892
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 11738
411 B
1 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2638
358 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1497
72 B
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1513
937 B
1 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1542
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1175
243 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 2705
17 KB
1 cloudfront.net
dggaenaawxe8z.cloudfront.net
3 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 7736
537 B
1 pghub.io
pghub.io — Cisco Umbrella Rank: 1630
4 KB
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 361
1 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 898
353 B
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3423
113 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
37 KB
0 adotmob.com Failed
sync.adotmob.com Failed
972 147
Domain Requested by
58 pagead2.googlesyndication.com www.gstatic.com
rumcdn.geoedge.be
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
srcdoc
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
dailyvoice.com
52 rtb.gumgum.com 3 redirects g2.gumgum.com
pre.ads.justpremium.com
rtb.gumgum.com
49 cm.g.doubleclick.net 18 redirects spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
g2.gumgum.com
s.console.adtarget.com.tr
ssbsync.smartadserver.com
googleads.g.doubleclick.net
dailyvoice.com
bcp.crwdcntrl.net
48 tpc.googlesyndication.com 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
rumcdn.geoedge.be
dailyvoice.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
38 ads.servenobid.com daily-voice-res.cloudinary.com
public.servenobid.com
dailyvoice.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
31 securepubads.g.doubleclick.net rumcdn.geoedge.be
www.googletagservices.com
securepubads.g.doubleclick.net
dailyvoice.com
imasdk.googleapis.com
30 x.bidswitch.net 29 redirects dailyvoice.com
27 dsum-sec.casalemedia.com 5 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
googleads.g.doubleclick.net
um2.eqads.com
25 live.primis.tech 1 redirects rumcdn.geoedge.be
live.primis.tech
dailyvoice.com
21 ap.lijit.com daily-voice-res.cloudinary.com
prebid.s-onetag.com
rumcdn.geoedge.be
dailyvoice.com
20 daily-voice-res.cloudinary.com dailyvoice.com
daily-voice-res.cloudinary.com
18 s0.2mdn.net dailyvoice.com
s0.2mdn.net
imasdk.googleapis.com
18 sync.1rx.io 18 redirects
18 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
g2.gumgum.com
0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
daily-voice-res.cloudinary.com
rtb.gumgum.com
live.primis.tech
16 rtb-csync.smartadserver.com 4 redirects ssbsync.smartadserver.com
16 match.adsrvr.org 12 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
15 sync.mathtag.com 9 redirects rumcdn.geoedge.be
0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
sync.mathtag.com
14 s1.adform.net track.adform.net
s1.adform.net
dailyvoice.com
14 mwzeom.zeotap.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
14 btlr.sharethrough.com daily-voice-res.cloudinary.com
14 www.google.com 1 redirects dailyvoice.com
0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
googleads.g.doubleclick.net
rumcdn.geoedge.be
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
12 www.googletagservices.com dailyvoice.com
0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
rumcdn.geoedge.be
googleads.g.doubleclick.net
11 b1sync.zemanta.com 11 redirects
11 beacon.krxd.net dailyvoice.com
spl.zeotap.com
ads.us.e-planning.net
cdn.krxd.net
bcp.crwdcntrl.net
11 ib.adnxs.com 8 redirects prebid.s-onetag.com
spl.zeotap.com
googleads.g.doubleclick.net
11 googleads.g.doubleclick.net 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
rumcdn.geoedge.be
googleads.g.doubleclick.net
11 video.primis.tech live.primis.tech
dailyvoice.com
10 cdn.ampproject.org rumcdn.geoedge.be
10 sync.outbrain.com 9 redirects g2.gumgum.com
10 s.amazon-adsystem.com 5 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
ssbsync.smartadserver.com
10 adservice.google.com rumcdn.geoedge.be
imasdk.googleapis.com
9 sync-tm.everesttech.net 6 redirects ssum-sec.casalemedia.com
dailyvoice.com
9 ups.analytics.yahoo.com 6 redirects ssum-sec.casalemedia.com
dailyvoice.com
9 ssbsync.smartadserver.com rumcdn.geoedge.be
g2.gumgum.com
public.servenobid.com
9 pixel.rubiconproject.com 3 redirects dailyvoice.com
ads.us.e-planning.net
g2.gumgum.com
9 ads.pubmatic.com rumcdn.geoedge.be
s.console.adtarget.com.tr
ads.us.e-planning.net
g2.gumgum.com
live.primis.tech
9 jadserve.postrelease.com rumcdn.geoedge.be
dailyvoice.com
public.servenobid.com
9 rumcdn.geoedge.be dailyvoice.com
rumcdn.geoedge.be
8 sync.targeting.unrulymedia.com 6 redirects dailyvoice.com
g2.gumgum.com
8 sync.console.adtarget.com.tr s.console.adtarget.com.tr
js.adscale.de
ads.us.e-planning.net
8 image6.pubmatic.com 5 redirects ads.pubmatic.com
spl.zeotap.com
8 secure.adnxs.com 6 redirects ssum-sec.casalemedia.com
8 ssum-sec.casalemedia.com 2 redirects rumcdn.geoedge.be
public.servenobid.com
js-sec.indexww.com
7 us-u.openx.net 5 redirects googleads.g.doubleclick.net
7 ads3.admatic.com.tr cdn.admatic.com.tr
s.console.adtarget.com.tr
dailyvoice.com
7 p.rfihub.com 7 redirects
7 gw.geoedge.be rumcdn.geoedge.be
6 px.owneriq.net 4 redirects ssum-sec.casalemedia.com
6 adservice.google.de rumcdn.geoedge.be
6 vap1ams1.lijit.com dailyvoice.com
6 pxdrop.lijit.com rumcdn.geoedge.be
6 tagan.adlightning.com rumcdn.geoedge.be
6 ce.lijit.com 4 redirects dailyvoice.com
6 secure-assets.rubiconproject.com 6 redirects
6 i.liadm.com 2 redirects rumcdn.geoedge.be
i.liadm.com
6 www.gstatic.com 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
6 cdn.krxd.net dailyvoice.com
cdn.krxd.net
rumcdn.geoedge.be
6 www.facebook.com 1 redirects dailyvoice.com
6 fastlane.rubiconproject.com daily-voice-res.cloudinary.com
5 track.adform.net 1 redirects hal90009.redintelligence.net
s1.adform.net
5 tg.socdm.com 5 redirects
5 cs.emxdgt.com g2.gumgum.com
rtb.gumgum.com
5 ads.creative-serving.com 5 redirects
5 ad.360yield.com 5 redirects
5 match.deepintent.com g2.gumgum.com
rtb.gumgum.com
5 sync.technoratimedia.com g2.gumgum.com
rtb.gumgum.com
5 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
5 ads4.admatic.com.tr 5 redirects
5 match.prod.bidr.io 2 redirects ssum-sec.casalemedia.com
5 bcp.crwdcntrl.net 2 redirects ssum-sec.casalemedia.com
tags.crwdcntrl.net
5 pixel.tapad.com 4 redirects spl.zeotap.com
5 onetag-sys.com ads.us.e-planning.net
rumcdn.geoedge.be
public.servenobid.com
5 a.audrte.com 2 redirects ads.us.e-planning.net
a.audrte.com
s.console.adtarget.com.tr
5 stags.bluekai.com 5 redirects
5 creativecdn.com 5 redirects
5 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
live.primis.tech
5 js-sec.indexww.com a.pub.network
daily-voice-res.cloudinary.com
ssum-sec.casalemedia.com
live.primis.tech
5 a.pub.network dailyvoice.com
rumcdn.geoedge.be
4 googleads4.g.doubleclick.net dailyvoice.com
4 adx.adform.net live.primis.tech
4 ssc-cms.33across.com g2.gumgum.com
4 bh.contextweb.com 4 redirects
4 sync.srv.stackadapt.com 4 redirects
4 hal90009.redintelligence.net 1 redirects 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
rumcdn.geoedge.be
hal90009.redintelligence.net
4 gu.dyntrk.com 4 redirects
4 prebid.a-mo.net 4 redirects
4 sync.go.sonobi.com dailyvoice.com
rumcdn.geoedge.be
public.servenobid.com
4 pixel.33across.com rumcdn.geoedge.be
public.servenobid.com
4 g2.gumgum.com rumcdn.geoedge.be
public.servenobid.com
4 rtb.openx.net ads.us.e-planning.net
googleads.g.doubleclick.net
4 public.servenobid.com rumcdn.geoedge.be
daily-voice-res.cloudinary.com
4 cdn.jsdelivr.net rumcdn.geoedge.be
4 pba.aws.lijit.com prebid.s-onetag.com
4 dpm.demdex.net 3 redirects ssum-sec.casalemedia.com
4 fonts.googleapis.com 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
dailyvoice.com
rumcdn.geoedge.be
4 cdn.keywee.co 1 redirects dailyvoice.com
rumcdn.geoedge.be
cdn.keywee.co
4 sb.scorecardresearch.com 1 redirects dailyvoice.com
4 maps.googleapis.com dailyvoice.com
maps.googleapis.com
rumcdn.geoedge.be
3 sync.crwdcntrl.net bcp.crwdcntrl.net
3 pixel.advertising.com 3 redirects
3 cms.quantserve.com 3 redirects
3 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
3 pixel-sync.sitescout.com 2 redirects bcp.crwdcntrl.net
3 token.rubiconproject.com 3 redirects
3 partner.googleadservices.com rumcdn.geoedge.be
3 sync.ipredictive.com 3 redirects
3 c1.adform.net 1 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
3 cm.adgrx.com ssum-sec.casalemedia.com
3 tags.mathtag.com rumcdn.geoedge.be
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
3 ps.eyeota.net dailyvoice.com
s.console.adtarget.com.tr
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
rumcdn.geoedge.be
3 pixel.quantserve.com 2 redirects dailyvoice.com
3 htlb.casalemedia.com daily-voice-res.cloudinary.com
live.primis.tech
3 rp4.liadm.com dailyvoice.com
3 rp.liadm.com 3 redirects
3 geo.privacymanager.io ats.rlcdn.com
ccpa.privacymanager.io
3 res.cloudinary.com daily-voice-res.cloudinary.com
3 connect.facebook.net dailyvoice.com
connect.facebook.net
2 tracking.m6r.eu 2 redirects
2 pm.w55c.net 2 redirects
2 googlecm.hit.gemius.pl 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 dis.criteo.com 2 redirects
2 ads.stickyadstv.com live.primis.tech
dailyvoice.com
2 prg.smartadserver.com live.primis.tech
2 prebid-server.rubiconproject.com live.primis.tech
2 primis-d.openx.net live.primis.tech
2 search.spotxchange.com live.primis.tech
2 id.rlcdn.com 1 redirects ads.us.e-planning.net
2 ads.betweendigital.com 2 redirects
2 s.ad.smaato.net g2.gumgum.com
ssbsync.smartadserver.com
2 a.sportradarserving.com 2 redirects
2 r.scoota.co 2 redirects
2 ad.turn.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 pixel.mathtag.com 1 redirects rumcdn.geoedge.be
2 odr.mookie1.com spl.zeotap.com
googleads.g.doubleclick.net
2 idsync.frontend.weborama.fr 2 redirects
2 sync.tidaltv.com 2 redirects
2 dmp.adform.net 1 redirects spl.zeotap.com
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 s.e-planning.net ads.us.e-planning.net
2 c.pub.network a.pub.network
2 idsync.rlcdn.com dailyvoice.com
2 usermatch.krxd.net 2 redirects
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 ads.us.e-planning.net 1 redirects s.console.adtarget.com.tr
2 trc.taboola.com i.liadm.com
spl.zeotap.com
2 x.dlx.addthis.com 1 redirects i.liadm.com
2 i6.liadm.com i.liadm.com
2 hbopenbid.pubmatic.com live.primis.tech
2 c2shb.pubgw.yahoo.com live.primis.tech
2 fonts.gstatic.com fonts.googleapis.com
2 eb2.3lift.com 2 redirects
2 u.openx.net rumcdn.geoedge.be
live.primis.tech
2 sync.search.spotxchange.com 2 redirects
2 consumer.krxd.net cdn.krxd.net
2 uat5-a.investingchannel.com dggaenaawxe8z.cloudfront.net
2 api.floors.dev a.pub.network
2 adservice.google.se rumcdn.geoedge.be
2 dau-prod.launch.liveramp.com ccpa.privacymanager.io
2 prebid.s-onetag.com get.s-onetag.com
2 pre.ads.justpremium.com daily-voice-res.cloudinary.com
2 www.google-analytics.com dailyvoice.com
2 b-code.liadm.com dailyvoice.com
rumcdn.geoedge.be
2 dailyvoice.com daily-voice-res.cloudinary.com
1 ws.rqtrk.eu 1 redirects
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 green.erne.co 1 redirects
1 d.turn.com 1 redirects
1 adscale-emea.adnxs.com 1 redirects
1 pixel.everesttech.net 1 redirects
1 e.dlx.addthis.com 1 redirects
1 nep.advangelists.com 1 redirects
1 beacon.lynx.cognitivlabs.com 1 redirects
1 bbnaut.ibillboard.com 1 redirects
1 ajax.googleapis.com hal90009.redintelligence.net
1 ads.yahoo.com s.console.adtarget.com.tr
1 e5b1ca0460fdc8de5eaacafc33edcf4c.safeframe.googlesyndication.com rumcdn.geoedge.be
1 f48e19840c19f686d03efee28777f675.safeframe.googlesyndication.com rumcdn.geoedge.be
1 pixel-eu.rubiconproject.com ads.us.e-planning.net
1 contextual.media.net daily-voice-res.cloudinary.com
1 api.rlcdn.com daily-voice-res.cloudinary.com
1 idx.liadm.com b-code.liadm.com
1 54ca66065a33f4bdf10b105b1e102c44.safeframe.googlesyndication.com rumcdn.geoedge.be
1 js.cookieless-data.com s.e-planning.net
1 event.clientgear.com 1 redirects
1 demand.trafficroots.com 1 redirects
1 cm.smadex.com 1 redirects
1 tags.crwdcntrl.net s.e-planning.net
1 check.analytics.rlcdn.com daily-voice-res.cloudinary.com
1 d.adroll.com 1 redirects
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 sync.extend.tv 1 redirects
1 cm.ctnsnet.com 1 redirects
1 gslbeacon.lijit.com rumcdn.geoedge.be
1 hal9000.redintelligence.net rumcdn.geoedge.be
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 beacon-fra2.rubiconproject.com rumcdn.geoedge.be
1 i.e-planning.net ads.us.e-planning.net
1 pixel.sitescout.com 1 redirects
1 fei.pro-market.net 1 redirects
1 global.ib-ibi.com dailyvoice.com
1 cm.adform.net s.console.adtarget.com.tr
1 api.btloader.com freestar-io.videoplayerhub.com
1 ads.adaptv.advertising.com live.primis.tech
1 ad-delivery.net dailyvoice.com
1 ad.doubleclick.net dailyvoice.com
1 sync.intentiq.com dailyvoice.com
1 csync.loopme.me 1 redirects
1 s.console.adtarget.com.tr rumcdn.geoedge.be
1 id5-sync.com cdn.id5-sync.com
1 cdn.id5-sync.com rumcdn.geoedge.be
1 secure.cdn.fastclick.net rumcdn.geoedge.be
1 dggaenaawxe8z.cloudfront.net rumcdn.geoedge.be
1 btloader.com dailyvoice.com
1 freestar-io.videoplayerhub.com 1 redirects
1 pghub.io a.pub.network
1 signal-beacon.s-onetag.com rumcdn.geoedge.be
1 onetag-geo.s-onetag.com get.s-onetag.com
1 pixel.keywee.co dailyvoice.com
1 a.teads.tv daily-voice-res.cloudinary.com
1 prebid.media.net daily-voice-res.cloudinary.com
1 web.hb.ad.cpe.dotomi.com daily-voice-res.cloudinary.com
1 z.moatads.com s7.addthis.com
1 www.google.de dailyvoice.com
1 rules.quantcount.com secure.quantserve.com
1 get.s-onetag.com rumcdn.geoedge.be
1 stats.g.doubleclick.net www.google-analytics.com
1 d.pub.network a.pub.network
1 s7.addthis.com daily-voice-res.cloudinary.com
1 s.ntv.io daily-voice-res.cloudinary.com
1 static.doubleclick.net daily-voice-res.cloudinary.com
1 ccpa.privacymanager.io ccpa-wrapper.privacymanager.io
1 ats.rlcdn.com dailyvoice.com
1 secure.quantserve.com dailyvoice.com
1 www.googletagmanager.com dailyvoice.com
1 ccpa-wrapper.privacymanager.io dailyvoice.com
0 sync.adotmob.com Failed ssbsync.smartadserver.com
ssum-sec.casalemedia.com
972 256
Subject Issuer Validity Valid
*.dailyvoice.com
Amazon		 2021-12-28 -
2023-01-24		 a year crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2020-05-27 -
2022-06-22		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-16 -
2022-06-15		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
gw.geoedge.be
Amazon		 2021-10-13 -
2022-11-10		 a year crt.sh
*.liadm.com
Amazon		 2021-03-02 -
2022-03-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-03 -
2022-02-01		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2021-03-17 -
2022-04-18		 a year crt.sh
*.s-onetag.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.anyword.com
Amazon		 2021-08-04 -
2022-09-02		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-07-13 -
2022-06-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
ads.servenobid.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
tracking.justpremium.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
pixel.keywee.co
Sectigo ECC Domain Validation Secure Server CA		 2021-01-20 -
2022-02-19		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
*.launch.liveramp.com
Amazon		 2021-09-16 -
2022-10-15		 a year crt.sh
*.google.se
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
api.floors.dev
GTS CA 1D4		 2021-12-18 -
2022-03-18		 3 months crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-09 -
2022-02-16		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2021-10-29 -
2022-06-18		 8 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-30 -
2022-12-29		 a year crt.sh
*.investingchannel.com
Go Daddy Secure Certificate Authority - G2		 2020-05-26 -
2022-06-01		 2 years crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2021-03-11 -
2022-03-15		 a year crt.sh
cdn.id5-sync.com
R3		 2021-11-24 -
2022-02-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2022-07-12		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-11-29 -
2022-02-27		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
api.btloader.com
GTS CA 1D4		 2021-12-25 -
2022-03-25		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
protect.geoedge.be
Sectigo ECC Domain Validation Secure Server CA		 2022-01-02 -
2023-02-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.aws.lijit.com
Amazon		 2021-05-10 -
2022-06-08		 a year crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-22 -
2022-05-22		 a year crt.sh
ads.us.e-planning.net
R3		 2021-12-17 -
2022-03-17		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
cdn.admatic.com.tr
R3		 2022-01-06 -
2022-04-06		 3 months crt.sh
sync.console.adtarget.com.tr
R3		 2021-11-28 -
2022-02-26		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.eyeota.net
R3		 2022-01-04 -
2022-04-04		 3 months crt.sh
*.ib-ibi.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-03-08		 a year crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.e-planning.net
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-03-06		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ads4.admatic.com.tr
R3		 2022-01-04 -
2022-04-04		 3 months crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.theadex.com
AlphaSSL CA - SHA256 - G2		 2021-10-01 -
2022-11-02		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-11-24 -
2022-04-26		 5 months crt.sh
redintelligence.net
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
cert1.a2.atm.aqfer.net
R3		 2022-01-07 -
2022-04-07		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.knorex.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
analytics.rlcdn.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
js.cookieless-data.com
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh

This page contains 162 frames:

Primary Page: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Frame ID: 67853F798FFD1BA8D0B3D9DF94781FDF
Requests: 165 HTTP requests in this frame

Frame: https://prebid.s-onetag.com/21151f2e-6fc8-4e5d-881a-18a0f86778a8/prebid.min.js
Frame ID: 8D7570A324DACF26AF94C9D4CA02F4B1
Requests: 3 HTTP requests in this frame

Frame: https://prebid.s-onetag.com/21151f2e-6fc8-4e5d-881a-18a0f86778a8/prebid.min.js
Frame ID: 2912019AA93DE70983BEFACDB1D31AD9
Requests: 3 HTTP requests in this frame

Frame: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D6A395709CE0EC1257A3B4CDC41253CC
Requests: 1 HTTP requests in this frame

Frame: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 076171585C2BF2FCCDBC54A75A4C8F4C
Requests: 5 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=106981&cbuster=1643050054&pubUrl=https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/&x=700&y=476&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,864,1&cbuster=1643050054&pubUrlAuto=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 20A323E3C1F6D397A9A98034CD3D27C6
Requests: 47 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: E040A8E2110E4B6F2DBCB0B9A522CE08
Requests: 15 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-00ex?s=&cim=&ps=true&ls=true&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 5B4B61186DBB538FC643362C09A3DCB8
Requests: 8 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/4f0fd669188cad1c7ccc61140507409e.js?tag=client_fast_engine_2019
Frame ID: D23B74715DC88DB3DC32B640998224B2
Requests: 13 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 818FB76EE082BFD0D99A9DF99A462402
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 19F040FD76D8BE6161C8A523480C1CB5
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61eef44680d18%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 98531C626153D6D04FB1A94D15BC0B9C
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61eef44680d18&pixel=&advId=94&advUuid=182e719c-7d46-11ec-8199-1f0541440406
Frame ID: 94B5264B724742A2CAD5EBF1929F69D9
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61eef44680d18%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 72CA4A1584FC8493F258424294737EEF
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 58C210C99795D4B36CBB6E3C1545C776
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2E5BB35DB1AB3784AC8A7A4FBF1957D4
Requests: 2 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Frame ID: C72F0118AE71A0C497A302580256A4B8
Requests: 25 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Frame ID: D6C6323074A9AC67012B60F6E664BB7F
Requests: 24 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Frame ID: 0A004F2FDA9CC84310A2FC1CBA0CFCFE
Requests: 25 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4809DEF2419EEE23DA6DDA77E0B2E016
Requests: 1 HTTP requests in this frame

Frame: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 456870FDE87CD9FFE3C7FAD15EC71552
Requests: 9 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Frame ID: 7E3A2816B37C18CEF26DC537F78D591B
Requests: 17 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Frame ID: A4CA440462431AF3443DA2B87DE05137
Requests: 16 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Frame ID: BFFC2A614BEA3FA66769C714AD11AFBA
Requests: 18 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 9532ADBFF0EE31BBD55111CE5E48CE45
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 5F1E322079394F8B582B41D2F2A8A08E
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 86E673140234CDAE08BF58A1F8E17F38
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 45591FF6E8A579D13F5AB40695E60FAD
Requests: 10 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=FRueQIBMNWQuSIDOkLqP&pi=admatic&tc=1
Frame ID: 4F3AF7B56D13CD46BDBF144D3B081E3F
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: A4450E85CE55A5CB2A90BC4BE3C25BE7
Requests: 5 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 3752196124D3A2825D6AE3BF7E4FAF84
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Frame ID: 8EF8A05EA1535BF668E92352BBA7F37C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: E6E7D49F44DF61E4704ADAF28D83055A
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D54eea1f944edcc2e%26uid%3D
Frame ID: FFAB2ED52380C7196EA8B9597D82C38D
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54eea1f944edcc2e%26uid%3D
Frame ID: 861CC7E2BCBFF366E59AD899D0D5866A
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 11DD57535DF0D678421247F49B1A9753
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: D9580C154319ADE5483F7724C9F7388E
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361&cmp=0
Frame ID: 1D6DA6A6A357544C293D904A09CF46A6
Requests: 31 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvWkRNNVlUa3hPRFF0TlRZM015MHhNR1ExTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NDExMzQ4NTk3ODQ1ODIxMTIvOTY5NjA0NC85OTY4MjAyLzkvYlFyZVpXbG5LZjBpNXd1SHF5TjRUTlIwc2hvVkt1TmF1T1B4SUk0a0FqOC8xLzkvMC8wLzE3NjQwNzUvMC8yMjY1ODkvMTA0MTgwMi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzM5NDExMzQ4NTk3ODQ1ODIxMTIvenJoLzAvNzY4Mi84Mi85OTkvMi8yMDAxOjFiNjA6MTAxMDo6LzAuMDAwLzE2NDMwNTAwNTQvMTY0MzA1MzY1NC85LzE3NTI2Lw/MBaGPxTpVhmkSfCd6pMllswF324&nodeid=2803&group=zrh&auctionid=3941134859784582112&shardkey=3941134859784582112&sid=9968202&cid=9696044&bp=a_cfjjig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.234&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F934e78eb-a938-46d5-ba63-02cf2d9e9c78%2F
Frame ID: 2B06DDE558365C8285B952FE9DD904AC
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 8EE1CD24D1E6A2FCC0F869470648699C
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: E0D57C9DA0E8463E008852A97DA45821
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 3B5B93D8DEE4C6FC80BFE7DF03728D2C
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: D8C740CB82996536D6D93AC5FCC064BF
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 3954CC04E9929AE8A87E012F366E0DBC
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: AA27882E58E685AB609DE80BC1CEA905
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: 7B4D24F22C7A99BFD19C586FD5246F15
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 4F99C50E9CA458B2773F2E41A25818C7
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 640A00C8F2EF3BFFB7DB757DB9E5EA22
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 2D00F719755DC55C84594B925ECFE160
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 6BEF1148C12AB7FA776FC01941A8A695
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: 0E8F96D471D7C3554BF829515ACB0121
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 72E4C636BA800C6E2AE2F87414E60303
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 41F963A96F45C3105DB507E2F86FB42E
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 9C50027A1AA890F0BD9498AB12637E0E
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nobid/blacklist_script.js
Frame ID: DBCCD7AD84A0E08A2DF6EB8EE6B63C92
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nobid/blacklist_script.js
Frame ID: 792D11FE1127465A6EF8B06587C10D7A
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nobid/blacklist_script.js
Frame ID: 48539F7DB803AD1D4BA3F5D14EE5C2BC
Requests: 10 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=a_556326_b5cb108b649b47099ac97c7e122cb48a&rand=7876&informer=13410438&type=fpads&loc=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&v=1.2
Frame ID: E4FA478D6A0233B20A8F647F26316441
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220119/r20190131/zrt_lookup.html
Frame ID: 0C1ED33D567B9290A86DD790C6C2E267
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 7FEAF315153519E144EAE322F519B4D5
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AEE1lNUTvSUIBN-n
Frame ID: 35D631E0754B028BAA021307FC72C1F5
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: D652AE746F847D8B61BC8442399B1A13
Requests: 11 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Frame ID: 54664732B354149CF4FC420A4C7F07FD
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=Ye70SAABBy83WABH&gdpr=0&gdpr_consent=
Frame ID: 2CA10396742352214ADC0CB506A2B0DF
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82MTAwMWViNy1kNDIyLTQzNTMtYjY1MC0yZDY0ZjVlYTc5MGE=&gdpr=0&gdpr_consent=
Frame ID: EF897CE3B9EF3E442BA2C7A7E31AE9B8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 0C7089F0B14C6C5BC9C9555EDF0CBB22
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 5F0C58C5AA78A0DB98846EF4B7A67510
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=45b3f819-9c1d-422e-b008-efa913aeeeb1&t=1645642057
Frame ID: B9B7A7BE26BD6B0968C9310417580D45
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: FE771E27D759C1BFA276521018FBC04F
Requests: 3 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: F92942BEEB0C163EBBD645ECB18899D9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=Ye70ScCo8YUAAJyTHJYAAAAA
Frame ID: D1E95D3A9B83862C440A1DCD767080FA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=FRueQIBMNWQuSIDOkLqP&pi=gumgum
Frame ID: 3FD2CEA7C66B796F9C9BAC4631F35663
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Frame ID: 7D03A419D95F68E9E88FEA80E556EB5F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=Ye70SAABBy83WABH&gdpr=0&gdpr_consent=
Frame ID: 8D1370D9A8B24F4C184D9FCA29D1C8FB
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84OGQzMjVlMC05YmFlLTQ4NDYtOGFiYS1mMDQ4NzA5MGRhNWI=&gdpr=0&gdpr_consent=
Frame ID: 1A322E90FDE0CF2DFB43A22F6E1E25A5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 37A6E41C540FB9B9A7216BF19C0FEBBB
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 9002F293FFFE54274E2B9392D8399655
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=45b3f819-9c1d-422e-b008-efa913aeeeb1&t=1645642057
Frame ID: 7D10F38EF5552655C5B24609D6FE8725
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: F58548CEAC2F9E44DB361DB9F5845E68
Requests: 2 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 6CB721BF4E6E39EA68EE6848F187EB29
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=Ye70ScCo8YIAAAZ6DxgAAAAA
Frame ID: 650D01593F1DE933A826C2DD85503F5E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=FRueQIBMNWQuSIDOkLqP&pi=gumgum
Frame ID: 609CA843AA84104A9116B2D503BFF204
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Frame ID: 965B6548031242D9D75CDD6C239BD7B7
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=Ye70SAABBy83WABH&gdpr=0&gdpr_consent=
Frame ID: E436458BDA482DAFC8C2C2070EF66029
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82NWQ0ZTRhNi0xNTM3LTQwODYtOTQ0NS0xYWRmODg4ODA4YjQ=&gdpr=0&gdpr_consent=
Frame ID: 35F56F73BC4D46170C7AC7A43903FC20
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: C6FC7AEF2CC29DC0D64DCD0A4E057367
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: E35166BF77F39EC5277DAF484348F445
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=45b3f819-9c1d-422e-b008-efa913aeeeb1&t=1645642057
Frame ID: 92354A46F18F6CF58C4A2456E4E53BD4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 0B8F7F65D61878A71646638A88C850B6
Requests: 2 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 18A83401CE48AEFFD4C438EFA1F392C8
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=Ye70ScCo8XwAAOffDK0AAAAA
Frame ID: 2BA5F0CF2D5EC7BE3FC6560C5F4E0840
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=FRueQIBMNWQuSIDOkLqP&pi=gumgum
Frame ID: 1BB8F3B66C2FC23CF0812AFA137E66F6
Requests: 1 HTTP requests in this frame

Frame: https://hal90009.redintelligence.net/request_content.php?s=51589900225339903912182011849009&a=870a97fa
Frame ID: 099071B1D7285D19A2C4FC683CE565CD
Requests: 10 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/iframe?mt_uuid=d94061ee-f447-4000-9c05-557f1997fead&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Frame ID: 2FBA41949428120011822960F2FE94FC
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 15CC2FA49DF69365BE2C8272C1CB9230
Requests: 2 HTTP requests in this frame

Frame: https://54ca66065a33f4bdf10b105b1e102c44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 3A4643FA33BFE25EC843AD792F7556BC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: ED4A0249C03B5F4B0D19B56B0184E9C0
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13410438
Frame ID: 2EF22F21151C0323D2A360DDD23CBE5E
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 4CBF9990789494A3867F02DEF26A3205
Requests: 9 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3F6E9D46BCA0F8F881D514381F4CA48C
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUR0N35X&prvid=29%2C2034%2C2033%2C173%2C251%2C175%2C178%2C3018%2C3017%2C3016%2C214%2C159%2C237%2C117%2C70%2C97%2C99%2C77%2C3012%2C3010%2C182%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C80%2C10000%2C9%2C229%2C108%2C208%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 14CEECC4F7EF34BBD7C5F08D4D9F3D9E
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a8g0fvl1643050054292
Frame ID: D140A96221D4006DA4FED0C8F3798A07
Requests: 1 HTTP requests in this frame

Frame: https://f48e19840c19f686d03efee28777f675.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 51DCDCEE658DD3AEE92400214D8FC47F
Requests: 1 HTTP requests in this frame

Frame: https://e5b1ca0460fdc8de5eaacafc33edcf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 583CCC4DEADA159C97F8253253845F7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=600&slotname=4818556260&adk=4118982070&adf=366370288&pi=t.ma~as.4818556260&w=300&psa=0&format=300x600&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050056919&bpp=3&bdt=1890&idt=422&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=2&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=1791259828&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1196&ady=432&biw=1600&bih=1200&isw=300&ish=600&ifk=2683811075&scr_x=0&scr_y=0&eid=31063751%2C44753740&oid=2&pvsid=4022265781398971&pem=146&tmod=1306111432&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3lm0hel3u1y4&fsb=1&dtd=761
Frame ID: 07A9C255AB5D5C0639C1E16728E172D7
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Frame ID: 064F33AD994421B277B82DD42DAC483C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Frame ID: 873F88827E0F226759A8FF17420F116F
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022111152338000/amp4ads-v0.mjs
Frame ID: 76411CF73A9C570CA19F3A8E81C854E9
Requests: 11 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: AFA1628339044AAE69912D56317088B6
Requests: 7 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: 6E1320433CC613D510B630F9EA638F31
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 379FBE773FE666877F110D4527087D6A
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: D4291A9DB23459BF49C0B2CA4F683B67
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: B8202BE10354A3A1B406A8EE68F21769
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BE2A4E73EEC495FA025712DA8D179E50
Requests: 9 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-2eca3dc4-7e62-4840-b5d0-b11220868846-29095-126586333%26ex_uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&us_privacy=&limit=6
Frame ID: 494907E9BBB8C6AE9B43EF033816893B
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022111152338000/amp4ads-v0.mjs
Frame ID: 16F6E21B5F0B082746D97BAA342C0D36
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: DB837DDB41330531C6723F9720F81EE6
Requests: 2 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 5EF4A5A68E2164EC6F5D8BFE1E9DAEAC
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=Ye70SsCo8XwAAOffDL4AAAAA
Frame ID: E2CB0F29950732629C54EA7522C452E7
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82NWQ0ZTRhNi0xNTM3LTQwODYtOTQ0NS0xYWRmODg4ODA4YjQ=&gdpr=0&gdpr_consent=
Frame ID: 8A2796DEE067BC124465A367F7EF595E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 8661EB2514AF45D2C8C4FB4E88CCCFED
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 5A6D149F4AD839EC35F5C51F603D500F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 82AB9D4C7D0F33FFF3BA9BF3C156A8FD
Requests: 2 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 3DD20FBF5F79C8F45197A67ACAB90416
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=Ye70SsCo8YUAAJyTHKAAAAAA
Frame ID: D0331DDD48E983C3DF0E4A615CD8C95A
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 137F7223828C45784986488869670EC6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGLaksb0BMAE&v=APEucNXDNnEha5Pn_swM9Poo0yCAHPP573FxV-99cDQwsgt3vNU9c8xLNv7cMC76pfOyxiG0lcyQtDHb_xgScaBs_cLUs0TC5QUptx-BtDQmUwhPYhzIV-Odx0b1IR4cgL0jUSVtrqiuzbipyGHElCCY58Q26yLn9AATTmr2DrYGWUnSdZjFBTI
Frame ID: 90CD813B9BDBE2450F0312F2850D6966
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGMyXsb0BMAE&v=APEucNUcDrTdE7TkBln7omVzEo1MCSBV5fifKaIQafOuKGm7p0DnhY_h-DuW3AQMt4qihAGLcc9ZltRYksNBND179ZSUR5peD8y_lmrAldGzfXJ5eULRoh63p2v5BuGuqQntztQHjCzfFVdNxmfZOG5wQGOkcfiDsPcGGPgWK_U663BJ20xmW2M
Frame ID: CA73B0EFFCF87A2357223ACE99223222
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C18D6AFDCB77C3EFBF199700535A2D00
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
Frame ID: 796D8F26D70F1B1492192E78E2E43FE1
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/169192/10785504/10785504.js?ADFassetID=10785504&bv=514
Frame ID: 744F688D335AA9A61036063C80E11286
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 486DC79F5BEE6A84EB3AC78C32D95F01
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 151BBD7CDF12041D5C4C06A4E9C0B4C6
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5355067994831585280/300x250.html?e=69&leftOffset=0&topOffset=0&c=TasZz345rm&t=1&renderingType=2
Frame ID: 8B6A3FFA83CA72EA440DA2E5D318E65F
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12685700891219591168/728x90.html?e=69&leftOffset=0&topOffset=0&c=4ve390OZcJ&t=1&renderingType=2
Frame ID: 4B5E4502A9D18F87C737B42482986DB5
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: 24FC77B5E2BB324A35D9F089D3AA7F61
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D9A0FBB7B946EC5660529973DBC0A2A6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A73C5878205E9E16C75B270F18266ECA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5DB03A857277AC9E7764C0B2DF9F0C71
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Frame ID: 0D9CDED65FA8C7C09D336621578F5C84
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: EA8B32AF20358CA542835CA060944821
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B9E6540A5D029A7521CD2D19B96C148E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: 5F92E5B6076D6BADCBCB592449A340FD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: 4993ECEE978AFB01D839467804B02FE0
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 9B414263290FE4D653E4DD949ADB284B
Requests: 10 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=345438774/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Frame ID: 142F2748CAD364B8D1AF773E110E1A41
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1FD81BB4643366E78225D29B7C1087A4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A119812010079BE7779B9DFD5BD617F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2BFC5707D493FF66152D165F60EFB873
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B0D17DF393E9C9454AC7AEDC42F566D7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0658D97F7F53650159851516F5DB888A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8B039CE1CD9279DF9FBBAB04ABF17CE0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 916654378C00379623C1378ED88E6E19
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3AEDA8DEBFCE46596CD025B8B576C7D6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0479C778A8B8508C2E3661776AE902B3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C032E4207A5EC2B244D7153DAD84B182
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7E7093A2D3618E077577801DB2F8F00C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 451A2B0F08B5DD9EB788629C846127BD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
Frame ID: 983A41B95921E27678DCCA2ADFBE5811
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
Frame ID: 7425EF2D10C4FF7E9A54D7FF3E57BBE3
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: 56DA02AF4C7EA64D22B66F20DA526332
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F736E7B724E844DCC9ADDC6F9578CC7F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Merrill Lynch Fires Fairfield County Man Charged After Smoothie Shop Tirade, Report Says | Bedford Daily Voice

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

972
Requests

79 %
HTTPS

24 %
IPv6

147
Domains

256
Subdomains

176
IPs

15
Countries

10622 kB
Transfer

26672 kB
Size

205
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://cdn.keywee.co/dist/analytics.min.js HTTP 301
  • https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Request Chain 43
  • https://sb.scorecardresearch.com/b?c1=2&c2=20236510&ns__t=1643050053769&ns_c=UTF-8&cv=3.5&c8=Merrill%20Lynch%20Fires%20Fairfield%20County%20Man%20Charged%20After%20Smoothie%20Shop%20Tirade%2C%20Report%20Says%20%7C%20Bedford%20Daily%20Voice&c7=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20236510&ns__t=1643050053769&ns_c=UTF-8&cv=3.5&c8=Merrill%20Lynch%20Fires%20Fairfield%20County%20Man%20Charged%20After%20Smoothie%20Shop%20Tirade%2C%20Report%20Says%20%7C%20Bedford%20Daily%20Voice&c7=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&c9=
Request Chain 50
  • https://rp.liadm.com/j?dtstmp=1643050053849&aid=a-00ex&se=e30&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&wpn=lc-bundle&c=PHRpdGxlPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXMgfCBCZWRmb3JkIERhaWx5IFZvaWNlPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQSBGYWlyZmllbGQgQ291bnR5IG1hbiB3aG8gaXMgZmFjaW5nIGNoYXJnZXMgYWZ0ZXIgYXV0aG9yaXRpZXMgc2FpZCBoZSB5ZWxsZWQgYW5kIHRocmV3IGEgZHJpbmsgYXQgZW1wbG95ZWVzIG9mIGFuIGFyZWEgc21vb3RoaWUgc2hvcCBoYXMgYmVlbiBmaXJlZCBmcm9tIGhpcyBqb2IgYXQgTWVycmlsbCBMeW5jaCwgYWNjb3JkaW5nIHRvIGEgbmV3IHJlcG9ydC5KYW1lcyBJYW5uYXp6bywgYWdlIDQ4LCBvZiBGYWlyZmnigKYiPjxoMSBjbGFzcz0iZS1hcnRpY2xlLXRpdGxlIiBqcy1hcnRpY2xlLXRpdGxlPSIiPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXM8L2gxPg HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1643050053849&aid=a-00ex&se=e30&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&wpn=lc-bundle&c=PHRpdGxlPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXMgfCBCZWRmb3JkIERhaWx5IFZvaWNlPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQSBGYWlyZmllbGQgQ291bnR5IG1hbiB3aG8gaXMgZmFjaW5nIGNoYXJnZXMgYWZ0ZXIgYXV0aG9yaXRpZXMgc2FpZCBoZSB5ZWxsZWQgYW5kIHRocmV3IGEgZHJpbmsgYXQgZW1wbG95ZWVzIG9mIGFuIGFyZWEgc21vb3RoaWUgc2hvcCBoYXMgYmVlbiBmaXJlZCBmcm9tIGhpcyBqb2IgYXQgTWVycmlsbCBMeW5jaCwgYWNjb3JkaW5nIHRvIGEgbmV3IHJlcG9ydC5KYW1lcyBJYW5uYXp6bywgYWdlIDQ4LCBvZiBGYWlyZmnigKYiPjxoMSBjbGFzcz0iZS1hcnRpY2xlLXRpdGxlIiBqcy1hcnRpY2xlLXRpdGxlPSIiPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXM8L2gxPg&i6=MjAwMToxYjYwOjEwMTA6MjoxMDEyOjYwZmU6MjZlNzo1YWQw&n3pc=true
Request Chain 60
  • https://rp.liadm.com/j?dtstmp=1643050053984&aid=a-00ex&se=e30&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&wpn=lc-bundle&c=PHRpdGxlPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXMgfCBCZWRmb3JkIERhaWx5IFZvaWNlPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQSBGYWlyZmllbGQgQ291bnR5IG1hbiB3aG8gaXMgZmFjaW5nIGNoYXJnZXMgYWZ0ZXIgYXV0aG9yaXRpZXMgc2FpZCBoZSB5ZWxsZWQgYW5kIHRocmV3IGEgZHJpbmsgYXQgZW1wbG95ZWVzIG9mIGFuIGFyZWEgc21vb3RoaWUgc2hvcCBoYXMgYmVlbiBmaXJlZCBmcm9tIGhpcyBqb2IgYXQgTWVycmlsbCBMeW5jaCwgYWNjb3JkaW5nIHRvIGEgbmV3IHJlcG9ydC5KYW1lcyBJYW5uYXp6bywgYWdlIDQ4LCBvZiBGYWlyZmnigKYiPjxoMSBjbGFzcz0iZS1hcnRpY2xlLXRpdGxlIiBqcy1hcnRpY2xlLXRpdGxlPSIiPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXM8L2gxPg HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1643050053984&aid=a-00ex&se=e30&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&wpn=lc-bundle&c=PHRpdGxlPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXMgfCBCZWRmb3JkIERhaWx5IFZvaWNlPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQSBGYWlyZmllbGQgQ291bnR5IG1hbiB3aG8gaXMgZmFjaW5nIGNoYXJnZXMgYWZ0ZXIgYXV0aG9yaXRpZXMgc2FpZCBoZSB5ZWxsZWQgYW5kIHRocmV3IGEgZHJpbmsgYXQgZW1wbG95ZWVzIG9mIGFuIGFyZWEgc21vb3RoaWUgc2hvcCBoYXMgYmVlbiBmaXJlZCBmcm9tIGhpcyBqb2IgYXQgTWVycmlsbCBMeW5jaCwgYWNjb3JkaW5nIHRvIGEgbmV3IHJlcG9ydC5KYW1lcyBJYW5uYXp6bywgYWdlIDQ4LCBvZiBGYWlyZmnigKYiPjxoMSBjbGFzcz0iZS1hcnRpY2xlLXRpdGxlIiBqcy1hcnRpY2xlLXRpdGxlPSIiPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXM8L2gxPg&i6=MjAwMToxYjYwOjEwMTA6MjoxMDEyOjYwZmU6MjZlNzo1YWQw&n3pc=true
Request Chain 88
  • https://rp.liadm.com/p?dtstmp=1643050053984&aid=a-00ex&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ae=eyJtZXNzYWdlIjoie1wiYXBwSWRcIjpbXCJhLTAwZXhcIixudWxsXSxcIndyYXBwZXJOYW1lXCI6W1wibGMtYnVuZGxlXCIsXCJwcmViaWRcIl0sXCJjb2xsZWN0b3JVcmxcIjpbXCJodHRwczovL3JwLmxpYWRtLmNvbVwiLG51bGxdfSIsIm5hbWUiOiJMQ0R1cGxpY2F0aW9uIiwic3RhY2tUcmFjZSI6IkNvbmZpZ1NlbnQ6IEFkZGl0aW9uYWwgY29uZmlndXJhdGlvbiByZWNlaXZlZFxuICAgIGF0IGh0dHBzOi8vZGFpbHktdm9pY2UtcmVzLmNsb3VkaW5hcnkuY29tL3Jhdy91cGxvYWQvdjE2NDA5MTUyMjIvc3RhdGkuLi4ifQ&wpn=lc-bundle&c=PHRpdGxlPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXMgfCBCZWRmb3JkIERhaWx5IFZvaWNlPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQSBGYWlyZmllbGQgQ291bnR5IG1hbiB3aG8gaXMgZmFjaW5nIGNoYXJnZXMgYWZ0ZXIgYXV0aG9yaXRpZXMgc2FpZCBoZSB5ZWxsZWQgYW5kIHRocmV3IGEgZHJpbmsgYXQgZW1wbG95ZWVzIG9mIGFuIGFyZWEgc21vb3RoaWUgc2hvcCBoYXMgYmVlbiBmaXJlZCBmcm9tIGhpcyBqb2IgYXQgTWVycmlsbCBMeW5jaCwgYWNjb3JkaW5nIHRvIGEgbmV3IHJlcG9ydC5KYW1lcyBJYW5uYXp6bywgYWdlIDQ4LCBvZiBGYWlyZmnigKYiPjxoMSBjbGFzcz0iZS1hcnRpY2xlLXRpdGxlIiBqcy1hcnRpY2xlLXRpdGxlPSIiPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXM8L2gxPg HTTP 302
  • https://rp4.liadm.com/p?dtstmp=1643050053984&aid=a-00ex&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ae=eyJtZXNzYWdlIjoie1wiYXBwSWRcIjpbXCJhLTAwZXhcIixudWxsXSxcIndyYXBwZXJOYW1lXCI6W1wibGMtYnVuZGxlXCIsXCJwcmViaWRcIl0sXCJjb2xsZWN0b3JVcmxcIjpbXCJodHRwczovL3JwLmxpYWRtLmNvbVwiLG51bGxdfSIsIm5hbWUiOiJMQ0R1cGxpY2F0aW9uIiwic3RhY2tUcmFjZSI6IkNvbmZpZ1NlbnQ6IEFkZGl0aW9uYWwgY29uZmlndXJhdGlvbiByZWNlaXZlZFxuICAgIGF0IGh0dHBzOi8vZGFpbHktdm9pY2UtcmVzLmNsb3VkaW5hcnkuY29tL3Jhdy91cGxvYWQvdjE2NDA5MTUyMjIvc3RhdGkuLi4ifQ&wpn=lc-bundle&c=PHRpdGxlPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXMgfCBCZWRmb3JkIERhaWx5IFZvaWNlPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQSBGYWlyZmllbGQgQ291bnR5IG1hbiB3aG8gaXMgZmFjaW5nIGNoYXJnZXMgYWZ0ZXIgYXV0aG9yaXRpZXMgc2FpZCBoZSB5ZWxsZWQgYW5kIHRocmV3IGEgZHJpbmsgYXQgZW1wbG95ZWVzIG9mIGFuIGFyZWEgc21vb3RoaWUgc2hvcCBoYXMgYmVlbiBmaXJlZCBmcm9tIGhpcyBqb2IgYXQgTWVycmlsbCBMeW5jaCwgYWNjb3JkaW5nIHRvIGEgbmV3IHJlcG9ydC5KYW1lcyBJYW5uYXp6bywgYWdlIDQ4LCBvZiBGYWlyZmnigKYiPjxoMSBjbGFzcz0iZS1hcnRpY2xlLXRpdGxlIiBqcy1hcnRpY2xlLXRpdGxlPSIiPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXM8L2gxPg&i6=MjAwMToxYjYwOjEwMTA6MjoxMDEyOjYwZmU6MjZlNzo1YWQw&n3pc=true
Request Chain 111
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 119
  • https://www.facebook.com/tr/?id=1143148579201165&ev=PageView&dl=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&rl=&if=false&ts=1643050054361&sw=1600&sh=1200&v=2.9.49&r=stable&ec=1&o=30&fbp=fb.1.1643050054145.479505056&it=1643050053794&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&exp=p1&rqm=GET HTTP 302
  • https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&dpo=LDU&dpoco=0&dpost=0&ec=1&ev=PageView&exp=p1&fbp=fb.1.1643050054145.479505056&id=1143148579201165&if=false&it=1643050053794&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=1&ts=1643050054361&v=2.9.49
Request Chain 170
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61eef44680d18%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61eef44680d18%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=182e71dc-7d46-11ec-8199-1f0541440406 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61eef44680d18&pixel=&advId=94&advUuid=182e719c-7d46-11ec-8199-1f0541440406
Request Chain 182
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61eef44680d18%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61eef44680d18&pixel=&advId=93&advUuid=555260ef-c587-45f1-8ae0-c0f496aeb4c1
Request Chain 183
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61eef44680d18%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61eef44680d18%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61eef44680d18&pixel=&advId=99&advUuid=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB
Request Chain 184
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D794714265208637407289&advId=121&advUuid=794714265208637407289 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=794714265208637407289
Request Chain 186
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61eef44680d18%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D61eef44680d18%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61eef44680d18&pixel=&advId=105&advUuid=8766712360259569763
Request Chain 228
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00ex%2F0%2Fe20676c9892145d5a6a3ed95996ea458%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&6745e7ae-17ae-41c9-b8a5-b29aca78b996 HTTP 302
  • https://i.liadm.com/s/e/a-00ex/0/e20676c9892145d5a6a3ed95996ea458?mpid=7156&muid=d94061ee-f447-4000-9c05-557f1997fead
Request Chain 229
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1 HTTP 302
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=45b3f819-9c1d-422e-b008-efa913aeeeb1 HTTP 303
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=45b3f819-9c1d-422e-b008-efa913aeeeb1
Request Chain 230
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=6745e7ae-17ae-41c9-b8a5-b29aca78b996&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00ex%2F0%2Fe20676c9892145d5a6a3ed95996ea458%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=6745e7ae-17ae-41c9-b8a5-b29aca78b996&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00ex%2F0%2Fe20676c9892145d5a6a3ed95996ea458%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://i.liadm.com/s/e/a-00ex/0/e20676c9892145d5a6a3ed95996ea458?mpid=82775&muid=33954602667591782293093344066085338567
Request Chain 231
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=6745e7ae-17ae-41c9-b8a5-b29aca78b996 HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=6745e7ae-17ae-41c9-b8a5-b29aca78b996&rd=Y
Request Chain 232
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=6745e7ae-17ae-41c9-b8a5-b29aca78b996&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=6745e7ae-17ae-41c9-b8a5-b29aca78b996&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1 HTTP 303
  • https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1
Request Chain 233
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=6745e7ae-17ae-41c9-b8a5-b29aca78b996 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=6745e7ae-17ae-41c9-b8a5-b29aca78b996 HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=liveintent HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455420190490776&expires=30&ssp=liveintent HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1
Request Chain 241
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 245
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=FRueQIBMNWQuSIDOkLqP&pi=admatic&tc=1
Request Chain 260
  • https://usermatch.krxd.net/um/v2?partner=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T253dEFyYU8 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEO7UzpWD9eB5xUDAAGF5nyQ&google_cver=1
Request Chain 261
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T253dEFyYU8 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEO7UzpWD9eB5xUDAAGF5nyQ&google_cver=1
Request Chain 262
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=OnwtAraO&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=OnwtAraO&gdpr=0 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=45b3f819-9c1d-422e-b008-efa913aeeeb1
Request Chain 264
  • https://stags.bluekai.com/site/26357?id=OnwtAraO&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOnwtAraO%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?_kuid=OnwtAraO&partner=bluekai&bk_uuid=$_BK_UUID
Request Chain 267
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=8766712360259569763
Request Chain 269
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dpubmatic%26partner_uid%3D%23PM_USER_ID HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dpubmatic%26partner_uid%3D%23PM_USER_ID&rdf=1 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=pubmatic&partner_uid=0AE1D294-2B2E-417F-A012-150A310C50E5
Request Chain 270
  • https://fei.pro-market.net/engine?mimetype=img&du=88&csync=OnwtAraO HTTP 302
  • https://idsync.rlcdn.com/398696.gif?partner_uid=1035705701749506153
Request Chain 271
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 295
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D54eea1f944edcc2e HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=54eea1f944edcc2e
Request Chain 299
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D54eea1f944edcc2e HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 300
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D54eea1f944edcc2e%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=54eea1f944edcc2e&uid=8766712360259569763
Request Chain 301
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 307
  • https://ih.adscale.de/uu?cbfn=receive&t=1643050055 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1643050055&nut&uu=8bdee77727124e4e90d642231474edb2
Request Chain 324
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=8766712360259569763
Request Chain 325
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Request Chain 326
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1643050055726 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6788259908 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/45b3f819-9c1d-422e-b008-efa913aeeeb1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
Request Chain 328
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5134455420190490776
Request Chain 330
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=612cb020-e18f-4e70-818a-1ec844bbe7fb&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 331
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-J3AaqpFE2uEh6nnf2lJpRC.ZDU9cVvB9HhvY2Rw-~A
Request Chain 334
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=8766712360259569763
Request Chain 335
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Request Chain 339
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1643050055744 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5953797327 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/45b3f819-9c1d-422e-b008-efa913aeeeb1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
Request Chain 341
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5134455420190490776
Request Chain 343
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=6764a67a-1b7c-42d7-9023-5e262667614a&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 345
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-J3AaqpFE2uEh6nnf2lJpRC.ZDU9cVvB9HhvY2Rw-~A
Request Chain 348
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=8766712360259569763
Request Chain 349
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=c13524b18ed67fd5a6e30906
Request Chain 353
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7210246882 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/45b3f819-9c1d-422e-b008-efa913aeeeb1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
Request Chain 355
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5134455420190490776
Request Chain 357
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=3519e8ef-4179-4723-9367-c5547ae0011f&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 359
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-J3AaqpFE2uEh6nnf2lJpRC.ZDU9cVvB9HhvY2Rw-~A
Request Chain 368
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De30e4e09-47d8-479c-5f99-c139f5f2a246%26reqId%3D49a2089d-f7c6-42bb-7d76-a444e37bd709%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De30e4e09-47d8-479c-5f99-c139f5f2a246%26reqId%3D49a2089d-f7c6-42bb-7d76-a444e37bd709%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=db80bd73-be08-4d09-94cf-74a8fe877873&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Request Chain 370
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De30e4e09-47d8-479c-5f99-c139f5f2a246%26reqId%3D49a2089d-f7c6-42bb-7d76-a444e37bd709%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=45b3f819-9c1d-422e-b008-efa913aeeeb1&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Request Chain 374
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6fc31644-06f7-43ce-b22e-b922eb2a0b75&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 375
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=e30e4e09-47d8-479c-5f99-c139f5f2a246&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De30e4e09-47d8-479c-5f99-c139f5f2a246%26reqId%3D49a2089d-f7c6-42bb-7d76-a444e37bd709%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=33954602667591782293093344066085338567&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Request Chain 377
  • https://bn01.er.bemail.it/zeotap.php?_bid=e30e4e09-47d8-479c-5f99-c139f5f2a246&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022012419-47360-0.815264001643050044-6bac30ae1c790409dc618027fc27b2e4&zdid=533&env=mWeb
Request Chain 378
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De30e4e09-47d8-479c-5f99-c139f5f2a246%26reqId%3D49a2089d-f7c6-42bb-7d76-a444e37bd709%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7056846251936512151&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Request Chain 379
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=e30e4e09-47d8-479c-5f99-c139f5f2a246 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=e30e4e09-47d8-479c-5f99-c139f5f2a246
Request Chain 380
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=e30e4e09-47d8-479c-5f99-c139f5f2a246&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De30e4e09-47d8-479c-5f99-c139f5f2a246%26reqId%3D49a2089d-f7c6-42bb-7d76-a444e37bd709%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=e30e4e09-47d8-479c-5f99-c139f5f2a246&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De30e4e09-47d8-479c-5f99-c139f5f2a246%26reqId%3D49a2089d-f7c6-42bb-7d76-a444e37bd709%26zdid%3D1361&bounce=1&random=1036700513 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=rEvYWtVfWO1XPGOizQf1mO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Request Chain 382
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=e30e4e09-47d8-479c-5f99-c139f5f2a246?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=e30e4e09-47d8-479c-5f99-c139f5f2a246?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=7b5e473e169153a7619e0ce7c3ab424c&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Request Chain 383
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-ReuwirlE2oqTb2TzCgFB6d8ctmbN9BRN5Q--~A&zpartnerid=570&env=mWeb
Request Chain 384
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Dd%2FjD8%2ByH9zBgMaz7%2FWS5DtqL1ApS%2FLs%2BS41iYitP1U%3D
Request Chain 388
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De30e4e09-47d8-479c-5f99-c139f5f2a246%26reqId%3D49a2089d-f7c6-42bb-7d76-a444e37bd709%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De30e4e09-47d8-479c-5f99-c139f5f2a246%26reqId%3D49a2089d-f7c6-42bb-7d76-a444e37bd709%26zdid%3D1361&_test=Ye70SAABBy83WABH HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Ye70SAABBy83WABH&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361&_test=Ye70SAABBy83WABH
Request Chain 389
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De30e4e09-47d8-479c-5f99-c139f5f2a246%26reqId%3D49a2089d-f7c6-42bb-7d76-a444e37bd709%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=d94061ee-f447-4000-9c05-557f1997fead&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Request Chain 390
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OnwtAraO&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=e30e4e09-47d8-479c-5f99-c139f5f2a246
Request Chain 391
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e30e4e09-47d8-479c-5f99-c139f5f2a246&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e30e4e09-47d8-479c-5f99-c139f5f2a246&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361&dcc=t
Request Chain 393
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De30e4e09-47d8-479c-5f99-c139f5f2a246%26reqId%3D49a2089d-f7c6-42bb-7d76-a444e37bd709%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Request Chain 419
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&dcc=t
Request Chain 420
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ye70RiWLROK0s22WR3QvzgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1&gdpr=1
Request Chain 421
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 422
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=c67bc9d2e0464fac9e1708155619e66d&expiration=1645642055
Request Chain 424
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643136456&gdpr=1
Request Chain 432
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&dcc=t
Request Chain 433
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ye70RiWLROK0s22WR3QvzgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1&gdpr=1
Request Chain 436
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d94061ee-f447-4000-9c05-557f1997fead&gdpr=1&gdpr_consent=
Request Chain 438
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=lQ5oacULOTqODmk_mlkgaJMLbD-OCWw1kQZ1jGGk
Request Chain 439
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7745894741315734165
Request Chain 441
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&dcc=t
Request Chain 442
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ye70RiWLROK0s22WR3QvzgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1&gdpr=1
Request Chain 446
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1b75aba9-08a7-4fe8-b3e4-47f88545190f
Request Chain 451
  • https://hal90009.redintelligence.net/request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=9d09d7c48e&subid=&uid=a8a73e007f723c67&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4d7830eea5b668e41ab1558883a012b117e20ed3_15%26mt_aid%3D3941134859784582112%26mt_id%3D9696044%26mt_adid%3D226589%26mt_sid%3D9968202%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd94061ee-f447-4000-9c05-557f1997fead%26mt_cid%3Dd94061ee-f447-4000-9c05-557f1997fead%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F934e78eb-a938-46d5-ba63-02cf2d9e9c78%2F%26redirect%3D&documentReferer=https%3A%2F%2F0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fdailyvoice.com&random=2806542301189&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90009.redintelligence.net/request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=9d09d7c48e&subid=&uid=a8a73e007f723c67&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4d7830eea5b668e41ab1558883a012b117e20ed3_15%26mt_aid%3D3941134859784582112%26mt_id%3D9696044%26mt_adid%3D226589%26mt_sid%3D9968202%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd94061ee-f447-4000-9c05-557f1997fead%26mt_cid%3Dd94061ee-f447-4000-9c05-557f1997fead%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F934e78eb-a938-46d5-ba63-02cf2d9e9c78%2F%26redirect%3D&documentReferer=https%3A%2F%2F0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fdailyvoice.com&random=2806542301189&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 454
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&dcc=t
Request Chain 455
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ye70RiWLROK0s22WR3QvzgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1&gdpr=1
Request Chain 459
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 472
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=9d16bdb3-df4b-4ce5-8ca6-dc19409f1b4d&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
Request Chain 474
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=8766712360259569763
Request Chain 475
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_61001eb7-d422-4353-b650-2d64f5ea790a&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=ca12eaa9-f273-4fcf-af43-97cc855ad919&ssp=gumgum2 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=4557f183-3838-48df-bbf2-f73b9b10a9b1
Request Chain 476
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%288aC1RFo2i6rja2jm6MDhHztTLjHgfGvM-jydmAPRhlJU52l2hE9giCepQ5JtGNik%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%288aC1RFo2i6rja2jm6MDhHztTLjHgfGvM-jydmAPRhlJU52l2hE9giCepQ5JtGNik%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_65d4e4a6-1537-4086-9445-1adf888808b4&obuid=ENC(8aC1RFo2i6rja2jm6MDhHztTLjHgfGvM-jydmAPRhlJU52l2hE9giCepQ5JtGNik) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=lmWK_l3Y3SWvbOspOjaVn0zy3ccH9X4esi_Pv3FodJf3F0UCAnvVvqKJ_5unm_Oz HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=VrBUIL_JmK8zKB5nloeY
Request Chain 477
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=9f8e347b-d5c3-437d-a4e2-bd84f6c69b80
Request Chain 478
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-26049d05-0300-4bbe-701c-172a4182ed25$ip$84.19.175.184
Request Chain 479
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-hNZt2_VE2peosMZFMe87WZMw.b5bXPgIguDc~A
Request Chain 480
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=19c29ceb-7d46-11ec-adc0-29ae3790b9b2
Request Chain 483
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_61001eb7-d422-4353-b650-2d64f5ea790a&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=i0N6SIB-cZeynmOuoipk&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT22JQJY3FGSKCFVRVUZLZNZWU65LPNFYGWJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT22JQJY3FGSKCFVRVUZLZNZWU65LPNFYGWJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=i0N6SIB-cZeynmOuoipk&us_privacy=1---
Request Chain 484
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=2f1005de-fdf5-4781-b982-43c87eb73eaf
Request Chain 485
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003&rndcb=2821964151 HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=adconductor&bds_param=4557f183-3838-48df-bbf2-f73b9b10a9b1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=d17886cc-6113-4c61-b707-33b7efbeab99&expires=10&ssp=adconductor&bsw_param=4557f183-3838-48df-bbf2-f73b9b10a9b1 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/4557f183-3838-48df-bbf2-f73b9b10a9b1?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
Request Chain 486
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=g0mmqsiGpUjS&ev=1&pid=558355
Request Chain 489
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=8766712360259569763
Request Chain 490
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_88d325e0-9bae-4846-8aba-f0487090da5b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=4557f183-3838-48df-bbf2-f73b9b10a9b1 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=4557f183-3838-48df-bbf2-f73b9b10a9b1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=bebc4781-1764-470c-af9a-81651deb1ec0&ssp=gumgum2&expires=30&user_group=5&bsw_param=4557f183-3838-48df-bbf2-f73b9b10a9b1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=4557f183-3838-48df-bbf2-f73b9b10a9b1
Request Chain 491
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28JaHU3yocxyWUeIr4OxCCVj9LkmGN_6xz7T_utB6nl7SwwSREd5FURJJqsE0hABEz%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28JaHU3yocxyWUeIr4OxCCVj9LkmGN_6xz7T_utB6nl7SwwSREd5FURJJqsE0hABEz%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_65d4e4a6-1537-4086-9445-1adf888808b4&obuid=ENC(JaHU3yocxyWUeIr4OxCCVj9LkmGN_6xz7T_utB6nl7SwwSREd5FURJJqsE0hABEz) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DlmWK_l3Y3SWvbOspOjaVn0zy3ccH9X4esi_Pv3FodJf3F0UCAnvVvqKJ_5unm_Oz
Request Chain 492
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=9f8e347b-d5c3-437d-a4e2-bd84f6c69b80
Request Chain 493
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-4e31d384-391e-48a2-70cb-b24351c7711e$ip$84.19.175.184
Request Chain 494
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-hNZt2_VE2peosMZFMe87WZMw.b5bXPgIguDc~A
Request Chain 495
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=19c29d64-7d46-11ec-a519-b1962ed8ea81
Request Chain 498
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_88d325e0-9bae-4846-8aba-f0487090da5b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=taPqLvjraDgId-1PqYdg&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25DBKBYUY5TKOJQUIZ2JMQWTCUDRLFSGOJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25DBKBYUY5TKOJQUIZ2JMQWTCUDRLFSGOJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=taPqLvjraDgId-1PqYdg&us_privacy=1---
Request Chain 499
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=2f1005de-fdf5-4781-b982-43c87eb73eaf
Request Chain 500
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003&rndcb=8272538175 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=4557f183-3838-48df-bbf2-f73b9b10a9b1&google_hm=NDU1N2YxODMtMzgzOC00OGRmLWJiZjItZjczYjliMTBhOWIx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEahGcyMOenctxKwjQR8QWQ&google_cver=1&ssp=adconductor&bsw_param=4557f183-3838-48df-bbf2-f73b9b10a9b1 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/4557f183-3838-48df-bbf2-f73b9b10a9b1?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
Request Chain 501
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=Xfa5nugf6Nma&ev=1&pid=558355
Request Chain 507
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=8766712360259569763
Request Chain 508
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_65d4e4a6-1537-4086-9445-1adf888808b4&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=4557f183-3838-48df-bbf2-f73b9b10a9b1 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=4557f183-3838-48df-bbf2-f73b9b10a9b1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=bebc4781-1764-470c-af9a-81651deb1ec0&ssp=gumgum2&expires=30&user_group=5&bsw_param=4557f183-3838-48df-bbf2-f73b9b10a9b1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=4557f183-3838-48df-bbf2-f73b9b10a9b1
Request Chain 509
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28lmWK_l3Y3SWvbOspOjaVn0zy3ccH9X4esi_Pv3FodJf3F0UCAnvVvqKJ_5unm_Oz%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28lmWK_l3Y3SWvbOspOjaVn0zy3ccH9X4esi_Pv3FodJf3F0UCAnvVvqKJ_5unm_Oz%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_65d4e4a6-1537-4086-9445-1adf888808b4&obuid=ENC(lmWK_l3Y3SWvbOspOjaVn0zy3ccH9X4esi_Pv3FodJf3F0UCAnvVvqKJ_5unm_Oz) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DlmWK_l3Y3SWvbOspOjaVn0zy3ccH9X4esi_Pv3FodJf3F0UCAnvVvqKJ_5unm_Oz%26gdpr%3D$GDPR_APPLIES%26gdpr_consent%3D$CONSNT_STRING
Request Chain 510
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=9f8e347b-d5c3-437d-a4e2-bd84f6c69b80
Request Chain 511
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-66753af1-8f9a-4db8-7946-7c657dba76e3$ip$84.19.175.184
Request Chain 512
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-hNZt2_VE2peosMZFMe87WZMw.b5bXPgIguDc~A
Request Chain 513
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=19c2eb5f-7d46-11ec-aad8-9f94043e2d80
Request Chain 516
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_65d4e4a6-1537-4086-9445-1adf888808b4&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=VrBUIL_JmK8zKB5nloeY&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VTSIJKUSTC7JJWUWOD2JNBDK3TMN5SVSJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VTSIJKUSTC7JJWUWOD2JNBDK3TMN5SVSJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=VrBUIL_JmK8zKB5nloeY&us_privacy=1---
Request Chain 517
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=2f1005de-fdf5-4781-b982-43c87eb73eaf
Request Chain 518
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003&rndcb=6604578814 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadconductor%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadconductor%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=7fbe4ca5-e716-5318-b0bf-0fc2d151fb8b&ssp=adconductor&expires=30&user_group=1 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/4557f183-3838-48df-bbf2-f73b9b10a9b1?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
Request Chain 519
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=ycQgNgUO2mg4&ev=1&pid=558355
Request Chain 525
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDM1NTM5MjQyNjY2MTQ4ODQ5MQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEHnGdYpb5iKkSxjJSiqRqq4&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 527
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Request Chain 530
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=8766712360259569763&gdpr=0&gdpr_consent=
Request Chain 531
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDM1NTM5MjQyNjY2MTQ4ODQ5MQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEHnGdYpb5iKkSxjJSiqRqq4&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 532
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJKL07D3ekAAEDLX71mMQ&gdpr=0
Request Chain 533
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=9KYIKNP7qj5n&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 535
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=eZv2DSmep15im_dbdsy-DH-e8ltinPJRfZPyHhLk
Request Chain 536
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=7f6b392868&gdpr=0&gdpr_consent=
Request Chain 537
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=4355392426661488491&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=4355392426661488491&gdpr=0&gdpr_consent=&dcc=t
Request Chain 538
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=4557f183-3838-48df-bbf2-f73b9b10a9b1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mkd8c95bad-6abf-456c-853b-382365fa1b84&expires=7&user_group=5&ssp=smartadserver&bsw_param=4557f183-3838-48df-bbf2-f73b9b10a9b1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=4557f183-3838-48df-bbf2-f73b9b10a9b1&gdpr=&gdpr_consent=
Request Chain 544
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Request Chain 545
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=Ye70SAABBy83WABH&gdpr=0&gdpr_consent=
Request Chain 549
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=45b3f819-9c1d-422e-b008-efa913aeeeb1&t=1645642057
Request Chain 550
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 552
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=Ye70ScCo8YUAAJyTHJYAAAAA
Request Chain 553
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=FRueQIBMNWQuSIDOkLqP&pi=gumgum
Request Chain 554
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Request Chain 555
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=Ye70SAABBy83WABH&gdpr=0&gdpr_consent=
Request Chain 559
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=45b3f819-9c1d-422e-b008-efa913aeeeb1&t=1645642057
Request Chain 560
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 562
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=Ye70ScCo8YIAAAZ6DxgAAAAA
Request Chain 563
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=FRueQIBMNWQuSIDOkLqP&pi=gumgum
Request Chain 565
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Request Chain 566
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=Ye70SAABBy83WABH&gdpr=0&gdpr_consent=
Request Chain 570
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=45b3f819-9c1d-422e-b008-efa913aeeeb1&t=1645642057
Request Chain 571
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 573
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=Ye70ScCo8XwAAOffDK0AAAAA
Request Chain 574
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=FRueQIBMNWQuSIDOkLqP&pi=gumgum
Request Chain 617
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYT1KVKK-6-FUJ0&sigv=1&esig=2~449c6f8be1eda91639989c50cac9cb1934c21d26
Request Chain 618
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Ye70SAABBy83WABH
Request Chain 621
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lUMUtWS0stNi1GVUow
Request Chain 622
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjJjZGRhMDJiNDBkMTQyNjQ0ZGM4ZmVlZmFlMDM2OTJiOTdhZjA5Zg
Request Chain 623
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPcjW2VgTkYaevHNpIfJ2aI&google_cver=1
Request Chain 624
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d94061ee-f447-4000-9c05-557f1997fead&expires=28
Request Chain 637
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=8bdee77727124e4e90d642231474edb2&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F965e2bc6793644c0ab38cff055c0b6b8%2F1643050057122%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/img?tpid=101&tpuid=BBID-01-03177640579542809-16507512
Request Chain 659
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.26%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=6640133194 HTTP 302
  • https://sync.1rx.io/usersync3/centro/2069.26/no-consent?zcc=0&sspret=1&rndcb=6640133194 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
Request Chain 662
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=8766712360259569763
Request Chain 663
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=c13524b18ed67fd5a6e30906
Request Chain 664
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5134455420190490776
Request Chain 666
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=6764a67a-1b7c-42d7-9023-5e262667614a&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 667
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-J3AaqpFE2uEh6nnf2lJpRC.ZDU9cVvB9HhvY2Rw-~A
Request Chain 696
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=f73ZBw6bgXbSXuzOl1phEr2EQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=f73ZBw6bgXbSXuzOl1phEr2EQ&gdpr=0&gdpr_consent=&google_gid=CAESEAIqfYBU0mCrzslnuqeEG_0&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 697
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6472559499329098849 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=f73ZBw6bgXbSXuzOl1phEr2EQ&gdpr=0&gdpr_consent=
Request Chain 700
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=a7de7796f2d63934349e1618befad6a4dda69a6dce4484f41f88c6e257286a4f&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F965e2bc6793644c0ab38cff055c0b6b8%2F1643050057122%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Ye70RiWLROK0s22WR3QvzgAA%261108
Request Chain 703
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=03030001_61eef44a55c11&knw= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03030001_61eef44a55c11&gdpr=0&gdpr_consent=
Request Chain 704
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=VrBUIL_JmK8zKB5nloeY&gdpr=0
Request Chain 705
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDM1NTM5MjQyNjY2MTQ4ODQ5MQ==&gdpr=0&gdpr_consent=
Request Chain 706
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4c98bad9-fe45-472f-9533-701b4dae78a3&gdpr=0&gdpr_consent=
Request Chain 709
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_65d4e4a6-1537-4086-9445-1adf888808b4&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=VrBUIL_JmK8zKB5nloeY&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VTSIJKUSTC7JJWUWOD2JNBDK3TMN5SVSJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VTSIJKUSTC7JJWUWOD2JNBDK3TMN5SVSJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=VrBUIL_JmK8zKB5nloeY&us_privacy=1---
Request Chain 710
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F1506%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=4723330714 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/1506/8766712360259569763?zcc=0&sspret=1&rndcb=4723330714 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
Request Chain 715
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_65d4e4a6-1537-4086-9445-1adf888808b4&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=VrBUIL_JmK8zKB5nloeY&gdpr=1
Request Chain 720
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=b85e455b-edd0-4a82-836c-b3822ec13f6f&expiration=1674586058
Request Chain 721
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420190490776
Request Chain 722
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1c9118a5-c7cb-4203-96da-b240346a9c05
Request Chain 723
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6963364581423386183&uid=Q6963364581423386183&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 727
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7745894741315734165
Request Chain 729
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6963364581884121236&uid=Q6963364581884121236&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 731
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420190490776
Request Chain 733
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 735
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=Ye70SsCo8XwAAOffDL4AAAAA
Request Chain 739
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 741
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=Ye70SsCo8YUAAJyTHKAAAAAA
Request Chain 742
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 768
  • https://track.adform.net/serving/cookie/match/?party=9&uid=8f3de30e8e4b93df1b8f23f66cc5d3eb0354458c2bba478408b5c6551fa00517&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F965e2bc6793644c0ab38cff055c0b6b8%2F1643050057122%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/img?tpid=42&gdpr=0&tpuid=6472559499329098849
Request Chain 781
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1
Request Chain 782
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ye70RiWLROK0s22WR3QvzgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1
Request Chain 783
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGyGhhC_qCvj7fM6dS9Aw68&google_cver=1
Request Chain 784
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc2NjcxMjM2MDI1OTU2OTc2Mw%3D%3D
Request Chain 788
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENZc_LqXqFRqDQdNMzbZS9M&google_cver=1
Request Chain 790
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESELCSWkUi8kB9k6XBcIZgx6I&google_cver=1
Request Chain 795
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=aaf4c4ee1a33dba0e7f35a851ddc967fc1975154e1d984b643f9ec2b95c553d4&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F965e2bc6793644c0ab38cff055c0b6b8%2F1643050057122%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=4c98bad9-fe45-472f-9533-701b4dae78a3&gdpr=0
Request Chain 796
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENpqldn23BUmNCsjXLl1WSo&google_cver=1&google_push=AYg5qPILjvv61MgI5T94cQ36tG8_D2oQXkBx3c5M_wyXokqKKm8G5MGHpIGU3vCFH2Wnj3dfeudsrknEP15AEbS8JQ7gmVm0cAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPILjvv61MgI5T94cQ36tG8_D2oQXkBx3c5M_wyXokqKKm8G5MGHpIGU3vCFH2Wnj3dfeudsrknEP15AEbS8JQ7gmVm0cAA&google_hm=HbQAUTp5cMURnEY84Rsr8w
Request Chain 797
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKid5WQeSZZm6w64Q6J6NR8YXMt_Z4d99If2ViZ22HrybQed_cIObZrgJBTKqW_ZpUvLK3LnJSdTyH2ihthDqTy5V6OFM0&google_gid=CAESEP6xRcpkuQdquuLRadpy1JI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMjQxODQ3MzUwMDAxNzkwNTAzNjMzMQ%3D%3D&google_push=AYg5qPKid5WQeSZZm6w64Q6J6NR8YXMt_Z4d99If2ViZ22HrybQed_cIObZrgJBTKqW_ZpUvLK3LnJSdTyH2ihthDqTy5V6OFM0
Request Chain 799
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMK1CsYAYcEnlMy6XsvzOz0&google_cver=1&google_push=AYg5qPK_DRev0cTR9paUTTcSaSq6P7jCpJh-II-An-JBXmzs_z2VdIXIoZBwiYloutw5VsBcS2db_ktvjckJCMS69SWkxz8lymU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CuHSlCsuQX-gEhUKMQxQ5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK_DRev0cTR9paUTTcSaSq6P7jCpJh-II-An-JBXmzs_z2VdIXIoZBwiYloutw5VsBcS2db_ktvjckJCMS69SWkxz8lymU
Request Chain 800
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL0k9Fjf2yUy3HXhYT7lmh4&google_cver=1&google_push=AYg5qPITm0Jp_C9v4NoqCK0AuMCSJOoJgv9ZFhd4ylsSlSW6Gm3iQcotxbLHcFQuic8jbyNkKD5-IlK9wzrNx1EcDrOveiXOds4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lUMUtWS0stNi1GVUow&google_push=AYg5qPITm0Jp_C9v4NoqCK0AuMCSJOoJgv9ZFhd4ylsSlSW6Gm3iQcotxbLHcFQuic8jbyNkKD5-IlK9wzrNx1EcDrOveiXOds4
Request Chain 801
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA
Request Chain 802
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDysRdyc9a-eESzFU_Sze68&google_cver=1&google_push=AYg5qPJSxhTTb5bs0YiZLIOmJUZKFCahSHtIn5ejQKNk90SvNST5wjfmjuTW3qd1RGXy0wzr7M8q0beVgw4IdQ8u-bNWYyWrfOLZ HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJSxhTTb5bs0YiZLIOmJUZKFCahSHtIn5ejQKNk90SvNST5wjfmjuTW3qd1RGXy0wzr7M8q0beVgw4IdQ8u-bNWYyWrfOLZ&google_hm=
Request Chain 810
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=b4f01ebda7eb2be7223010efc7a03a3285e18a4e534237e7430c9b241883dd80&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F965e2bc6793644c0ab38cff055c0b6b8%2F1643050057122%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Request Chain 847
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=eff99a1de6427afe5dcea78756b7ff9&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=e5f57_7056846256211501085 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZWZmOTlhMWRlNjQyN2FmZTVkY2VhNzg3NTZiN2ZmOQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEAXMWghxRM_s3R1ek1xzYN8&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=45b3f819-9c1d-422e-b008-efa913aeeeb1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/eff99a1de6427afe5dcea78756b7ff9?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-xW.pcK9E2oO1f7WmU3cntx3PQBgvF8hSEBOG4CeY~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=8766712360259569763 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=IlPSOnrm1Nc4np5&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Ye70SAABBy83WABH&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6472559499329098849 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAJKL07D3ekAAEDLX71mMQ&gdpr=0
Request Chain 849
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP1ad0b175-7d46-11ec-87f3-021df0b59d2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAxYWQwYjE3NS03ZDQ2LTExZWMtODdmMy0wMjFkZjBiNTlkMmE%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEN51s6Ia2YoPwUks-4NFIaU&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEN51s6Ia2YoPwUks-4NFIaU&google_cver=1&apid=UP1ad0b175-7d46-11ec-87f3-021df0b59d2a
Request Chain 850
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=45b3f819-9c1d-422e-b008-efa913aeeeb1&_origin=1&gdpr=1&gdpr_consent=
Request Chain 851
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=9c91750d26645f40ff5cb155db81f75d8d13f41363ee2a28746a420310362e7a&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F965e2bc6793644c0ab38cff055c0b6b8%2F1643050057122%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/img?uid=9c91750d26645f40ff5cb155db81f75d8d13f41363ee2a28746a420310362e7a&tpid=38&gdpr=0&tpuid=CAESEDLy4DIdeT5BYEfKU1lO5ZE&google_cver=1
Request Chain 856
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENpqldn23BUmNCsjXLl1WSo&google_cver=1&google_push=AYg5qPJvCzsPGdoxJQsSEGDIgEkglvALxWNm1EB9lY4tM9wbs4yDGNh-rdwWPIgOWgRLQE4XrnEiuHbO6FpnUn8tL0x9pRY7HzAH HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJvCzsPGdoxJQsSEGDIgEkglvALxWNm1EB9lY4tM9wbs4yDGNh-rdwWPIgOWgRLQE4XrnEiuHbO6FpnUn8tL0x9pRY7HzAH&google_hm=HbQAUTp5cMURnEY84Rsr8w
Request Chain 857
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKEOt_QBg33GuRVQ5MTPeJP9vB7PmS3NfKoirJwQ19LPtjEn7KfhgSIXGCpIXT5co4vas2vVaFTxAkNTiExpwsrXxmy4EQz&google_gid=CAESECyRkoZstNCTY-DFfFeVZIA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWU3MFNBQUJCeTgzV0FCSA&google_push=AYg5qPKEOt_QBg33GuRVQ5MTPeJP9vB7PmS3NfKoirJwQ19LPtjEn7KfhgSIXGCpIXT5co4vas2vVaFTxAkNTiExpwsrXxmy4EQz
Request Chain 858
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJF5jNWTYz8rPp13FyhOMYTuHV5yp-JDUJCqGtSAnt3zUSmxvBoVvz_2WJcCYdnP0ZZ33vu2t8V4nc3Z_Sifq7KpAh_WI6_&google_gid=CAESEPv-m_5P_zP_m3eb5GGK2M8&google_cver=1 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTUtSS0lUeEQ2VzJKbHh4RlpDS2JXYXhuV21YLVpVSEhjUTJBSE9CTlBTdw==&google_push
Request Chain 860
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMK1CsYAYcEnlMy6XsvzOz0&google_cver=1&google_push=AYg5qPICZQIr1ys8uSv8B26feWWoCqSfiMcap1Fo1RbtKuOlRU1O7oW7NgUqWBj_6I5SvUz_jYstGuhmd8Z0j703p13u7CqlPUIy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CuHSlCsuQX-gEhUKMQxQ5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPICZQIr1ys8uSv8B26feWWoCqSfiMcap1Fo1RbtKuOlRU1O7oW7NgUqWBj_6I5SvUz_jYstGuhmd8Z0j703p13u7CqlPUIy
Request Chain 861
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL0k9Fjf2yUy3HXhYT7lmh4&google_cver=1&google_push=AYg5qPJBsiJfKQZybXSwI2pwHQ50epUWWHzoQ6qmMM206jfHYZcqMawtwq3F61dKAYQjH-Ym2CEXcZz9L5ssR2EzJiHyetwRqcc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lUMUtWS0stNi1GVUow&google_push=AYg5qPJBsiJfKQZybXSwI2pwHQ50epUWWHzoQ6qmMM206jfHYZcqMawtwq3F61dKAYQjH-Ym2CEXcZz9L5ssR2EzJiHyetwRqcc
Request Chain 862
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1
Request Chain 864
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENpqldn23BUmNCsjXLl1WSo&google_cver=1&google_push=AYg5qPKrXqAM3QZb8piilLe3qUoOLaNm9foMtaioDfF1XV8OgbikgOij49RQgCmrTekMXrcgxlA7akkeEXQ8IpkcwWApaWewPnQy HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKrXqAM3QZb8piilLe3qUoOLaNm9foMtaioDfF1XV8OgbikgOij49RQgCmrTekMXrcgxlA7akkeEXQ8IpkcwWApaWewPnQy&google_hm=HbQAUTp5cMURnEY84Rsr8w
Request Chain 867
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMK1CsYAYcEnlMy6XsvzOz0&google_cver=1&google_push=AYg5qPJ1ZREqdjJy8o2RtZNBQOQ4LRUsbRMfmUGl7whiCFMmZ5vaOAOgvaO-w9Egij-sZI6lehltfJSvALNBB8n83yKzsA6z26gT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CuHSlCsuQX-gEhUKMQxQ5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ1ZREqdjJy8o2RtZNBQOQ4LRUsbRMfmUGl7whiCFMmZ5vaOAOgvaO-w9Egij-sZI6lehltfJSvALNBB8n83yKzsA6z26gT
Request Chain 868
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL0k9Fjf2yUy3HXhYT7lmh4&google_cver=1&google_push=AYg5qPJgCzTTsCMRntZGF48h5KrphtbRecKLtKadcljTdCqB_byHzR3VVZQD4-vigXz6B0DBQSt7WHUkLT8NOO_IUIFvEkCTnI4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lUMUtWS0stNi1GVUow&google_push=AYg5qPJgCzTTsCMRntZGF48h5KrphtbRecKLtKadcljTdCqB_byHzR3VVZQD4-vigXz6B0DBQSt7WHUkLT8NOO_IUIFvEkCTnI4
Request Chain 869
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp
Request Chain 870
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDysRdyc9a-eESzFU_Sze68&google_cver=1&google_push=AYg5qPIPMDt3kURMyEr__6M1B_k4aFEnnM5xqB7RnbPUVNct76RxHvDL0uIBC8XWG_gQhXsqfZ6SEBYlZpv_cGm_aL20qTax02dkQw HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIPMDt3kURMyEr__6M1B_k4aFEnnM5xqB7RnbPUVNct76RxHvDL0uIBC8XWG_gQhXsqfZ6SEBYlZpv_cGm_aL20qTax02dkQw&google_hm=
Request Chain 874
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F965e2bc6793644c0ab38cff055c0b6b8%2F1643050057122%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/img?tpid=75&tpuid=8766712360259569763&gdpr=0
Request Chain 880
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643136459&gdpr=1
Request Chain 882
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1645642059
Request Chain 883
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ZnU68Y-aTbh5Rnxlfbp241QTr7g
Request Chain 885
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=IlPSOnrm1Nc4np5&gdpr=1
Request Chain 890
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=da361e87b62ec71d2a5ef969006a32dca58cd40318dc985c7a2810115e606e14&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F965e2bc6793644c0ab38cff055c0b6b8%2F1643050057122%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=da361e87b62ec71d2a5ef969006a32dca58cd40318dc985c7a2810115e606e14&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F965e2bc6793644c0ab38cff055c0b6b8%2F1643050057122%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/js?tpid=48&tpuid=5237b11baa219adb71f4761b09da6af6
Request Chain 902
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=d94061ee-f447-4000-9c05-557f1997fead
Request Chain 903
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=7b5e473e169153a7619e0ce7c3ab424c&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=db80bd73-be08-4d09-94cf-74a8fe877873
Request Chain 906
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/7b5e473e169153a7619e0ce7c3ab424c/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7745894741315734165
Request Chain 959
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admatic&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=ZPSpWjdEDS0mqTPzefuWYNQn&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
Request Chain 960
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=4557f183-3838-48df-bbf2-f73b9b10a9b1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=bebc4781-1764-470c-af9a-81651deb1ec0&ssp=admatic&expires=30&user_group=5&bsw_param=4557f183-3838-48df-bbf2-f73b9b10a9b1 HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
Request Chain 980
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=admatic&g=1&gdpr_pd=&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
Request Chain 982
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6472559499329098849&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=

972 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/ 		929 KB
68 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.251.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-251-150.compute-1.amazonaws.com
Software
nginx/1.21.5 /
Resource Hash
ab43e071181b69985be18d009ef96cbdd91ebf49700fa2bf6c3cfb88b9022b9d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: blob: https: gap: gap-iab: 'unsafe-inline' 'unsafe-eval'; form-action https:
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-type
text/html; charset=utf-8
content-length
69053
server
nginx/1.21.5
cache-control
max-age=300
content-security-policy
upgrade-insecure-requests; default-src data: blob: https: gap: gap-iab: 'unsafe-inline' 'unsafe-eval'; form-action https:
content-security-policy-report-only
default-src data: blob: https: gap: gap-iab: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://dailyvoice.report-uri.com/r/d/csp/reportOnly
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-encoding
gzip
x-varnish
1901945
age
0
via
1.1 varnish-v4
accept-ranges
bytes
public_zatrwh.css
daily-voice-res.cloudinary.com/raw/upload/v1642534948/dynamic/ 		527 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://daily-voice-res.cloudinary.com/raw/upload/v1642534948/dynamic/public_zatrwh.css
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
341de0257c0425486be22cd1b730c6cbf704b86ae4780d6b6d4061d0364fffd1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
br
last-modified
Tue, 18 Jan 2022 19:42:29 GMT
server
Cloudinary
etag
W/"c530b5bc44f4b5864a98669a6e678039"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary
cache-control
public, no-transform, immutable, max-age=31557600
server-timing
fastly;dur=1;start=2022-01-24T18:47:33.377Z;desc=hit,rtt;dur=14
strict-transport-security
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
content-length
54891
print_gtp594.css
daily-voice-res.cloudinary.com/raw/upload/v1642534948/dynamic/ 		46 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://daily-voice-res.cloudinary.com/raw/upload/v1642534948/dynamic/print_gtp594.css
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
02e0522791708d7ee78f6b51983bfaa8185d44401b513a6f8a4cef262673fad1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
br
last-modified
Tue, 18 Jan 2022 19:42:29 GMT
server
Cloudinary
etag
W/"04546488b74712299ac190b03b4fad3b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary
cache-control
public, no-transform, immutable, max-age=31557600
server-timing
fastly;dur=1;start=2022-01-24T18:47:33.377Z;desc=hit,rtt;dur=14
strict-transport-security
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
content-length
7361
js
maps.googleapis.com/maps/api/ 		160 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyB5kIm2RDdQ85S5eYuUXQRbOxsNNQjFNkI&libraries=places
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
d3f263b0cac5e90d6334c9976df1230f104be4af478a842642e2ae65b5b83af5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=12
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53619
x-xss-protection
0
expires
Mon, 24 Jan 2022 19:17:33 GMT
cls.css
a.pub.network/core/pubfig/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/cls.css
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d510e16e6e569e573980fd67a55221795d539fd56688ecaca8d284255e86ee6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=kjwd8A==, md5=KtQsmezne0blpCqFIHo3UA==
date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1551
x-guploader-uploadid
ADPycdvzpW9wuwwbDjiWZW3tMJxcQLDdrOt4CjsLcT0PdIF7hSHskZVW7XrtXn73wON6Ky38AQ4XUaUcZ-T0-JyL067RXsHZUw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
text/css
last-modified
Tue, 11 May 2021 20:31:48 GMT
server
cloudflare
etag
W/"2ad42c99ece77b46e5a42a85207a3750"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9N%2B588Sg6D3nmI%2BwN0t5wlz1it8HlTx93J6y9YIwOlDFyB7Hxn57BpwGwRgtf9kr3pHLuhh%2F2VuDJ1y1nPOt6XydQxQyELAvSkFca%2Bcldkvi0a9s49jdhTDWfmbLtkZ6Q4fxD3d9ec1dViY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620765108454625
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1752
cf-ray
6d2b6e5298f269eb-MAD
expires
Mon, 24 Jan 2022 18:41:28 GMT
dv-logo.svg
daily-voice-res.cloudinary.com/image/upload/v1438259160/static/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daily-voice-res.cloudinary.com/image/upload/v1438259160/static/dv-logo.svg
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
2d872ff0d2ad9d34546ccd9e2576ee43ebc6e11342e8f9933b83c4fc1caf7dfa
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="dv-logo.svg"
server-timing
fastly;dur=1;start=2022-01-24T18:47:33.388Z;desc=hit,rtt;dur=14
vary
Accept-Encoding
content-length
751
last-modified
Thu, 30 Jul 2015 12:26:01 GMT
server
Cloudinary
etag
W/"96d7864dd655a7e0ef941eb1ebb4f063"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
sct.png
daily-voice-res.cloudinary.com/image/upload/v1437498050/weather_icons/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daily-voice-res.cloudinary.com/image/upload/v1437498050/weather_icons/sct.png
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
04e8be4eda338e3130067f326b7d85d633d42da0ef11e4c80110fba169c63e92
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 Aug 2015 01:20:18 GMT
server
Cloudinary
etag
"162bc1134018889615cb97b5415bcb6e"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
server-timing
fastly;dur=2;cpu=1;start=2022-01-24T18:47:33.388Z;desc=hit,rtt;dur=14
accept-ranges
bytes
timing-allow-origin
*
content-length
17708
Nicole_Valinote_headshot_uafrpr.jpg
daily-voice-res.cloudinary.com/image/upload/c_fill,g_face,h_40,q_auto:eco,w_40/ 		667 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daily-voice-res.cloudinary.com/image/upload/c_fill,g_face,h_40,q_auto:eco,w_40/Nicole_Valinote_headshot_uafrpr.jpg
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
8eba88c55c05856fec5e75324fd15924e60a72891048750dc0bec8336b8dfb9f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Jul 2021 20:55:43 GMT
server
Cloudinary
etag
"f76ac601ce464c51e20cf0f66a4b6095"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
server-timing
fastly;dur=1;start=2022-01-24T18:47:33.388Z;desc=hit,rtt;dur=14
accept-ranges
bytes
timing-allow-origin
*
content-length
667
image0_mcghnb
daily-voice-res.cloudinary.com/image/upload/c_fill,dpr_1,f_auto,q_auto:eco,w_640/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daily-voice-res.cloudinary.com/image/upload/c_fill,dpr_1,f_auto,q_auto:eco,w_640/image0_mcghnb
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
09dab65f1fb6da84d9fe34d4964bb097fb3e87e7a65af3509c140d0b324d90d5
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="image0_mcghnb.webp"
server-timing
fastly;dur=2;cpu=1;start=2022-01-24T18:47:33.388Z;desc=hit,rtt;dur=14
vary
Accept,User-Agent
content-length
18216
last-modified
Sun, 23 Jan 2022 18:00:58 GMT
server
Cloudinary
etag
"9bdd7254320be318685f4e2aacebe1c6"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
Screen_Shot_2022-01-24_at_10.36.25_AM_o1dd6l.jpg
daily-voice-res.cloudinary.com/image/upload/ar_1:1,c_fill,dpr_1,f_auto,g_faces,q_auto:eco,w_80/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daily-voice-res.cloudinary.com/image/upload/ar_1:1,c_fill,dpr_1,f_auto,g_faces,q_auto:eco,w_80/Screen_Shot_2022-01-24_at_10.36.25_AM_o1dd6l.jpg
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
bdd3aa348169c918141603e6348678ba28f13cf198b9efb700a3ae12966ad4ea
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="Screen_Shot_2022-01-24_at_10.36.25_AM_o1dd6l.webp"
server-timing
fastly;dur=2;cpu=1;start=2022-01-24T18:47:33.389Z;desc=hit,rtt;dur=14
vary
Accept,User-Agent
content-length
4840
last-modified
Mon, 24 Jan 2022 16:00:02 GMT
server
Cloudinary
etag
"fb644a9c1efd8e951135b9730742708c"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
covid-19-5064282_1280_hzhhi4.jpg
daily-voice-res.cloudinary.com/image/upload/ar_1:1,c_fill,dpr_1,f_auto,g_faces,q_auto:eco,w_80/ 		614 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daily-voice-res.cloudinary.com/image/upload/ar_1:1,c_fill,dpr_1,f_auto,g_faces,q_auto:eco,w_80/covid-19-5064282_1280_hzhhi4.jpg
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
12569afdd652f18340e93e34bb43e3705c333777a1b8e5e4f2e47546fae6b7f6
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="covid-19-5064282_1280_hzhhi4.webp"
server-timing
fastly;dur=2;cpu=0;start=2022-01-24T18:47:33.389Z;desc=hit,rtt;dur=14
vary
Accept,User-Agent
content-length
614
last-modified
Wed, 08 Dec 2021 00:00:03 GMT
server
Cloudinary
etag
"7e820c155cea3eee894fb2dc1fd96991"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
hollywood-sign-1598473_1280_b8qq5c.jpg
daily-voice-res.cloudinary.com/image/upload/ar_1:1,c_fill,dpr_1,f_auto,g_faces,q_auto:eco,w_80/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daily-voice-res.cloudinary.com/image/upload/ar_1:1,c_fill,dpr_1,f_auto,g_faces,q_auto:eco,w_80/hollywood-sign-1598473_1280_b8qq5c.jpg
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
439d78d8716a93192ba439c5baa59f63f97ed7f48027dbc861156674dff36777
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="hollywood-sign-1598473_1280_b8qq5c.webp"
server-timing
fastly;dur=1;cpu=0;start=2022-01-24T18:47:33.391Z;desc=hit,rtt;dur=14
vary
Accept,User-Agent
content-length
2018
last-modified
Sat, 22 Jan 2022 16:00:23 GMT
server
Cloudinary
etag
"a160b85cc8271368b0c21d11a7908551"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
Nicole_Valinote_headshot_uafrpr.jpg
daily-voice-res.cloudinary.com/image/upload/c_fill,g_face,h_40,w_40/ 		790 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daily-voice-res.cloudinary.com/image/upload/c_fill,g_face,h_40,w_40/Nicole_Valinote_headshot_uafrpr.jpg
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
86b3c4b288e5bc08199fcae000013c8326b5f34bd3bd1e6ee1353d212669f7a8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Jul 2021 15:33:00 GMT
server
Cloudinary
etag
"cb9c801297ddda70971d865229e0f6b6"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
server-timing
fastly;dur=1;start=2022-01-24T18:47:33.391Z;desc=hit,rtt;dur=14
accept-ranges
bytes
timing-allow-origin
*
content-length
790
Screen_Shot_2021-12-21_at_11.04.33_AM_fcet6k.jpg
daily-voice-res.cloudinary.com/image/upload/ar_1:1,c_fill,dpr_1,f_auto,g_faces,q_auto:eco,w_80/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daily-voice-res.cloudinary.com/image/upload/ar_1:1,c_fill,dpr_1,f_auto,g_faces,q_auto:eco,w_80/Screen_Shot_2021-12-21_at_11.04.33_AM_fcet6k.jpg
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
9a7f7771cfb350d8c0557875b7e45ec78cd0827afddabc82cacd3e4f8b1aca3e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="Screen_Shot_2021-12-21_at_11.04.33_AM_fcet6k.webp"
server-timing
fastly;dur=2;cpu=0;start=2022-01-24T18:47:33.391Z;desc=hit,rtt;dur=14
vary
Accept,User-Agent
content-length
8092
last-modified
Tue, 21 Dec 2021 20:19:48 GMT
server
Cloudinary
etag
"0238439158f62c743a53fdc130bb8b7d"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
271949480_4861291957296556_5966096195486755593_n_pbdptp.jpg
daily-voice-res.cloudinary.com/image/upload/ar_1:1,c_fill,dpr_1,f_auto,g_faces,q_auto:eco,w_80/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daily-voice-res.cloudinary.com/image/upload/ar_1:1,c_fill,dpr_1,f_auto,g_faces,q_auto:eco,w_80/271949480_4861291957296556_5966096195486755593_n_pbdptp.jpg
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
0281664dd2acfdc2e0a81413b2399b5c2118debc2d5c5cb78bbbc003f24f910d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="271949480_4861291957296556_5966096195486755593_n_pbdptp.webp"
server-timing
fastly;dur=1;cpu=0;start=2022-01-24T18:47:33.391Z;desc=hit,rtt;dur=14
vary
Accept,User-Agent
content-length
1398
last-modified
Tue, 18 Jan 2022 20:00:02 GMT
server
Cloudinary
etag
"87bcddeb6b644054f3281cd2344e56d3"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
newsnet-photo-fid-3088095.jpg
daily-voice-res.cloudinary.com/image/upload/ar_1:1,c_fill,dpr_1,f_auto,g_faces,q_auto:eco,w_80/ 		664 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daily-voice-res.cloudinary.com/image/upload/ar_1:1,c_fill,dpr_1,f_auto,g_faces,q_auto:eco,w_80/newsnet-photo-fid-3088095.jpg
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
961bbe2091344e671fdc5ccfb9d23892141ec5efec6dbff56419a37f2c2fbb1b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="newsnet-photo-fid-3088095.webp"
server-timing
fastly;dur=1;cpu=0;start=2022-01-24T18:47:33.391Z;desc=hit,rtt;dur=14
vary
Accept,User-Agent
content-length
664
last-modified
Sat, 22 Jan 2022 16:00:36 GMT
server
Cloudinary
etag
"dfbc0181f158ce6a795002f95388d5ec"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
common_ylkonb.js
daily-voice-res.cloudinary.com/raw/upload/v1642534946/dynamic/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daily-voice-res.cloudinary.com/raw/upload/v1642534946/dynamic/common_ylkonb.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
25d485776d392aa8419cac261fa252195ded130261772e5447397b895344a545
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
br
last-modified
Tue, 18 Jan 2022 19:42:27 GMT
server
Cloudinary
etag
W/"59845d38bf211d5855a0adc17eb1aaac"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary
cache-control
public, no-transform, immutable, max-age=31557600
server-timing
fastly;dur=1;cpu=0;start=2022-01-24T18:47:33.392Z;desc=hit,rtt;dur=14
strict-transport-security
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
content-length
77933
ccpa-liveramp.js
ccpa-wrapper.privacymanager.io/ccpa/ff42a9f2-125b-40bb-a362-3a504e7353c7/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccpa-wrapper.privacymanager.io/ccpa/ff42a9f2-125b-40bb-a362-3a504e7353c7/ccpa-liveramp.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b3:1c00:3:f9b0:4040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a30d597b887245f03e9b93c73beb736bb3ea5f96bd26b041540dfffa81246cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 23:26:16 GMT
content-encoding
gzip
age
69678
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="ccpa-liveramp.js"
last-modified
Tue, 08 Sep 2020 18:52:06 GMT
server
AmazonS3
etag
W/"fe9eca399f8bba28d973a9c8f99e590c"
vary
Accept-Encoding
x-amz-version-id
QAa0hwC4_BoqCTI31iX5Toe3fMhAfzrc
via
1.1 6b8db06427c7e39e9e30be778e233838.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
content-type
text/javascript
x-amz-cf-id
oxaOO2AnutYVLcc_qiaO_AOwd63vH-3suIIKo9s1i9mpVQtc7C3YFw==
grumi-ip.js
rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:d600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47cca8baf879070d282bd67a06c822b14d7d844ddd2e0d772fc393fc593fa645

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 17:47:29 GMT
content-encoding
br
last-modified
Sun, 09 Jan 2022 08:21:39 GMT
server
AmazonS3
age
3605
etag
W/"5d1b77816a376edca7332425223ed8c6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
n2E3l9FhX_KA.NBvNcXChPsZXzxgC7rh
via
1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
cache-control
public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
OhEBA1mqhCmPk4ucYURz9FJ94CS5lcqT42z0t8HOnuL3out30Ygm2Q==
a-00ex.min.js
b-code.liadm.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-00ex.min.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ZIO-Http /
Resource Hash
96409880e108e121cd844d02e12cfbfc6efee61acaf8a00eff02e45dde269504

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 15:57:38 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
server
ZIO-Http
age
10195
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
FRA6-C1
content-encoding
gzip
x-amz-cf-id
76QKfHjJXb-yKnGMlFY5ZxY7Uicft9WD4-OnCm8bbFowjZ77h0iBEQ==
public_qhto1v.js
daily-voice-res.cloudinary.com/raw/upload/v1642534944/dynamic/ 		171 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daily-voice-res.cloudinary.com/raw/upload/v1642534944/dynamic/public_qhto1v.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
3737cf9f8496a4f555141da7069ba2bfd5b4c8db95d2f24d724413eaba228a4f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
br
last-modified
Tue, 18 Jan 2022 19:42:25 GMT
server
Cloudinary
etag
W/"2fb784d869b14998270b43d0587acd8e"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary
cache-control
public, no-transform, immutable, max-age=31557600
server-timing
fastly;dur=1;start=2022-01-24T18:47:33.392Z;desc=hit,rtt;dur=14
strict-transport-security
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
content-length
49750
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyB5kIm2RDdQ85S5eYuUXQRbOxsNNQjFNkI&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://dailyvoice.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
pubfig.min.js
a.pub.network/dailyvoice-com/ 		118 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/dailyvoice-com/pubfig.min.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
053f95942fe3a0a8de6b157941d29cbab8570f1fe21823d88e8b0e70ffc9e9af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=DBF4Nw==, md5=7BWusBVvhJwhP67JjS7tkg==
date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
76550
x-guploader-uploadid
ADPycdso6ybLuFHsKdbn3bymxkPvFL9JwB2lITtrI2niszBB-RGWyMsJSjdni5KVfeQC3ehMvSPJeaQrvYYAzQayyioFL4UVFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Thu, 23 Dec 2021 17:06:20 GMT
server
cloudflare
etag
W/"ec15aeb0156f849c213faec98d2eed92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RAlWLMc7nhTgUGQJXxemZ%2FsGgTawIvXLFNZKR5fUCMby%2B5ZrtzQlPvSUEhyqqTQ3MWCwnZ9j6rmBvZgvfiWdD8EVfleKeRCGlvDW5zfmipDLeLSyh1i22R1%2BCzXSeHkoHNbLfdTh%2B2CGtE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1640279180402886
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
120876
cf-ray
6d2b6e52f9a469eb-MAD
expires
Sun, 23 Jan 2022 21:32:43 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4359
date
Mon, 24 Jan 2022 17:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 24 Jan 2022 19:34:54 GMT
gtm.js
www.googletagmanager.com/ 		101 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T5CPN2G
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
79f2f9f9d5a6f81f04c92d0eb625c832d0d70f3efc41db1bdc9906f717f340f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36898
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 18:24:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Jan 2022 18:47:33 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26187
x-xss-protection
0
pragma
public
x-fb-debug
Bm8iCcxkAXxkp4IKXJuNj1svn+C3DB4E6pAN/4ae+mW70YfP9c45GU+ZtX78ugze241g1cM7MdMq506bdtBHLQ==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 24 Jan 2022 18:47:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
google-play.svg
res.cloudinary.com/daily-voice/image/upload/v1/static/ 		1 KB
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/daily-voice/image/upload/v1/static/google-play.svg
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1642534948/dynamic/public_zatrwh.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
9ee7d9f8e5d3c6dfa344ba2cd352da17acf8f5c6a8065349b094caf6a2a0ccfe
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daily-voice-res.cloudinary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="google-play.svg"
server-timing
fastly;dur=1;cpu=0;start=2022-01-24T18:47:33.596Z;desc=hit,rtt;dur=14
vary
Accept-Encoding
content-length
509
last-modified
Tue, 19 Jun 2018 06:37:37 GMT
server
Cloudinary
etag
W/"9b649ad06a3e80861a7e5ca03dad06c9"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
apple-icon-white.svg
res.cloudinary.com/daily-voice/image/upload/v1/static/ 		1 KB
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/daily-voice/image/upload/v1/static/apple-icon-white.svg
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1642534948/dynamic/public_zatrwh.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
7383a0e8f344704002797c756d99471f2f51cc4604e05605ed2778cac4ff6662
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daily-voice-res.cloudinary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="apple-icon-white.svg"
server-timing
fastly;dur=2;cpu=0;start=2022-01-24T18:47:33.597Z;desc=hit,rtt;dur=14
vary
Accept-Encoding
content-length
570
last-modified
Tue, 19 Jun 2018 06:37:15 GMT
server
Cloudinary
etag
W/"344d0b445d6c0d5684ee5554e605d210"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
icons-10192016.woff2
daily-voice-res.cloudinary.com/raw/upload/v1438260550/static/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://daily-voice-res.cloudinary.com/raw/upload/v1438260550/static/fonts/icons-10192016.woff2
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1642534948/dynamic/public_zatrwh.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
3dcff22576afe55b8b9f2f2b9be42b5fe5b41e2c72b5f61c7441f84c64ed8815
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://daily-voice-res.cloudinary.com/raw/upload/v1642534948/dynamic/public_zatrwh.css
Origin
https://dailyvoice.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
last-modified
Wed, 19 Oct 2016 20:44:46 GMT
server
Cloudinary
etag
"8197f0b31d5a8349cb8c747eab001471"
strict-transport-security
max-age=604800
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing
cache-control
public, no-transform, immutable, max-age=31557600
content-disposition
attachment; filename="icons-10192016.woff2"
server-timing
fastly;dur=2;cpu=1;start=2022-01-24T18:47:33.622Z;desc=hit,rtt;dur=14
accept-ranges
bytes
timing-allow-origin
*
content-length
22392
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-116.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 04:29:57 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
51461
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
hBX_FIrudbbAUQXCA3YAXtfaPh4nn2FSCfvGKvdajuHbbMeP2xQ_nQ==
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 31 Jan 2022 18:47:33 GMT
analytics-1.5.12.min.js
cdn.keywee.co/dist/
Redirect Chain
  • https://cdn.keywee.co/dist/analytics.min.js
  • https://cdn.keywee.co/dist/analytics-1.5.12.min.js
22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
2600:9000:2315:2200:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:39:13 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 09:55:56 GMT
server
AmazonS3
age
86901
etag
W/"13a05c433850fad0455e2ee1a1707eb0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
cache-control
max-age=259200,public
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
_VBAE9s3hwlqcKbzXmZGbr7yzGFZQARPYlfDLQ40r7AZSmPhUI_mlw==

Redirect headers

date
Mon, 24 Jan 2022 11:47:47 GMT
via
1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
server
AmazonS3
age
25186
x-cache
RefreshHit from cloudfront
location
/dist/analytics-1.5.12.min.js
x-amz-cf-pop
DUS51-P2
content-length
0
x-amz-cf-id
zOyVbrpTswFG2de3JbwfXNmd_NRl5QoslXzWiVQj4vlJeHSMxsID3g==
ats.js
ats.rlcdn.com/ 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-74.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 10:24:19 GMT
content-encoding
gzip
age
30195
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
vary
Accept-Encoding
x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA6-C1
content-type
application/x-javascript
x-amz-cf-id
BFH1jpIa2oeuJF8u1eljYHwRND_bmba5KUGvgo1Mlw0AZiB8U39q8Q==
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab281418008d9a4af09efecb9f6b5c2c2df84b6f5e587416340c8786fcf00631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27073
x-xss-protection
0
server
sffe
etag
"1111 / 876 of 1000 / last-modified: 1643049547"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 24 Jan 2022 18:47:33 GMT
Prebid6.5.0_20211230.js
daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/ 		304 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
d577257aee17f276c14925a8ad6bc548c586bfb77941e04cec1b12d3f22179f4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
br
last-modified
Fri, 31 Dec 2021 01:49:30 GMT
server
Cloudinary
etag
W/"3759f59ecd9a9b0611136f176cd4c0c1"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary
cache-control
public, no-transform, immutable, max-age=31557600
server-timing
fastly;dur=1;start=2022-01-24T18:47:33.655Z;desc=hit,rtt;dur=14
strict-transport-security
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
content-length
85244
ccpa.bundle.js
ccpa.privacymanager.io/1/ 		131 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccpa.privacymanager.io/1/ccpa.bundle.js
Requested by
Host: ccpa-wrapper.privacymanager.io
URL: https://ccpa-wrapper.privacymanager.io/ccpa/ff42a9f2-125b-40bb-a362-3a504e7353c7/ccpa-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1400:9:dc53:cc00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6175d081940061cb96a2e8c9c90887b6f603361fe584bb053761581a36cb908

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
S55.q4LHTQasxIIGmk7UfPvyt9yqJHGy
content-encoding
br
etag
W/"7f5aef4d639402ac1025ddfa0b62c5d8"
age
59689
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/CCPALibrary-prod:a6c91178-f8bd-4f06-8ae8-e76e8e3a3629
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
cb289bc810fc195ae8814bb681f582bb
last-modified
Tue, 16 Nov 2021 19:24:49 GMT
server
AmazonS3
date
Mon, 24 Jan 2022 02:12:45 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
74033cf5ad3c6b4675a2f160d9899f764650cd888b96172f921de07f527a8f56
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-type
application/x-javascript
x-amz-cf-id
JxD5TueLIMXWcEzyEzaJu5Rk5dWzeMpokqe3YPZA3TmxqgonzTdq-Q==
grumi.js
rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/ 		421 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:d600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fba324acdc914e76c2fcf8de211bc315dca79754b83a66c14ddc7b8e56eb777

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:21 GMT
content-encoding
br
last-modified
Mon, 24 Jan 2022 18:18:30 GMT
server
AmazonS3
age
13
etag
W/"718343bb82f970032fc862c2dd0f7825"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
7H74J0Iy_aMxMg5_iQsXlLOFYuDl5WsO
via
1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
DUS51-P2
content-type
text/javascript
x-amz-cf-id
KVyHQAvBTiB36-Oz_E2uByyjfkRO8ArJ8fAj2mOW84U1TM-Ip8NjRQ==
sync-container.js
b-code.liadm.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
CQKQeFXs_ero.dSxGj8yyrCkT6TzPcRS
content-encoding
gzip
etag
W/"ae5e94de938b0387eda6df8f20da811a"
last-modified
Wed, 02 Jun 2021 16:15:01 GMT
server
AmazonS3
age
1611543
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
date
Thu, 06 Jan 2022 03:08:31 GMT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
Y8XhwE3tGlXSzLpy74UPs2EOljjl2khO45UA2moTM1o8PRBrIre40w==
ad_status.js
static.doubleclick.net/instream/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1642534944/dynamic/public_qhto1v.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:33:50 GMT
x-content-type-options
nosniff
age
823
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Jan 2022 18:48:50 GMT
support_icon.svg
res.cloudinary.com/daily-voice/image/upload/v1/static/ 		1 KB
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/daily-voice/image/upload/v1/static/support_icon.svg
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1642534948/dynamic/public_zatrwh.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
e877b423181eec5220876224daff0a9a5b521976e91a2f6f2a783526e880011f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daily-voice-res.cloudinary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="group-3-copy-4.svg"
server-timing
fastly;dur=1;cpu=0;start=2022-01-24T18:47:33.711Z;desc=hit,rtt;dur=14
vary
Accept-Encoding
content-length
568
last-modified
Tue, 14 Jul 2020 09:58:07 GMT
server
Cloudinary
etag
W/"19732d7290bbc3ffe8e3f0177347a5ba"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
load.js
s.ntv.io/serve/ 		389 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1642534944/dynamic/public_qhto1v.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.29.148 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-148.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e43093c06c8f9c7b919924e29e95936ea776f462adf4c1a7bb8b8714f3907d21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:33 GMT
Content-Encoding
gzip
x-amz-request-id
47Z1CVWCKNQAX3KZ
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
wiJ901Lg1UM/4r4P/3znS7E5dquubTAnVtNHPSJ8X9OdvFqC5unlxXVWFZJFXnoDoKSRKTwWVkY=
Last-Modified
Thu, 13 Jan 2022 19:51:28 GMT
Server
AmazonS3
ETag
"62f0fc828fa7fc16f48e5d93db315540"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
dailyvoice.com/new-york/bedford/initial_readnext_widget_articles/ 		1 KB
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dailyvoice.com/new-york/bedford/initial_readnext_widget_articles/?readnext_widget_pks[]=824351,820647,824356
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1642534946/dynamic/common_ylkonb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.251.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-251-150.compute-1.amazonaws.com
Software
nginx/1.21.5 /
Resource Hash
f4bb6021b6843cc2fd676a37fa9d7c25b5eb244dc1245d0f984cf4a24d02f4f7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: blob: https: gap: gap-iab: 'unsafe-inline' 'unsafe-eval'; form-action https:
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
X-Requested-With
XMLHttpRequest
dpr
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: blob: https: gap: gap-iab: 'unsafe-inline' 'unsafe-eval'; form-action https:
content-encoding
gzip
vary
Accept-Encoding
server
nginx/1.21.5
age
0
x-frame-options
SAMEORIGIN
date
Mon, 24 Jan 2022 18:47:33 GMT
content-security-policy-report-only
default-src data: blob: https: gap: gap-iab: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://dailyvoice.report-uri.com/r/d/csp/reportOnly
content-type
application/json
via
1.1 varnish-v4
x-varnish
3310549
accept-ranges
bytes
content-length
510
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1642534946/dynamic/common_ylkonb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-121.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Mon, 24 Jan 2022 18:47:33 GMT
x-host
s7.addthis.com
content-length
116406
init
d.pub.network/v2/ 		35 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/init?siteId=1876&env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/dailyvoice-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
102666ec0f0f9a85d101f1196a41fa003d6513dbc29e217dff7c19f3bec6b7c9

Request headers

Accept
application/json, text/plain, */*
Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://dailyvoice.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=20236510&ns__t=1643050053769&ns_c=UTF-8&cv=3.5&c8=Merrill%20Lynch%20Fires%20Fairfield%20County%20Man%20Charged%20After%20Smoothie%20Shop%20Tirade%2C%20Rep...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20236510&ns__t=1643050053769&ns_c=UTF-8&cv=3.5&c8=Merrill%20Lynch%20Fires%20Fairfield%20County%20Man%20Charged%20After%20Smoothie%20Shop%20Tirade%2C%20Re...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=20236510&ns__t=1643050053769&ns_c=UTF-8&cv=3.5&c8=Merrill%20Lynch%20Fires%20Fairfield%20County%20Man%20Charged%20After%20Smoothie%20Shop%20Tirade%2C%20Report%20Says%20%7C%20Bedford%20Daily%20Voice&c7=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&c9=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
99.86.3.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-116.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
mB70YXvwhUD9QJXxF84gmB_Gb13Y_jXP_qbdoVannm3bpsjIYI7yKw==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 24 Jan 2022 18:47:33 GMT
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=20236510&ns__t=1643050053769&ns_c=UTF-8&cv=3.5&c8=Merrill%20Lynch%20Fires%20Fairfield%20County%20Man%20Charged%20After%20Smoothie%20Shop%20Tirade%2C%20Report%20Says%20%7C%20Bedford%20Daily%20Voice&c7=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&c9=
content-length
428
x-amz-cf-id
8MfjWSic_SLFeaC1nbxBlICHuOiOHqtVWA8qppdt8eGVz-JpP2Nt6Q==
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-21621912-1&cid=1472240163.1643050054&jid=292687535&gjid=1004130414&_gid=1402017682.1643050054&_u=YGBAgEABAAAAAE~&z=282247285
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 24 Jan 2022 18:47:33 GMT
content-type
text/plain
access-control-allow-origin
https://dailyvoice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=495657011&t=pageview&_s=1&dl=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ul=en-us&de=UTF-8&dt=Merrill%20Lynch%20Fires%20Fairfield%20County%20Man%20Charged%20After%20Smoothie%20Shop%20Tirade%2C%20Report%20Says%20%7C%20Bedford%20Daily%20Voice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=292687535&gjid=1004130414&cid=1472240163.1643050054&tid=UA-21621912-1&_gid=1402017682.1643050054&cd7=dv&cd10=824516&z=707030030
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jan 2022 21:29:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
76664
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1732630646777229
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1732630646777229?v=2.9.49&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e34387daeac6b996f830c4d294e898e8aa9e0655084ba1fde85c26a81342e0c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
BzVzAdlqLNfJ8KDUVYnKw7VBpyh9lPDhqKMX8thRadN7Tlgm6hLZ1f1FlQrUQs19KAUrP3hfxqZKdihJvfim5g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 24 Jan 2022 18:47:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
geo.privacymanager.io/ 		28 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 05:02:33 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront), 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
age
49500
x-amzn-requestid
80463fa9-1130-43a8-9e03-ee37333dc9bd
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61ee32e9-24ff45d20dc0f5c1253b0ef8;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA53-C1
x-amz-apigw-id
MbzkfEsFjoEF2aw=
content-length
28
x-amz-cf-id
azFhtc8zTLXkMkB_V0Zd_Yly8kVJ8_wHtMnlkqRIwdkcsg5tw9jPBA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
pubads_impl_2022011901.js
securepubads.g.doubleclick.net/gpt/ 		354 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011901.js?31064243
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
e1344ea2156a6b0b09a4913347837e591318113b94c14b0651aa92a4cd97b62c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:11:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88557
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122168
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 09:34:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 23 Jan 2023 18:11:36 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		158 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=dailyvoice.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
483255e54e25ace47093a662d0d256a5d320a1ab2c5a3f881a352e06832e8410
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108
x-xss-protection
0
expires
Mon, 24 Jan 2022 18:47:33 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1643050053849&aid=a-00ex&se=e30&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fi...
  • https://rp4.liadm.com/j?dtstmp=1643050053849&aid=a-00ex&se=e30&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-f...
13 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1643050053849&aid=a-00ex&se=e30&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&wpn=lc-bundle&c=PHRpdGxlPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXMgfCBCZWRmb3JkIERhaWx5IFZvaWNlPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQSBGYWlyZmllbGQgQ291bnR5IG1hbiB3aG8gaXMgZmFjaW5nIGNoYXJnZXMgYWZ0ZXIgYXV0aG9yaXRpZXMgc2FpZCBoZSB5ZWxsZWQgYW5kIHRocmV3IGEgZHJpbmsgYXQgZW1wbG95ZWVzIG9mIGFuIGFyZWEgc21vb3RoaWUgc2hvcCBoYXMgYmVlbiBmaXJlZCBmcm9tIGhpcyBqb2IgYXQgTWVycmlsbCBMeW5jaCwgYWNjb3JkaW5nIHRvIGEgbmV3IHJlcG9ydC5KYW1lcyBJYW5uYXp6bywgYWdlIDQ4LCBvZiBGYWlyZmnigKYiPjxoMSBjbGFzcz0iZS1hcnRpY2xlLXRpdGxlIiBqcy1hcnRpY2xlLXRpdGxlPSIiPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXM8L2gxPg&i6=MjAwMToxYjYwOjEwMTA6MjoxMDEyOjYwZmU6MjZlNzo1YWQw&n3pc=true
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.5.181.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-181-6.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
x-pixel-event-id
067f88c2-efcf-44a6-9571-c5a31a146e81
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
request-time
1
vary
Origin
content-length
13
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
fe8373ee36b31b49

Redirect headers

date
Mon, 24 Jan 2022 18:47:34 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1643050053849&aid=a-00ex&se=e30&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&wpn=lc-bundle&c=PHRpdGxlPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXMgfCBCZWRmb3JkIERhaWx5IFZvaWNlPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQSBGYWlyZmllbGQgQ291bnR5IG1hbiB3aG8gaXMgZmFjaW5nIGNoYXJnZXMgYWZ0ZXIgYXV0aG9yaXRpZXMgc2FpZCBoZSB5ZWxsZWQgYW5kIHRocmV3IGEgZHJpbmsgYXQgZW1wbG95ZWVzIG9mIGFuIGFyZWEgc21vb3RoaWUgc2hvcCBoYXMgYmVlbiBmaXJlZCBmcm9tIGhpcyBqb2IgYXQgTWVycmlsbCBMeW5jaCwgYWNjb3JkaW5nIHRvIGEgbmV3IHJlcG9ydC5KYW1lcyBJYW5uYXp6bywgYWdlIDQ4LCBvZiBGYWlyZmnigKYiPjxoMSBjbGFzcz0iZS1hcnRpY2xlLXRpdGxlIiBqcy1hcnRpY2xlLXRpdGxlPSIiPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXM8L2gxPg&i6=MjAwMToxYjYwOjEwMTA6MjoxMDEyOjYwZmU6MjZlNzo1YWQw&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://dailyvoice.com
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
99f510a00202bca2
request-time
1
content-length
0
x-content-type-options
nosniff
tag.min.js
get.s-onetag.com/21151f2e-6fc8-4e5d-881a-18a0f86778a8/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/21151f2e-6fc8-4e5d-881a-18a0f86778a8/tag.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3e8e8d88c917fd57be612b6d862cb3b451ce13a2da4b5d9ef1b905952d4d0b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
LgyD4F_.FEJoiYEyNELpzvHX2mlLbwTu
content-encoding
gzip
last-modified
Mon, 15 Nov 2021 18:40:40 GMT
server
AmazonS3
age
49810
etag
W/"b05f8df1ab6cdae68b86780311009d06"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 24 Jan 2022 05:21:01 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
_flZofaxxhabwJNDJOhD6AA7ZynxX5jM13vi77rNxcLuaBBCh4W9Tw==
rules-p-Ce0yyn5JGuMFX.js
rules.quantcount.com/ 		2 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Ce0yyn5JGuMFX.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:e000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:27:54 GMT
via
1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
server
AmazonS3
age
1179
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-P2
content-length
2
x-amz-cf-id
mS9zG_m_1NbpuxqC5Q3HotThMwS1ndTBcRDzj8kv-7s4IrQMJWgq1A==
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-21621912-1&cid=1472240163.1643050054&jid=292687535&_u=YGBAgEABAAAAAE~&z=859539504
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-21621912-1&cid=1472240163.1643050054&jid=292687535&_u=YGBAgEABAAAAAE~&z=859539504
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
865.js
cdn.keywee.co/config/ 		208 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/config/865.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:2200:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d8136095fa1dfbdb9c5465f58f704e70ef92f05a49177c027d4a66dfcc777ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 05:58:13 GMT
via
1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
last-modified
Tue, 23 Apr 2019 15:32:27 GMT
server
AmazonS3
age
46160
etag
"c290dcd80b5975b746da517ea43f5714"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-pop
DUS51-P2
content-length
208
x-amz-cf-id
Njgm7hw9mWasVTY3kI6-IENpKvzAgK7tJZe6lIsV1oAKQpUoY0L_5Q==
/
geo.privacymanager.io/ 		28 B
591 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ccpa.privacymanager.io
URL: https://ccpa.privacymanager.io/1/ccpa.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept
application/json
Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Jan 2022 05:02:33 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront), 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
age
49500
x-amzn-requestid
80463fa9-1130-43a8-9e03-ee37333dc9bd
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61ee32e9-24ff45d20dc0f5c1253b0ef8;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA53-C1
x-amz-apigw-id
MbzkfEsFjoEF2aw=
content-length
28
x-amz-cf-id
cXxkkrwq8mF2rbOkDsfepV_fM5-SOh7IHAsixaa-JUO1FLx4qVfosQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-113.fra53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://dailyvoice.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Mon, 24 Jan 2022 18:47:33 GMT
x-amzn-requestid
7aa41c36-ab3c-4bc7-9ddb-3899b7330285
access-control-allow-origin
*
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
Mdsa8HUfDoEFwuw=
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront), 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1 FRA53-C1
x-cache
Miss from cloudfront
x-amz-cf-id
nujNFiAuZaJhlSuMNydacfO9GWfuMKtV2YB36itDSyPEJzhJ4wHnxg==
sp-2.9.1.js
cdn.keywee.co/dist/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/dist/sp-2.9.1.js
Requested by
Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:2200:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 02:25:59 GMT
content-encoding
gzip
last-modified
Sun, 14 Oct 2018 12:37:03 GMT
server
AmazonS3
age
30730894
etag
W/"e0e6c30dc2f18c8cee12448a4cbb07eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
n3zC3Esayd5dYaj1n-D_Q_FIi3Yu_A8w4q0WmOYjUypaAcEsO5mViA==
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.30.13 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-30-13.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
E880451BA994640A
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=24559
accept-ranges
bytes
content-length
948
x-amz-id-2
g48kfJZ1LDfwCY+hKucKHwOEQccxMwTRQc86H8DNT9MI1VyS34GvzBN90qGYIKnsTc9op8vunqY=
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1643050053984&aid=a-00ex&se=e30&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fi...
  • https://rp4.liadm.com/j?dtstmp=1643050053984&aid=a-00ex&se=e30&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-f...
13 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1643050053984&aid=a-00ex&se=e30&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&wpn=lc-bundle&c=PHRpdGxlPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXMgfCBCZWRmb3JkIERhaWx5IFZvaWNlPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQSBGYWlyZmllbGQgQ291bnR5IG1hbiB3aG8gaXMgZmFjaW5nIGNoYXJnZXMgYWZ0ZXIgYXV0aG9yaXRpZXMgc2FpZCBoZSB5ZWxsZWQgYW5kIHRocmV3IGEgZHJpbmsgYXQgZW1wbG95ZWVzIG9mIGFuIGFyZWEgc21vb3RoaWUgc2hvcCBoYXMgYmVlbiBmaXJlZCBmcm9tIGhpcyBqb2IgYXQgTWVycmlsbCBMeW5jaCwgYWNjb3JkaW5nIHRvIGEgbmV3IHJlcG9ydC5KYW1lcyBJYW5uYXp6bywgYWdlIDQ4LCBvZiBGYWlyZmnigKYiPjxoMSBjbGFzcz0iZS1hcnRpY2xlLXRpdGxlIiBqcy1hcnRpY2xlLXRpdGxlPSIiPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXM8L2gxPg&i6=MjAwMToxYjYwOjEwMTA6MjoxMDEyOjYwZmU6MjZlNzo1YWQw&n3pc=true
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.5.181.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-181-6.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
x-pixel-event-id
45262a9b-1aff-4620-a689-bd3e63e6c559
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
request-time
1
vary
Origin
content-length
13
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
4ae787131c12017e

Redirect headers

date
Mon, 24 Jan 2022 18:47:34 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1643050053984&aid=a-00ex&se=e30&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&wpn=lc-bundle&c=PHRpdGxlPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXMgfCBCZWRmb3JkIERhaWx5IFZvaWNlPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQSBGYWlyZmllbGQgQ291bnR5IG1hbiB3aG8gaXMgZmFjaW5nIGNoYXJnZXMgYWZ0ZXIgYXV0aG9yaXRpZXMgc2FpZCBoZSB5ZWxsZWQgYW5kIHRocmV3IGEgZHJpbmsgYXQgZW1wbG95ZWVzIG9mIGFuIGFyZWEgc21vb3RoaWUgc2hvcCBoYXMgYmVlbiBmaXJlZCBmcm9tIGhpcyBqb2IgYXQgTWVycmlsbCBMeW5jaCwgYWNjb3JkaW5nIHRvIGEgbmV3IHJlcG9ydC5KYW1lcyBJYW5uYXp6bywgYWdlIDQ4LCBvZiBGYWlyZmnigKYiPjxoMSBjbGFzcz0iZS1hcnRpY2xlLXRpdGxlIiBqcy1hcnRpY2xlLXRpdGxlPSIiPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXM8L2gxPg&i6=MjAwMToxYjYwOjEwMTA6MjoxMDEyOjYwZmU6MjZlNzo1YWQw&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://dailyvoice.com
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
27b623064eca47e8
request-time
0
content-length
0
x-content-type-options
nosniff
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		642 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
612c7b01931bfac69a1f356162df1a71fa5140e516506e40483b5d1e6282eccc

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://dailyvoice.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
642
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		304 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17526&site_id=173454&zone_id=839168&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&tg_i.pbadslot=%2F33043040%2Fatf_leaderboard&tk_flint=pbjs_lite_v6.5.0&x_source.tid=0426a8b7-b617-410f-a0da-ec9d1ff74738&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F33043040%2Fatf_leaderboard&slots=1&rand=0.2213747080182804
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5aac7c411d0a6750ab5658ef82dab4977e2f802f615fa2265febc5df3929dd91

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:34 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://dailyvoice.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
304
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17526&site_id=173454&zone_id=839174&size_id=15&alt_size_ids=10&p_pos=btf&rf=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&tg_i.pbadslot=%2F33043040%2Fbtf_rectangle&tk_flint=pbjs_lite_v6.5.0&x_source.tid=1220b809-c492-41d9-b66d-2e9ef32262b9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F33043040%2Fbtf_rectangle&slots=1&rand=0.6300317777680464
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
dd63cda5f47c82a71fba7f87683696309fdb03e1ce9674903936196fbdf9f753

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:34 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://dailyvoice.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
1784
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17526&site_id=173454&zone_id=839170&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&tg_i.pbadslot=%2F33043040%2Fatf_rectangle&tk_flint=pbjs_lite_v6.5.0&x_source.tid=036c114c-d30e-4105-ae1c-cdf60e943f5b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F33043040%2Fatf_rectangle&slots=1&rand=0.15261062931121083
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5529076c7677c36a57b69e178fbc123f05d2df4c5190abf95e297835f2140224

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:34 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://dailyvoice.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
1780
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17526&site_id=173454&zone_id=839174&size_id=15&alt_size_ids=10&p_pos=btf&rf=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&tg_i.pbadslot=%2F33043040%2Fbtf_rectangle&tk_flint=pbjs_lite_v6.5.0&x_source.tid=e14a82a5-4fe2-48b7-a8ab-5456b67a4842&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F33043040%2Fbtf_rectangle&slots=1&rand=0.5989011670634123
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e3a1f5100b5cbf4107962b2d555192b2758ba08ba2338a53c36ab8cc63b817bb

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:34 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://dailyvoice.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
1781
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		300 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17526&site_id=173454&zone_id=839174&size_id=15&alt_size_ids=10&p_pos=btf&rf=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&tg_i.pbadslot=%2F33043040%2Fbtf_rectangle&tk_flint=pbjs_lite_v6.5.0&x_source.tid=2efc7523-0a27-4630-872f-4a59755a88b5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F33043040%2Fbtf_rectangle&slots=1&rand=0.019158211840883066
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b9c533818be16cb1f1365acc02a339e1b9ec299ac2607fd0a41ca543d9757612

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:34 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://dailyvoice.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
300
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		299 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17526&site_id=173454&zone_id=839168&size_id=2&alt_size_ids=55&p_pos=btf&rf=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&tg_i.pbadslot=%2F33043040%2Fsticky_footer&tk_flint=pbjs_lite_v6.5.0&x_source.tid=997e266e-576d-4713-a78f-230b4e10d091&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F33043040%2Fsticky_footer&slots=1&rand=0.6121188406933098
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
74f4633cec15bcab11bcff4d8d37bb1616e328468d7e6f51aaee3f36e1c55871

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:34 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://dailyvoice.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
299
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:34 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:34 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:34 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:34 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:34 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:34 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:34 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:34 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:34 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:34 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:34 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:34 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:34 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:34 GMT
access-control-allow-credentials
true
vary
Origin
cygnus
htlb.casalemedia.com/ 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=242765&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223083d98a580e332%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A6%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A6%2C%22ren%22%3Afalse%2C%22version%22%3A%226.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2231aa105ca779365%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22242765%22%2C%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fatf_leaderboard%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22242765%22%2C%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fatf_leaderboard%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22242765%22%2C%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fatf_leaderboard%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fatf_leaderboard%22%2C%22gpid%22%3A%22%2F33043040%2Fatf_leaderboard%22%7D%7D%2C%7B%22id%22%3A%22346a8de8068714%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22242768%22%2C%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fbtf_rectangle%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22242768%22%2C%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fbtf_rectangle%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fbtf_rectangle%22%2C%22gpid%22%3A%22%2F33043040%2Fbtf_rectangle%22%7D%7D%2C%7B%22id%22%3A%223603a7c3b150ece%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22242766%22%2C%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fatf_rectangle%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22242766%22%2C%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fatf_rectangle%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fatf_rectangle%22%2C%22gpid%22%3A%22%2F33043040%2Fatf_rectangle%22%7D%7D%2C%7B%22id%22%3A%2238eb2827928bd07%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22242768%22%2C%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fbtf_rectangle%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22242768%22%2C%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fbtf_rectangle%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fbtf_rectangle%22%2C%22gpid%22%3A%22%2F33043040%2Fbtf_rectangle%22%7D%7D%2C%7B%22id%22%3A%2240c9342aa006758%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22242768%22%2C%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fbtf_rectangle%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22242768%22%2C%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fbtf_rectangle%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fbtf_rectangle%22%2C%22gpid%22%3A%22%2F33043040%2Fbtf_rectangle%22%7D%7D%2C%7B%22id%22%3A%2242bd78d77a086e6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22242765%22%2C%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fsticky_footer%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22242765%22%2C%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fsticky_footer%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F33043040%2Fsticky_footer%22%2C%22gpid%22%3A%22%2F33043040%2Fsticky_footer%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4cc8b9da37155252aebed17a23fe8e12ceda380ae1a652e13acef29d4719d290

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.184], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://dailyvoice.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Mon, 24 Jan 2022 18:47:34 GMT
bid
ap.lijit.com/rtb/ 		94 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.5.0
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
00d1a0fdd85c93e4200880e286f39b23606bbbd933f1269943dfbc6ef68541e6

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 24 Jan 2022 18:47:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://dailyvoice.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
adreq
ads.servenobid.com/ 		849 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=2510
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f413d5ba96b3d7333f3066cbcdfbc93eb6d1977365f75a4b351e172fa6e0c6d2

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://dailyvoice.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUR0N35X
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0be74972c956ec687acd1dcba5a1b4f641652ce66df21a0a6564328faf6bdf9b

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://dailyvoice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bid-request
a.teads.tv/hb/ 		16 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://dailyvoice.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 24 Jan 2022 18:47:34 GMT
xhr
pre.ads.justpremium.com/v/2.0/t/ 		43 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1643050054015
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.92.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-92-225.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
715c92bfb32c51bd83cae45ba58e4970fffcc4f719638859c9e51ff5be4597b3

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:34 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
p
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/p?dtstmp=1643050053984&aid=a-00ex&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-...
  • https://rp4.liadm.com/p?dtstmp=1643050053984&aid=a-00ex&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop...
43 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rp4.liadm.com/p?dtstmp=1643050053984&aid=a-00ex&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ae=eyJtZXNzYWdlIjoie1wiYXBwSWRcIjpbXCJhLTAwZXhcIixudWxsXSxcIndyYXBwZXJOYW1lXCI6W1wibGMtYnVuZGxlXCIsXCJwcmViaWRcIl0sXCJjb2xsZWN0b3JVcmxcIjpbXCJodHRwczovL3JwLmxpYWRtLmNvbVwiLG51bGxdfSIsIm5hbWUiOiJMQ0R1cGxpY2F0aW9uIiwic3RhY2tUcmFjZSI6IkNvbmZpZ1NlbnQ6IEFkZGl0aW9uYWwgY29uZmlndXJhdGlvbiByZWNlaXZlZFxuICAgIGF0IGh0dHBzOi8vZGFpbHktdm9pY2UtcmVzLmNsb3VkaW5hcnkuY29tL3Jhdy91cGxvYWQvdjE2NDA5MTUyMjIvc3RhdGkuLi4ifQ&wpn=lc-bundle&c=PHRpdGxlPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXMgfCBCZWRmb3JkIERhaWx5IFZvaWNlPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQSBGYWlyZmllbGQgQ291bnR5IG1hbiB3aG8gaXMgZmFjaW5nIGNoYXJnZXMgYWZ0ZXIgYXV0aG9yaXRpZXMgc2FpZCBoZSB5ZWxsZWQgYW5kIHRocmV3IGEgZHJpbmsgYXQgZW1wbG95ZWVzIG9mIGFuIGFyZWEgc21vb3RoaWUgc2hvcCBoYXMgYmVlbiBmaXJlZCBmcm9tIGhpcyBqb2IgYXQgTWVycmlsbCBMeW5jaCwgYWNjb3JkaW5nIHRvIGEgbmV3IHJlcG9ydC5KYW1lcyBJYW5uYXp6bywgYWdlIDQ4LCBvZiBGYWlyZmnigKYiPjxoMSBjbGFzcz0iZS1hcnRpY2xlLXRpdGxlIiBqcy1hcnRpY2xlLXRpdGxlPSIiPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXM8L2gxPg&i6=MjAwMToxYjYwOjEwMTA6MjoxMDEyOjYwZmU6MjZlNzo1YWQw&n3pc=true
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.5.181.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-181-6.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
x-pixel-event-id
27aadf16-7c7b-4d56-af80-7e521e2024ac
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
vary
Origin
x-frame-options
DENY
content-type
image/gif
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
0f1558c3700179c7
request-time
1
content-length
43
x-content-type-options
nosniff

Redirect headers

date
Mon, 24 Jan 2022 18:47:34 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
vary
Origin
x-frame-options
DENY
location
https://rp4.liadm.com/p?dtstmp=1643050053984&aid=a-00ex&tna=v2.3.0&pu=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ae=eyJtZXNzYWdlIjoie1wiYXBwSWRcIjpbXCJhLTAwZXhcIixudWxsXSxcIndyYXBwZXJOYW1lXCI6W1wibGMtYnVuZGxlXCIsXCJwcmViaWRcIl0sXCJjb2xsZWN0b3JVcmxcIjpbXCJodHRwczovL3JwLmxpYWRtLmNvbVwiLG51bGxdfSIsIm5hbWUiOiJMQ0R1cGxpY2F0aW9uIiwic3RhY2tUcmFjZSI6IkNvbmZpZ1NlbnQ6IEFkZGl0aW9uYWwgY29uZmlndXJhdGlvbiByZWNlaXZlZFxuICAgIGF0IGh0dHBzOi8vZGFpbHktdm9pY2UtcmVzLmNsb3VkaW5hcnkuY29tL3Jhdy91cGxvYWQvdjE2NDA5MTUyMjIvc3RhdGkuLi4ifQ&wpn=lc-bundle&c=PHRpdGxlPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXMgfCBCZWRmb3JkIERhaWx5IFZvaWNlPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQSBGYWlyZmllbGQgQ291bnR5IG1hbiB3aG8gaXMgZmFjaW5nIGNoYXJnZXMgYWZ0ZXIgYXV0aG9yaXRpZXMgc2FpZCBoZSB5ZWxsZWQgYW5kIHRocmV3IGEgZHJpbmsgYXQgZW1wbG95ZWVzIG9mIGFuIGFyZWEgc21vb3RoaWUgc2hvcCBoYXMgYmVlbiBmaXJlZCBmcm9tIGhpcyBqb2IgYXQgTWVycmlsbCBMeW5jaCwgYWNjb3JkaW5nIHRvIGEgbmV3IHJlcG9ydC5KYW1lcyBJYW5uYXp6bywgYWdlIDQ4LCBvZiBGYWlyZmnigKYiPjxoMSBjbGFzcz0iZS1hcnRpY2xlLXRpdGxlIiBqcy1hcnRpY2xlLXRpdGxlPSIiPk1lcnJpbGwgTHluY2ggRmlyZXMgRmFpcmZpZWxkIENvdW50eSBNYW4gQ2hhcmdlZCBBZnRlciBTbW9vdGhpZSBTaG9wIFRpcmFkZSwgUmVwb3J0IFNheXM8L2gxPg&i6=MjAwMToxYjYwOjEwMTA6MjoxMDEyOjYwZmU6MjZlNzo1YWQw&n3pc=true
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
dbaae4ad70a8c779
request-time
2
content-length
0
x-content-type-options
nosniff
pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
a.pub.network/core/pubfig/ 		324 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
216ebb79c108ef2e3b4e366b7f7f24d6526ae7e72b7230bfb236ca5a844a3c60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=aeo4MA==, md5=m/T2/g+2/oNoWm3JL9/jHQ==
date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84236
x-guploader-uploadid
ADPycdvobpVCvEUpybGvyKnDZqM1S5opA-QR5x_Odqs5YUQzftHL5yUBjMpC876BbtmMvap5cvB000CoU2-eeW07WK7Gv1pfAQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Wed, 03 Nov 2021 19:07:25 GMT
server
cloudflare
etag
W/"9bf4f6fe0fb6fe83685a6dc92fdfe31d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nhCNCQLIQJZf%2FaS99xBnyDF99BwOue6%2FN8RmYDcuxbz%2BDzvbJbAHD%2Fvwv7salilm%2FHpoyHgyY8JrKomtP4Nwzt5nJ6dgrpmCUoWwd%2BlR%2BBmc9whbT4QLLoxqxp0KfdMCEd5HXJp557XqVs%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1635966445948173
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
332200
cf-ray
6d2b6e55d89769eb-MAD
expires
Sun, 23 Jan 2022 20:23:38 GMT
mailbox-gefd2129ab_1920_e4k8qv
daily-voice-res.cloudinary.com/image/upload/c_fill,h_80,q_auto:eco,w_80/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daily-voice-res.cloudinary.com/image/upload/c_fill,h_80,q_auto:eco,w_80/mailbox-gefd2129ab_1920_e4k8qv
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
50a0e3f796c26ee9bfafcbdab5de1c908b9d71c6e86faad36eaf2ad3b97b012c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 Jan 2022 20:01:41 GMT
server
Cloudinary
etag
"1c8d15fd7394e0ea89e8141f491e5623"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
server-timing
fastly;dur=2;cpu=1;start=2022-01-24T18:47:34.046Z;desc=hit,rtt;dur=14
accept-ranges
bytes
timing-allow-origin
*
content-length
2186
nwhc_man_to_man_kur3wx
daily-voice-res.cloudinary.com/image/upload/c_fill,h_80,q_auto:eco,w_80/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daily-voice-res.cloudinary.com/image/upload/c_fill,h_80,q_auto:eco,w_80/nwhc_man_to_man_kur3wx
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
2434f243928a504e6e2a063a52ad9384fea4404138ceb398be0d1ff6fce349e8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
x-content-type-options
nosniff
last-modified
Sat, 01 Jan 2022 08:50:45 GMT
server
Cloudinary
etag
"aed4b35ea0354da9af94446842b34f60"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
server-timing
fastly;dur=2;cpu=1;start=2022-01-24T18:47:34.048Z;desc=hit,rtt;dur=14
accept-ranges
bytes
timing-allow-origin
*
content-length
1669
Screen_Shot_2021-10-01_at_4.08.28_PM_l6arqg
daily-voice-res.cloudinary.com/image/upload/c_fill,h_80,q_auto:eco,w_80/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daily-voice-res.cloudinary.com/image/upload/c_fill,h_80,q_auto:eco,w_80/Screen_Shot_2021-10-01_at_4.08.28_PM_l6arqg
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
abc1f727b9aaf62bf0ee9a51212b74f860b4e543d05de50c9dd4ad9161b132c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Jan 2022 20:00:16 GMT
server
Cloudinary
etag
"eae93cc4783b8752e81a93ea16876dbf"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
server-timing
fastly;dur=1;cpu=0;start=2022-01-24T18:47:34.048Z;desc=hit,rtt;dur=14
accept-ranges
bytes
timing-allow-origin
*
content-length
5457
i
pixel.keywee.co/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.keywee.co/i?stm=1643050054055&e=pv&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&page=Merrill%20Lynch%20Fires%20Fairfield%20County%20Man%20Charged%20After%20Smoothie%20Shop%20Tirade%2C%20Report%20Says%20%7C%20Bedford%20Daily%20Voice&tv=js-2.9.1&tna=cf&aid=865&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&f_passive=1&f_wheel=wheel&eid=99ee5eaf-e6a9-4c7f-a9e8-962cef72a590&dtm=1643050054054&vp=1600x1200&ds=1600x2785&vid=1&sid=639f00ae-8af9-4ce0-ade9-b145fe351428&duid=7cd438b5-080e-4863-9374-dc039856698a&fp=3441833202
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.86.121.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-121-102.compute-1.amazonaws.com
Software
nginx/1.21.3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

status
200 OK
date
Mon, 24 Jan 2022 18:47:34 GMT
x-content-type-options
nosniff
server
nginx/1.21.3
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
t
jadserve.postrelease.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ntv_mvi
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
71113cae5401c6dd8ca0cd3f809fefe0817a92888884727194df6207ea4e192b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
1233
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
968 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/21151f2e-6fc8-4e5d-881a-18a0f86778a8/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-91.fra6.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 12:14:09 GMT
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront), 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
age
23605
x-amzn-requestid
34d57841-85ed-46d3-8015-1af85163c54b
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P3, FRA6-C1
x-amz-apigw-id
McyyuH14CYcFgvA=
content-length
555
x-amz-cf-id
w98KzR58LYlz7-A1jEedF54BsOZxlGyaD2IUo5HSyyVHB44cH6vegA==
beacon.min.js
signal-beacon.s-onetag.com/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 24 Jan 2022 02:31:47 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 13:26:48 GMT
server
AmazonS3
age
58548
etag
W/"ea838863b2b3bf40d1353c99808a5464"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
FFoz53cfgEbfQogHib76iTyL1K5X37BJ
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
osfozYBCVdD0TGIrPwCdy9LnTJwdNdbhYSxioD-lucrd1RV_Xa8zPA==
prebid.min.js
prebid.s-onetag.com/21151f2e-6fc8-4e5d-881a-18a0f86778a8/ Frame 8D75 		180 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebid.s-onetag.com/21151f2e-6fc8-4e5d-881a-18a0f86778a8/prebid.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/21151f2e-6fc8-4e5d-881a-18a0f86778a8/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c6745f8e5d7428106d7eb70e0c4e852d2bf45bf7d5f661673ef701abbfd68e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
9OrYfeK9nlowYWxLkItZ43HTlejMrea2
content-encoding
gzip
last-modified
Mon, 15 Nov 2021 18:38:50 GMT
server
AmazonS3
age
58843
etag
W/"cb83e23a050823b354844186d2801cb4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 24 Jan 2022 03:28:33 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
7BC-8Y0lutSLYuuNY0m5vAlWpv3zGrp5UE68VKFvPqYSJKk9QmUiHw==
prebid.min.js
prebid.s-onetag.com/21151f2e-6fc8-4e5d-881a-18a0f86778a8/ Frame 2912 		180 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebid.s-onetag.com/21151f2e-6fc8-4e5d-881a-18a0f86778a8/prebid.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/21151f2e-6fc8-4e5d-881a-18a0f86778a8/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c6745f8e5d7428106d7eb70e0c4e852d2bf45bf7d5f661673ef701abbfd68e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
9OrYfeK9nlowYWxLkItZ43HTlejMrea2
content-encoding
gzip
last-modified
Mon, 15 Nov 2021 18:38:50 GMT
server
AmazonS3
age
58843
etag
W/"cb83e23a050823b354844186d2801cb4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 24 Jan 2022 03:28:33 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
NHMIxyvvrCkyClJwclHm0n6r-Ka77D-hwlnpSdRnSMmUFp_ian2v0w==
records
dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/records
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-83.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://dailyvoice.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Mon, 24 Jan 2022 18:47:34 GMT
x-amzn-requestid
73760c86-3a63-4036-ba5e-690bf0d27fdd
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
MdsbCFGhoAMF6cQ=
access-control-allow-methods
GET,OPTIONS,POST
x-cache
Miss from cloudfront
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
MTZOqkI-psUR3Lm7FAQgLy3Fy-ATle7C2cbdunbBJ5h6ucNyua_wTA==
records
dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/ 		110 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/records
Requested by
Host: ccpa.privacymanager.io
URL: https://ccpa.privacymanager.io/1/ccpa.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-83.fra6.r.cloudfront.net
Software
/
Resource Hash
28a2355a76003134cddf94bb30440581d1682e7cf2058be0fea367243d34b102

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
e5ceddd1-5ca7-442d-a109-f7f4238a38bb
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61eef446-73901a1f393fa78c0542fade
x-amz-apigw-id
MdsbEFPBoAMFzOA=
content-length
110
x-amz-cf-id
3uQgsADG9wDweLPsvWYyQJtx266qaDyFJYnlA0HEr-w52KJIJ-Jcwg==
pixel;r=72915334;rf=0;a=p-Ce0yyn5JGuMFX;url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F8245...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=72915334;rf=0;a=p-Ce0yyn5JGuMFX;url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F;uht=2;fpan=1;fpa=P0-524623825-1643050054059;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;us_privacy=1---;ref=;d=dailyvoice.com;je=0;sr=1600x1200x24;dst=0;et=1643050054058;tzo=0;ogl=url.https%3A%2F%2Fdailyvoice%252Ecom%2Fconnecticut%2Fbrookfield%2Fnews%2Fmerrill-lynch-fires-fairfield%2Ctype.article%2Ctitle.Merrill%20Lynch%20Fires%20Fairfield%20County%20Man%20Charged%20After%20Smoothie%20Shop%20Tirade%252C%20Rep%2Cdescription.A%20Fairfield%20County%20man%20who%20is%20facing%20charges%20after%20authorities%20said%20he%20yelled%20an%2Csite_name.Bedford%20Daily%20Voice%2Cimage.https%3A%2F%2Fdaily-voice-res%252Ecloudinary%252Ecom%2Fimage%2Fupload%2Fc_limit%252Ce_sharpen%252Cf_auto%252Cq_a
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
integrator.js
adservice.google.se/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.se/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		127 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1899521091175501&correlator=770528254476538&output=ldjh&impl=fifs&eid=31064243%2C31063708%2C31061690&vrg=2022011901&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220124&iu_parts=33043040%2Cinterstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1643050054115&lmt=1643050054&dlt=1643050053180&idt=770&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=288153517&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1472240163.1643050054&ga_sid=1643050054&ga_hid=495657011&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011901.js?31064243
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
7b89f9cb314d6d0cc04c579eb9d81d7d8c345754daa9f41df611b80edcad839a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33547
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dailyvoice.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D6A3 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011901.js?31064243
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 24 Jan 2022 18:47:34 GMT
expires
Tue, 24 Jan 2023 18:47:34 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2022011901.js
securepubads.g.doubleclick.net/gpt/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022011901.js?cb=31064243
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011901.js?31064243
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
c4d3bb7501412910640b50392cc9e51316f91509b99cd5fb124d1363546191d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 23:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241195
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12991
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 09:34:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 21 Jan 2023 23:47:39 GMT
1143148579201165
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1143148579201165?v=2.9.49&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e1bd70b95d0e96f0203bfbc85842db3c5d296dfdf430756a7f32c5057750649c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
v42/BaeJDL56Kc6NpvcM4SjJAPJfT6WinRGjNzabUlLVL9TrirfY/Wf27qMxDDoXwbuSKJCLiUtkmsdd1UeUuw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 24 Jan 2022 18:47:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1732630646777229&ev=PageView&dl=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&rl=&if=false&ts=1643050054146&sw=1600&sh=1200&v=2.9.49&r=stable&ec=0&o=30&fbp=fb.1.1643050054145.479505056&it=1643050053794&coo=false&exp=p1&rqm=GET
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 24 Jan 2022 18:47:34 GMT
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.238.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.238.227.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-api-key
Origin
https://dailyvoice.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
access-control-allow-origin
https://dailyvoice.com
access-control-allow-credentials
true
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-max-age
3600
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
0
strict-transport-security
max-age=31536000;includeSubDomains;preload;
content-length
0
via
1.1 google
alt-svc
clear
pandg-sdk.js
pghub.io/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:36:29 GMT
content-encoding
gzip
age
665
x-guploader-uploadid
ADPycdt6ZDij15VuhIYQOuynhcw_Jl482rRhjREuiolrPzyCeTx0t6AOmIXW3naga4uFwfuWmxSAk-VCo6BVgyPXghBhHC6AdA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3637
last-modified
Mon, 22 Nov 2021 21:22:46 GMT
server
UploadServer
etag
"9f5012774da47c70284c82ae0ce443d7"
vary
Accept-Encoding
x-goog-hash
crc32c=oAHW2w==, md5=n1ASd02kfHAoTIKuDORD1w==
x-goog-generation
1637616166247508
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
3637
accept-ranges
bytes
content-type
application/javascript
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
152 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f5a17aec821167327706343c62b3a2935f407f62494dcebcbbf9bcff0bdf884

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d2b6e599c497443-LHR
date
Mon, 24 Jan 2022 18:47:34 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3031
etag
W/"670bf9b847c52a4a3803c861fc616e6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIOI5R4eTrKWxvvecHpJk6NUvq2WoBLEvORnqPeIO6ozAm71XOhUq%2FcwjN%2BriEgBH66JFG8IL3Zxu8ZnRS24j8k9ODrukXd%2Bl%2FRoTeQxCdVyuDRquJMwiaYAupK1j4VMe3L4kHQPB4zaXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800, must-revalidate
content-encoding
br

Redirect headers

date
Mon, 24 Jan 2022 18:47:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8LSzMLHbblNUe7tcZXAutt2%2FWjTWSpwI6fOfkyGuJ0GyqOx7TT2KlrW9uLN8YxObOq1Yfe7MwPPEqP%2BXeq7SQyQQ3Q5p9p87%2F5AnZ3uM2W%2BGSIFfEmVZNncoHS6GWOl4tqXJxKIiqYjc5aHCzA2rZZmPNRFJSpSE22pUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
6d2b6e5889e25aec-IAD
expires
Mon, 24 Jan 2022 19:47:34 GMT
184310-82987131453484.js
js-sec.indexww.com/ht/p/ 		0
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/184310-82987131453484.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jan 2022 18:15:20 GMT
Server
Apache
ETag
"904735-0-5d657f395e6ad"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1692
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
20
Expires
Mon, 24 Jan 2022 19:15:46 GMT
floors
api.floors.dev/sgw/v1/ 		968 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.238.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.238.227.35.bc.googleusercontent.com
Software
/
Resource Hash
8e32fc6573e7ec7f058e38f1c8361386af626d6bcb7c1da03012d6cb74ce10a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
via
1.1 google
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://dailyvoice.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=31536000;includeSubDomains;preload;
alt-svc
clear
expires
0
prebid-analytics-4.42.7.js
a.pub.network/core/ 		458 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-4.42.7.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
844d16730113c50876b1ea84b4ba3a56a4c0f115d04b8a25da0d558f1d799b00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=Chz8kg==, md5=qHN8a/kkUDZkU6QAridSuQ==
date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84184
x-guploader-uploadid
ADPycdug7jx2focQJMEACtuR02vuplhBZSrXGXY2Y3QI_f4-mI8XhspZecsiJXrE0wzQfBQ5IEJ7aoXTZqRWmrKyyxvxRoxLqA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
content-type
text/html
last-modified
Wed, 03 Nov 2021 15:36:10 GMT
server
cloudflare
etag
W/"a8737c6bf92450366453a400ae2752b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2qzCy7ooSHtBLXkAkpikYUtqFCx5XFKiZGG7qT1oLKGnETLa0JavZh%2F5C0dQscakZ7JX2iCoh28RlySRbcSAlljXDu9Ey11oLkWqE%2FjjDdNGpPhEjDUS7qrLy7P13rUcVhJzOkK5TJYdtQ%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1635953770715042
access-control-expose-headers
*
cache-control
private, max-age=86400
x-goog-stored-content-length
469259
cf-ray
6d2b6e56eb3369eb-MAD
expires
Mon, 23 Jan 2023 19:24:30 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
HFEsVPyG2xdk9_FYeN9qMCR4YggSwnaH
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
446
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1GP6MTTS7YBSCJX4R1BW
date
Mon, 24 Jan 2022 18:40:18 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
4B9WFIH_3oLbTQEu1uR1IlV_ozc-7ocwIIw69OJquABQGtFywkSUkg==
liveView.php
live.primis.tech/live/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=106981&cbuster=1643050054&pubUrl=https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/&x=700&y=476&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,864,1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
c4684b8f00fdd0715b78742569b257119ab7ee61e586a3614047f62dd3d022fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
freestar.js
dggaenaawxe8z.cloudfront.net/ic/audiencesegment/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dggaenaawxe8z.cloudfront.net/ic/audiencesegment/freestar.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.62.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-62-183.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ace5c7a57a33a8c21d81ff1ab27c6e2fb71d14c98f007bc9e990880063a32b42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:37:26 GMT
content-encoding
gzip
last-modified
Mon, 20 Dec 2021 06:25:02 GMT
server
AmazonS3
age
609
etag
W/"069b7e72e08ae247bc61b83397caaea1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
J3XGhHi-Hqj8D3HIUg7nVxCRo-quma4CmyGmh8PqAMqWGQYfCtxcPA==
/
www.facebook.com/tr/ 		44 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1143148579201165&ev=KWCEPV&dl=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&rl=&if=false&ts=1643050054359&cd[noad30]=1&cd[noadcm]=1&cd[nokart]=0&cd[pvps]=1&cd[slensec]=0&cd[ar30d]=1&cd[arcm]=1&cd[kar30d]=0&cd[karcm]=0&cd[ts30d]=0&cd[tscm]=0&cd[kru]=0&sw=1600&sh=1200&v=2.9.49&r=stable&ec=0&o=30&fbp=fb.1.1643050054145.479505056&it=1643050053794&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=2&exp=p1&rqm=GET
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 24 Jan 2022 18:47:34 GMT
/
www.facebook.com/tr/
Redirect Chain
  • https://www.facebook.com/tr/?id=1143148579201165&ev=PageView&dl=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirad...
  • https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516...
44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&dpo=LDU&dpoco=0&dpost=0&ec=1&ev=PageView&exp=p1&fbp=fb.1.1643050054145.479505056&id=1143148579201165&if=false&it=1643050053794&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=1&ts=1643050054361&v=2.9.49
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 24 Jan 2022 18:47:34 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/plain
location
/tr/?coo=false&dl=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&dpo=LDU&dpoco=0&dpost=0&ec=1&ev=PageView&exp=p1&fbp=fb.1.1643050054145.479505056&id=1143148579201165&if=false&it=1643050053794&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=1&ts=1643050054361&v=2.9.49
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
0
integrator.js
adservice.google.se/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.se/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		131 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1899521091175501&correlator=3650418285928775&output=ldjh&impl=fifs&eid=31064243%2C31063708%2C31061690&vrg=2022011901&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220124&iu_parts=33043040%2Catf_leaderboard%2Cbtf_rectangle%2Catf_rectangle%2Csticky_topright%2Csticky_footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%2C728x90%7C970x90&prev_scp=domains%3Dbedford.dailyvoice.com%26zones%3Dnews%26order_id%3DNONE%26line_item_id%3DNONE%26article_id%3D824516%26pv_count%3D1%26dv_bucket%3D3%7Cdomains%3Dbedford.dailyvoice.com%26zones%3Dnews%26order_id%3DNONE%26line_item_id%3DNONE%26article_id%3D824516%26pv_count%3D1%26dv_bucket%3D3%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.21%26hb_adid_rubicon%3D95aed0a2f396d8b%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.21%26hb_adid%3D95aed0a2f396d8b%26hb_bidder%3Drubicon%7Cdomains%3Dbedford.dailyvoice.com%26zones%3Dnews%26order_id%3DNONE%26line_item_id%3DNONE%26article_id%3D824516%26pv_count%3D1%26dv_bucket%3D3%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.21%26hb_adid_rubicon%3D968d3ba92108df%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.21%26hb_adid%3D968d3ba92108df%26hb_bidder%3Drubicon%7Cdomains%3Dbedford.dailyvoice.com%26zones%3Dnews%26order_id%3DNONE%26line_item_id%3DNONE%26article_id%3D824516%26pv_count%3D1%26dv_bucket%3D3%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.21%26hb_adid_rubicon%3D94daad3661cb74b%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.21%26hb_adid%3D94daad3661cb74b%26hb_bidder%3Drubicon%7Cdomains%3Dbedford.dailyvoice.com%26zones%3Dnews%26order_id%3DNONE%26line_item_id%3DNONE%26article_id%3D824516%26pv_count%3D1%26dv_bucket%3D3%7Cdomains%3Dbedford.dailyvoice.com%26zones%3Dnews%26order_id%3DNONE%26line_item_id%3DNONE%26article_id%3D824516%26pv_count%3D1%26dv_bucket%3D3%7Cdomains%3Dbedford.dailyvoice.com%26zones%3Dnews%26order_id%3DNONE%26line_item_id%3DNONE%26article_id%3D824516%26pv_count%3D1%26dv_bucket%3D3&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&dt=1643050054408&lmt=1643050054&dlt=1643050053180&idt=770&frm=20&biw=1600&bih=1200&oid=2&adxs=506%2C256%2C1196%2C1196%2C1196%2C650%2C436&adys=243%2C1448%2C709%2C1563%2C2510%2C2793%2C1155&adks=501843007%2C485156472%2C1929677364%2C4229798310%2C4229798311%2C187786690%2C2210575059&ucis=2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&vis=1&scr_x=0&scr_y=0&psz=1300x284%7C300x681%7C349x2275%7C349x2275%7C349x2275%7C1600x2793%7C1600x2793&msz=1300x284%7C300x250%7C348x649%7C348x299%7C348x299%7C1600x0%7C1600x-1&ga_vid=1472240163.1643050054&ga_sid=1643050054&ga_hid=495657011&ga_fc=true&fws=4%2C4%2C4%2C4%2C4%2C4%2C516&ohw=1300%2C300%2C348%2C348%2C348%2C1600%2C1600&btvi=0%7C1%7C0%7C2%7C3%7C4%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011901.js?31064243
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
0d963562cad9b1ea21405fd711b619f393e3f3ed0acdf8bda1c6dc97029322d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15791
x-xss-protection
0
google-lineitem-id
4600688078,4600306234,4600306237,5834624560,5745887195,5745878786,5745887192
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138227647201,138263044405,138262752074,138371217290,138356989977,138356942939,138356990010
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dailyvoice.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=866167&ntv_pl=1108768
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=72c83dc6-e171-459a-ade4-633eb8af2de0&ntv_fl=CF4se3gYGjAPzQcMJoAeWXxP_Ip9jtklRByAD80byHVks9cMxHGI196ldySK5PqPKZjaeI6fiExgWt2e-TOEcbl3q4xVKOukklczlCKhzgU3xKrjbWN3jVmlog2b5Ok3O2_7y_Jw9on0izm-byuf7EIJsfkJ5u2qLa6npuLr8QeoMDjE43YI0TQJOM_PFP9q5W4Q5H3n-D_Kwq2UAN5BWHP8ZKnlOhye5kaOpwZBJEbNawKKguPRZKeFKt0Cof2zeGgfKfdeRQh8fhrboiycMMuTj7ZehJ1YsHJHYRZnS8TzUZ-Dp7x4wnGP93Bdnz32Xcpj2Y56gVr4C1M_ucpkrw==&ntv_ht=RvTuYQA&ntv_at=303,302&ntv_a=AAAAAAAAAAIOsQA&ord=1643050054433&ntv_it
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=1e0b8f70-541f-4f0d-9422-edc96d67cb83&ntv_fl=CF4se3gYGjAPzQcMJoAeWaY2_oTOIKH-0K8Ze5k7XW_ENeE3j0Dz-TzRWHbi0ZR8WM6tH8fKhKjpWE99wLfVYR-_O_rsk5nnWZ6c-WILkpiFlPhR-hcYaEwlFvqrNBsWJdQZ_n_BDzdJAXk8HpwdqH1jb9uO2me1iqtW9yu9CT-eeTzf_WOSBWRNB6TNaLZFZERvY7--zsJDiu-6mR5As287EKdux2qjfrs-Wit12f5tbTVAXP6XsTgr413OXU94BjsdUbixnTWhYKJ14CQ8teBUqcsD0C4sGSEnoaPGdHemrF9Aj4jWwIwIhMDt9tO0diXDOFGYeRJJ5aJVeRu_NQ==&ntv_ht=RvTuYQA&ntv_at=303&ntv_a=AAAAAAAAAA7PkQA&ord=1643050054436&ntv_it
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1108768&ntv_gdpr_consent=&ntv_it
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
womptv2nm.js
cdn.krxd.net/controltag/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/womptv2nm.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e1023fc5b7b2cb762dd4ad14fcf4787fa945fca4a37518cd0d6b411c248dc201

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Mon, 24 Jan 2022 18:47:34 GMT
via
1.1 varnish, 1.1 varnish
age
464
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
3716
x-served-by
config-service-a005-ash-prod.krxd.net, cache-iad-kiad7000165-IAD, cache-hhn4055-HHN
x-response-time
0
x-do-esi
esi
x-timer
S1643050055.508085,VS0,VE0
etag
"fa213313d0f749c73627133b4ab4942a6489b2c7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 276
logs
uat5-a.investingchannel.com/ 		0
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat5-a.investingchannel.com/logs?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Requested by
Host: dggaenaawxe8z.cloudfront.net
URL: https://dggaenaawxe8z.cloudfront.net/ic/audiencesegment/freestar.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.0.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-0-26.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.12.v20180830) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
server
Jetty(9.4.12.v20180830)
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://dailyvoice.com
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
logs
uat5-a.investingchannel.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://uat5-a.investingchannel.com/logs?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.0.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-0-26.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.12.v20180830) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://dailyvoice.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
access-control-allow-origin
https://dailyvoice.com
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
server
Jetty(9.4.12.v20180830)
config
c.amazon-adsystem.com/cdn/prod/ 		662 B
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fdailyvoice.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a20ccaf6978bd71c43456b6bc78288abdc57c3b6fa987eecb2e9f59b69d384e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 14:46:15 GMT
via
1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
server
Server
age
14478
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://dailyvoice.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-P2
content-length
662
x-amz-cf-id
m6EBdhmtPaBlHz2EvWdVEIHjYgwom_zrqZRfJo9SRgwS0ve5lZmcAg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
59126
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Mon, 24 Jan 2022 02:22:08 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
_5hj8dyLMLHnZTIvI_4CsFiCbpEuiVxWmISYP_l2jJputiT92pnDvQ==
container.html
0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0761 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 18:47:34 GMT
expires
Tue, 24 Jan 2023 18:47:34 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Mon, 24 Jan 2022 19:02:34 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Mon, 24 Jan 2022 18:15:18 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10430
x-request-id
126714090
liveView.php
live.primis.tech/live/ Frame 20A3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=106981&cbuster=1643050054&pubUrl=https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/&x=700&y=476&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,864,1&cbuster=1643050054&pubUrlAuto=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=106981&cbuster=1643050054&pubUrl=https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/&x=700&y=476&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,864,1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
cba6a362646827ae42524a32bb5ec8ad26558f7f445bc3bf89f2dc633a6c3e22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/womptv2nm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
age
4821977
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
3575438
content-length
84509
x-served-by
cache-hhn4055-HHN
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1643050055.537838,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
css2
fonts.googleapis.com/ Frame 0761 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 17:36:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 24 Jan 2022 18:47:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Jan 2022 18:47:34 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0761 		205 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 20:41:08 GMT
x-content-type-options
nosniff
age
79586
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 23 Jan 2023 20:41:08 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0761 		604 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:25:06 GMT
x-content-type-options
nosniff
age
1348
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 24 Jan 2023 18:25:06 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/ Frame 0761 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b277171297bfc840b62b9f160060bf8fc630389b0dee3aadcbb0e855ac7ecbc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:34:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8104
x-xss-protection
0
server
cafe
etag
11153116566150069083
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 18:34:44 GMT
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 20A3 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=106981&cbuster=1643050054&pubUrl=https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/&x=700&y=476&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,864,1&cbuster=1643050054&pubUrlAuto=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 24 Jan 2023 18:47:33 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 20A3 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=106981&cbuster=1643050054&pubUrl=https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/&x=700&y=476&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,864,1&cbuster=1643050054&pubUrlAuto=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 24 Jan 2023 18:47:33 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 20A3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=106981&cbuster=1643050054&pubUrl=https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/&x=700&y=476&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,864,1&cbuster=1643050054&pubUrlAuto=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 24 Jan 2023 18:47:33 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame 20A3 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=106981&cbuster=1643050054&pubUrl=https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/&x=700&y=476&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,864,1&cbuster=1643050054&pubUrlAuto=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 24 Jan 2023 18:47:34 GMT
prebidVid.5.18.0_8.min.js
live.primis.tech/content/prebid/ Frame 20A3 		478 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=106981&cbuster=1643050054&pubUrl=https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/&x=700&y=476&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,864,1&cbuster=1643050054&pubUrlAuto=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5fb143acb6c2530794155476810cebbd511a5b51399ae7ed92f77e6bf7d2cf55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
gzip
last-modified
Thu, 20 Jan 2022 13:46:33 GMT
server
nginx
etag
W/"61e967b9-777e2"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 24 Jan 2023 18:47:33 GMT
liveVideo.php
live.primis.tech/live/ Frame 20A3 		637 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D32345F32307D7B7331363237333138347D7B4335377D7B535A47467062486C3262326C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B4C31303934347DFEFE&userIpAddr=84.19.175.184&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C864%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61eef44680d18&debugInfo=16273184_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16273184&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed28c9nkrqiplw&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10944&flowMode=both&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=dailyvoice.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=106981&cbuster=1643050054&pubUrl=https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/&x=700&y=476&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,864,1&cbuster=1643050054&pubUrlAuto=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a0c177e16bd4f72ed17c16b45eac82b8a338733375c4b3c2bdbb0c3486205da0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame E040 		805 B
826 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

last-modified
Tue, 21 Feb 2017 17:50:54 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
cache-control
public, max-age=315360000
expires
Fri, 19 Feb 2027 17:50:50 GMT
content-type
text/html
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding
gzip
accept-ranges
bytes
date
Mon, 24 Jan 2022 18:47:34 GMT
via
1.1 varnish
age
1708234
x-served-by
cache-hhn4055-HHN
x-cache
HIT
x-cache-hits
970769
x-timer
S1643050055.599821,VS0,VE0
vary
Accept-Encoding
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
525
882.json
id5-sync.com/g/v2/ 		213 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.46 , France, ASN16276 (OVH, FR),
Reverse DNS
p01.id5-sync.com
Software
/
Resource Hash
6f111f3099edaf5fe2a03405f547d407d6e9a0fc1fe55e94df90308679e15bab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://dailyvoice.com
Date
Mon, 24 Jan 2022 18:47:34 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
a-00ex
i.liadm.com/s/c/ Frame 5B4B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-00ex?s=&cim=&ps=true&ls=true&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.60.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-60-144.compute-1.amazonaws.com
Software
/
Resource Hash
83fbc6a42565281b05bdebfa658350be29d5a028f960f7fa7e3d93688391fd4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

Cache-Control
private, no-cache, max-age=0
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jan 2022 18:47:34 GMT
ETag
1.61803398874
Strict-Transport-Security
max-age=31536000; includeSubDomains
trace-id
cdba71d118091264
Vary
Accept-Encoding
Content-Length
638
Connection
keep-alive
4f0fd669188cad1c7ccc61140507409e.js
www.gstatic.com/mysidia/ Frame D23B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4f0fd669188cad1c7ccc61140507409e.js?tag=client_fast_engine_2019
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d6d254d04b4d7ed36b0cc3c11fbc46d4cf376428a1a110bb7e0617a3034ff64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 15:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3356
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 01:20:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 23 Apr 2022 15:42:15 GMT
8b63a7a81b6f18e94cb38611e7e405da.js
www.gstatic.com/mysidia/ Frame D23B 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b63a7a81b6f18e94cb38611e7e405da.js?tag=pingback
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7debeded2ce4396d68b238ac794f72190b46da88f73bc09110809da5ce42113c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 15:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5516
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 13:53:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 23 Apr 2022 15:42:15 GMT
css
fonts.googleapis.com/ Frame D23B 		8 KB
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 17:47:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 24 Jan 2022 18:47:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Jan 2022 18:47:34 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame D23B 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:44:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 18:44:18 GMT
e485ffd488b44fd3558b39d314f67b09.js
www.gstatic.com/mysidia/ Frame D23B 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e485ffd488b44fd3558b39d314f67b09.js?tag=analytics_pingback_2019
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd2002cdf21b9a1c068b3b6f24ece6d21d00ecdf3b14de9b37372425e8045e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 15:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2354
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 13:53:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 23 Apr 2022 15:42:15 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/ Frame D23B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/abg_lite_fy2019.js
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:45:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 18:45:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame D23B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:46:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 18:46:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D23B 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame D23B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 18:47:08 GMT
l
www.google.com/ads/measurement/ Frame D23B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-3HIvIyHqKv_fw7mIBYO1iOis4kLbFUr2_94Atrnowq3wacF9b-4T7MHrIp6UEHg1zmoEF_uxYD3X_ktcZI225Q3Fyg
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
fccbdb50d0e11463e1edb3d8fcf7c364.js
www.gstatic.com/mysidia/ Frame D23B 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 15:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11411
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 01:20:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 23 Apr 2022 15:42:15 GMT
womptv2nm.js
cdn.krxd.net/controltag/ Frame E040 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/womptv2nm.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e1023fc5b7b2cb762dd4ad14fcf4787fa945fca4a37518cd0d6b411c248dc201

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Mon, 24 Jan 2022 18:47:34 GMT
via
1.1 varnish, 1.1 varnish
age
465
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
3716
x-served-by
config-service-a005-ash-prod.krxd.net, cache-iad-kiad7000165-IAD, cache-hhn4055-HHN
x-response-time
0
x-do-esi
esi
x-timer
S1643050055.659636,VS0,VE0
etag
"fa213313d0f749c73627133b4ab4942a6489b2c7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 277
9427dd0d-835c-471c-a5db-ab01ae8a681c
consumer.krxd.net/consent/get/ 		249 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/9427dd0d-835c-471c-a5db-ab01ae8a681c?idt=device&dt=kxcookie&callback=Krux.ns.investingchannelinc.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5195609afbc1fca03f3200b50d97a90a8eb0e4652108db990a1aa9a1c9f7a0af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a006-dub-prod.krxd.net, cache-hhn4082-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1643050055.702504,VS0,VE27
content-length
199
x-cache-hits
0, 0
/
www.facebook.com/tr/ Frame 818F 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://dailyvoice.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://dailyvoice.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Mon, 24 Jan 2022 18:47:34 GMT
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame E040 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/womptv2nm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
age
4821977
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
3575439
content-length
84509
x-served-by
cache-hhn4055-HHN
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1643050055.723332,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
primisslate.css
live.primis.tech/content/video/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 10:07:25 GMT
server
nginx
etag
W/"5f3ba85d-45c8"
content-type
text/css
apstag.js
c.amazon-adsystem.com/aax2/ Frame 20A3 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D32345F32307D7B7331363237333138347D7B4335377D7B535A47467062486C3262326C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B4C31303934347DFEFE&userIpAddr=84.19.175.184&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C864%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61eef44680d18&debugInfo=16273184_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16273184&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed28c9nkrqiplw&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10944&flowMode=both&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=dailyvoice.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
HFEsVPyG2xdk9_FYeN9qMCR4YggSwnaH
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
446
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1GP6MTTS7YBSCJX4R1BW
date
Mon, 24 Jan 2022 18:40:18 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
EqpVLdatPBjM9DpYKLdM9d5JQFsu_Z17vinNHoCfGCzA3Xuo-gnZ3w==
css
fonts.googleapis.com/ Frame 19F0 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 17:14:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 24 Jan 2022 18:47:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Jan 2022 18:47:34 GMT
css
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 18:23:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 24 Jan 2022 18:47:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Jan 2022 18:47:34 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9853 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61eef44680d18%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=53794
expires
Tue, 25 Jan 2022 09:44:08 GMT
date
Mon, 24 Jan 2022 18:47:34 GMT
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame 94B5
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61eef44680d18%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61eef44680d18%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61eef44680d18&pixel=&advId=94&advUuid=182e719c-7d46-11ec-8199-1f0541440406
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61eef44680d18&pixel=&advId=94&advUuid=182e719c-7d46-11ec-8199-1f0541440406
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

server
nginx
date
Mon, 24 Jan 2022 18:47:33 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 24 Jan 2022 18:47:34 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61eef44680d18&pixel=&advId=94&advUuid=182e719c-7d46-11ec-8199-1f0541440406
X-fe
108
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cm
u.openx.net/w/1.0/ Frame 72CA 		43 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61eef44680d18%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
pragma
no-cache
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Mon, 24 Jan 2022 18:47:34 GMT
content-type
text/html
content-length
56
content-encoding
gzip
cache-control
private, max-age=0, no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync.html
s.console.adtarget.com.tr/ Frame 58C2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2906aa7f44a495b69aba6be117f6118157923203a5983ed20b52a70cdb54730c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

Server
VertaMedia 1.0
Date
Mon, 24 Jan 2022 18:47:34 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
884
Access-Control-Allow-Origin
https://dailyvoice.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame 20A3 		101 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwp4MDtyMxZ2nWRyo181ZTZyMDNxZzI1MmEmMmx5MmAjMmMlJTJGqzyxNwFyYwp3YTx0MTxjYTImNwxkMDtjMC5gpDQzqzyxX2NioaRyoaRsnWQ9MwA0ODt1NvZ2nWRsY29hqGVhqF9xZXNwPVN0YXJmK2V1oG9anXcyKlUlN0JuqCgPqXQeo2YeSGVfoCUlNlglo2NeZXIeTWVuqCgMo2FzJaZcZF9wo250ZW50X3RcqGkyPVN0YXJmK2V1oG9anXcyKlUlN0JuqCgPqXQeo2YeSGVfoCUlNlglo2NeZXIeTWVuqCgMo2FzJaZcZF9wo250ZW50X2R1pzF0nW9hPTEkMvZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTM4NlZ5PTIkOCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZxYWyfrXZinWNyLzNioSUlRz5yql15o3JeJTJGYzVxZz9lZCUlRz5yq3MyMxZgZXJlnWkfLWk5ozNbLWZcpzVmLWZunXJznWVfZC1wo3VhqHxgoWFhLWNbYXJaZWQgYWZ0ZXIgp21io3RbnWUgp2uipC10nXJuZGUgpzVjo3J0LXNurXMyMxY4MwQ1MTYyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmMTJEMmImNDVGMmImMDqEN0I3MmMkMmYmMwM3MmMmMTM4MmQ3RDqCNDMmNTM3N0Q3QwUmNUE0NmQ2NmA2MwQ4NxMmMwYlMmI2QmZBNUE1MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNmMjMmA3RDqCNTxmNDM3MmY3RDqCNwYmMTqEN0I0QmMkMmAmOTM0MmQ3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTt0LwE5LwE3NS4kODQzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx3LwAhNDY5Mv43MSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFzpzVyp3Rupv5wo20yMxM4NwQyMxMkJaBfYXyypxFjnUyxPWZlZWVmqGFlUHJcoWymUGkurWVlJzNmqXVcZD02MWVyZwQ0NwtjZDE4JzNvqXN0ZXI9MTY0MmA1MDA1NDp3OCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D32345F32307D7B7331363237333138347D7B4335377D7B535A47467062486C3262326C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B4C31303934347DFEFE&userIpAddr=84.19.175.184&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C864%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61eef44680d18&debugInfo=16273184_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16273184&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed28c9nkrqiplw&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10944&flowMode=both&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=dailyvoice.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
b47488c0a347cc3602f42d80d5b00fa6cde4f8d4873766007c6ef8214ebd7c90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://dailyvoice.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
9288
liveView.php
live.primis.tech/live/ Frame 20A3 		101 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwp4MDtyMxZ2nWRyo181ZTZyMDNxZzI1MmEmMmx5MmAjMmMlJTJGqzyxNwFyYwp3YTx0MTxjYTImNwxkMDtjMC5gpDQzqzyxX2NioaRyoaRsnWQ9MwA0ODt1NvZ2nWRsY29hqGVhqF9xZXNwPVN0YXJmK2V1oG9anXcyKlUlN0JuqCgPqXQeo2YeSGVfoCUlNlglo2NeZXIeTWVuqCgMo2FzJaZcZF9wo250ZW50X3RcqGkyPVN0YXJmK2V1oG9anXcyKlUlN0JuqCgPqXQeo2YeSGVfoCUlNlglo2NeZXIeTWVuqCgMo2FzJaZcZF9wo250ZW50X2R1pzF0nW9hPTEkMvZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZxYWyfrXZinWNyLzNioSUlRz5yql15o3JeJTJGYzVxZz9lZCUlRz5yq3MyMxZgZXJlnWkfLWk5ozNbLWZcpzVmLWZunXJznWVfZC1wo3VhqHxgoWFhLWNbYXJaZWQgYWZ0ZXIgp21io3RbnWUgp2uipC10nXJuZGUgpzVjo3J0LXNurXMyMxY4MwQ1MTYyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmMTJEMmImNDVGMmImMDqEN0I3MmMkMmYmMwM3MmMmMTM4MmQ3RDqCNDMmNTM3N0Q3QwUmNUE0NmQ2NmA2MwQ4NxMmMwYlMmI2QmZBNUE1MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNmMjMmA3RDqCNTxmNDM3MmY3RDqCNwYmMTqEN0I0QmMkMmAmOTM0MmQ3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTt0LwE5LwE3NS4kODQzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx3LwAhNDY5Mv43MSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFzpzVyp3Rupv5wo20yMxM4NwQyMxMkJaBfYXyypxFjnUyxPWZlZWVmqGFlUHJcoWymUGkurWVlJzNmqXVcZD02MWVyZwQ0NwtjZDE4JzNvqXN0ZXI9MTY0MmA1MDA1NDp3OSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D32345F32307D7B7331363237333138347D7B4335377D7B535A47467062486C3262326C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B4C31303934347DFEFE&userIpAddr=84.19.175.184&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C864%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61eef44680d18&debugInfo=16273184_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16273184&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed28c9nkrqiplw&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10944&flowMode=both&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=dailyvoice.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4bbff38497f030fd220c1b338d18b0ff2893bbfb33242a53db30594c126bbc83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://dailyvoice.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
9288
liveView.php
live.primis.tech/live/ Frame 20A3 		18 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwp4MDtyMxZ2nWRyo181ZTZyMDNxZzI1MmEmMmx5MmAjMmMlJTJGqzyxNwFyYwp3YTx0MTxjYTImNwxkMDtjMC5gpDQzqzyxX2NioaRyoaRsnWQ9MwA0ODt1NvZ2nWRsY29hqGVhqF9xZXNwPVN0YXJmK2V1oG9anXcyKlUlN0JuqCgPqXQeo2YeSGVfoCUlNlglo2NeZXIeTWVuqCgMo2FzJaZcZF9wo250ZW50X3RcqGkyPVN0YXJmK2V1oG9anXcyKlUlN0JuqCgPqXQeo2YeSGVfoCUlNlglo2NeZXIeTWVuqCgMo2FzJaZcZF9wo250ZW50X2R1pzF0nW9hPTEkMvZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTM4NlZ5PTIkOCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZxYWyfrXZinWNyLzNioSUlRz5yql15o3JeJTJGYzVxZz9lZCUlRz5yq3MyMxZgZXJlnWkfLWk5ozNbLWZcpzVmLWZunXJznWVfZC1wo3VhqHxgoWFhLWNbYXJaZWQgYWZ0ZXIgp21io3RbnWUgp2uipC10nXJuZGUgpzVjo3J0LXNurXMyMxY4MwQ1MTYyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmMTJEMmImNDVGMmImMDqEN0I3MmMkMmYmMwM3MmMmMTM4MmQ3RDqCNDMmNTM3N0Q3QwUmNUE0NmQ2NmA2MwQ4NxMmMwYlMmI2QmZBNUE1MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNmMjMmA3RDqCNTxmNDM3MmY3RDqCNwYmMTqEN0I0QmMkMmAmOTM0MmQ3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTt0LwE5LwE3NS4kODQzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx3LwAhNDY5Mv43MSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFzpzVyp3Rupv5wo20yMxM4NwQyMxMkJaBfYXyypxFjnUyxPWZlZWVmqGFlUHJcoWymUGkurWVlJzNmqXVcZD02MWVyZwQ0NwtjZDE4JzNvqXN0ZXI9MTY0MmA1MDA1NDp4NCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D32345F32307D7B7331363237333138347D7B4335377D7B535A47467062486C3262326C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B4C31303934347DFEFE&userIpAddr=84.19.175.184&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C864%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61eef44680d18&debugInfo=16273184_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16273184&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed28c9nkrqiplw&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10944&flowMode=both&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=dailyvoice.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
89f70970ad370a059a455ab6629d9f5250651d904deb142e552439cfd9e87372

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:33 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://dailyvoice.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
4494
chunklist_480.m3u8
video.primis.tech/uploads/cn19/video/users/hls/27808/video_5e6e03dfb5313399300332/vid61eb77a94190a236910800.mp4/ 		740 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn19/video/users/hls/27808/video_5e6e03dfb5313399300332/vid61eb77a94190a236910800.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
7b8d5695e597a10a80e83b037006cc2e79b618f60e82b40ed52688b49d007ced

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
740
last-modified
Sat, 22 Jan 2022 03:27:53 GMT
server
Tengine
etag
"c471e62108a49a65ef018e1468dfb261"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
YB9glig44IhqqF-SifVUfparIporFjc1Rt25Aj6gaxYICGT3qJWfOg==
expires
Mon, 07 Feb 2022 18:47:34 GMT
vid61eb77a94190a236910800_thumb.jpg
video.primis.tech/uploads/cn19/video/users/converted/27808/video_5e6e03dfb5313399300332/ Frame 19F0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn19/video/users/converted/27808/video_5e6e03dfb5313399300332/vid61eb77a94190a236910800_thumb.jpg?cbuster=1642821554
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
72ac9f97e538634bed3e8dbabbeecdc6fda12e5a62b74b0887cc046a58c13db1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
via
1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
last-modified
Sat, 22 Jan 2022 03:20:29 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"b1e03830564472ea257e4b9580950f1b"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 07 Feb 2022 18:47:34 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2061
x-amz-cf-id
ro1MqT_Aty031G9XeCOnEt9I2BADwilKEjPnjkkZcST3a3kNQGXNPw==
x-proxy-cache
HIT
vid61eb6bb2ba043529197545_thumb.jpg
video.primis.tech/uploads/cn19/video/users/converted/24485/video_5eca17c9ca7e0550517826/ Frame 19F0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn19/video/users/converted/24485/video_5eca17c9ca7e0550517826/vid61eb6bb2ba043529197545_thumb.jpg?cbuster=1642818485
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
e60ee726a501447378452996ab2396605f8275aecdf2ea5a0b1c74aca18b6b25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
via
1.1 7397dc13d196e27b3019bfb89d105ec4.cloudfront.net (CloudFront)
last-modified
Sat, 22 Jan 2022 02:29:50 GMT
server
Tengine
x-amz-cf-pop
HAM50-C2
etag
"7933916c3cb06d70abddf04ae4e1edaa"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 07 Feb 2022 18:47:34 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1999
x-amz-cf-id
SKYkYGI_GQBOxOKP6rEnY1VxALAUMrL5c8ZthF0Hic51HSxYvgZ__A==
x-proxy-cache
HIT
vid61ec1c77cbe6e219051734_thumb.jpg
video.primis.tech/uploads/cn19/video/users/converted/24485/video_5eca17c9ca7e0550517826/ Frame 19F0 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn19/video/users/converted/24485/video_5eca17c9ca7e0550517826/vid61ec1c77cbe6e219051734_thumb.jpg?cbuster=1642863739
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
6e7dddcfaf1e2f12641d9e92218c629fc538c69ffaeb67560294410b80f4d5d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
via
1.1 32f0eb698e97ecf6204fd04046b31898.cloudfront.net (CloudFront)
last-modified
Sat, 22 Jan 2022 15:03:53 GMT
server
Tengine
x-amz-cf-pop
HAM50-C2
etag
"f98643fc51b9e2bb0d6566563de89ec9"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 07 Feb 2022 18:47:34 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1370
x-amz-cf-id
Ok-ubLLOsaKIMromkFACsQoM1M-aJYBe-mMQbNtMdSToOrYxiTKgTw==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY0MmA1MDA1NCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA2OTtkJaN0YT0jJat9NmAjJax9NDp2JaZcZF9jYXNmRG9gYWyhPWRunWk5qz9cY2UhY29gJaN1YxyxPWRunWk5qz9cY2UhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmMTJEMmImNDVGMmImMDqEN0I3MmMkMmYmMwM3MmMmMTM4MmQ3RDqCNDMmNTM3N0Q3QwUmNUE0NmQ2NmA2MwQ4NxMmMwYlMmI2QmZBNUE1MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNmMjMmA3RDqCNTxmNDM3MmY3RDqCNwYmMTqEN0I0QmMkMmAmOTM0MmQ3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9ODQhMTxhMTp1LwE4NCZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nl4jLwQ2OTIhNmEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkZWVzNDQ2ODBxMTtzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY0MmA1MDA1NDp3MSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MWVyZwQ0NwxmYTMkJaB1YyVloD1bqHRjplUmQSUlRvUlRzRunWk5qz9cY2UhY29gJTJGozV3LXyipzfyMxZvZWRzo3JxJTJGozV3plUlRz1ypaJcoGjgoHyhY2tgZzylZXMgZzFcpzZcZWkxLWNiqW50rS1gYW4gY2uupzqyZC1uZaRypv1moW9iqGucZS1mnG9jLXRcpzFxZS1lZXBipaQgp2F5plUlRwtlNDUkNvUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
x.bidswitch.net/ Frame 20A3 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.210.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-210-171.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 20A3
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61eef44680d18%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61eef44680d18&pixel=&advId=93&advUuid=555260ef-c587-45f1-8ae0-c0f496aeb4c1
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61eef44680d18&pixel=&advId=93&advUuid=555260ef-c587-45f1-8ae0-c0f496aeb4c1
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61eef44680d18&pixel=&advId=93&advUuid=555260ef-c587-45f1-8ae0-c0f496aeb4c1
date
Mon, 24 Jan 2022 18:47:34 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame 20A3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61eef44680d18%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61eef44680d18%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61eef44680d18&pixel=&advId=99&advUuid=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61eef44680d18&pixel=&advId=99&advUuid=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61eef44680d18&pixel=&advId=99&advUuid=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Mon, 24 Jan 2022 18:47:35 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 20A3
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServl...
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofile...
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D7947142652086...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=794714265208637407289
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=794714265208637407289
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
18.66.248.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-43.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=794714265208637407289
cache-control
no-store
content-type
text/html; charset=utf-8
sync.php
pixel.rubiconproject.com/exchange/ Frame 20A3 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 20A3
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61eef44680d18%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D61eef44680d18%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61eef44680d18&pixel=&advId=105&advUuid=8766712360259569763
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61eef44680d18&pixel=&advId=105&advUuid=8766712360259569763
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
47f59476-29af-4f55-9c32-a3e4d505734b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61eef44680d18&pixel=&advId=105&advUuid=8766712360259569763
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid61eb77a94190a236910800.jpg
video.primis.tech/uploads/cn19/video/users/converted/27808/video_5e6e03dfb5313399300332/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn19/video/users/converted/27808/video_5e6e03dfb5313399300332/vid61eb77a94190a236910800.jpg?cbuster=1642821554
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
c62ac5deea8eff7f42ba627a30a69fe7e1f8466dbb66863f8e8c44b47c0ee237

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:34 GMT
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
last-modified
Sat, 22 Jan 2022 03:20:29 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"46f91099ccddb4cc7cba3606783fda9b"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 07 Feb 2022 18:47:34 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
13039
x-amz-cf-id
_ojjoPa-g7EFFvpCC-8-xlPYl6e_CppgR5pTDMhrJZXI0qSYgQB2DA==
x-proxy-cache
HIT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2E5B 		143 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Mon, 24 Jan 2022 18:03:51 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
2623
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
liveView.php
live.primis.tech/live/ Frame 20A3 		25 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwp4MDtyMxZ2nWRyo181ZTZyMDNxZzI1MmEmMmx5MmAjMmMlJTJGqzyxNwFyYwp3YTx0MTxjYTImNwxkMDtjMC5gpDQzqzyxX2NioaRyoaRsnWQ9MwA0ODt1NvZ2nWRsY29hqGVhqF9xZXNwPVN0YXJmK2V1oG9anXcyKlUlN0JuqCgPqXQeo2YeSGVfoCUlNlglo2NeZXIeTWVuqCgMo2FzJaZcZF9wo250ZW50X3RcqGkyPVN0YXJmK2V1oG9anXcyKlUlN0JuqCgPqXQeo2YeSGVfoCUlNlglo2NeZXIeTWVuqCgMo2FzJaZcZF9wo250ZW50X2R1pzF0nW9hPTEkMvZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZxYWyfrXZinWNyLzNioSUlRz5yql15o3JeJTJGYzVxZz9lZCUlRz5yq3MyMxZgZXJlnWkfLWk5ozNbLWZcpzVmLWZunXJznWVfZC1wo3VhqHxgoWFhLWNbYXJaZWQgYWZ0ZXIgp21io3RbnWUgp2uipC10nXJuZGUgpzVjo3J0LXNurXMyMxY4MwQ1MTYyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmMTJEMmImNDVGMmImMDqEN0I3MmMkMmYmMwM3MmMmMTM4MmQ3RDqCNDMmNTM3N0Q3QwUmNUE0NmQ2NmA2MwQ4NxMmMwYlMmI2QmZBNUE1MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNmMjMmA3RDqCNTxmNDM3MmY3RDqCNwYmMTqEN0I0QmMkMmAmOTM0MmQ3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTt0LwE5LwE3NS4kODQzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx3LwAhNDY5Mv43MSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFzpzVyp3Rupv5wo20yMxM4NwQyMxMkJaBfYXyypxFjnUyxPWZlZWVmqGFlUHJcoWymUGkurWVlJzNmqXVcZD02MWVyZwQ0NwtjZDE4JzNvqXN0ZXI9MTY0MmA1MDA1NDtlMvZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D32345F32307D7B7331363237333138347D7B4335377D7B535A47467062486C3262326C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B4C31303934347DFEFE&userIpAddr=84.19.175.184&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C864%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61eef44680d18&debugInfo=16273184_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16273184&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed28c9nkrqiplw&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10944&flowMode=both&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=dailyvoice.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
0d33510e158e7f32fce17557bd233f60bb576e491f6a88825f5132315ac92deb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://dailyvoice.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
4799
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 01:51:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jan 2022 01:51:47 GMT
px.gif
ad-delivery.net/ 		43 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.54396335416185
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Mon, 24 Jan 2022 18:47:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
354
x-guploader-uploadid
ADPycduPOZKNJ6xQd8FgBU1v1p6EeyzcuGofX7o3pEL_s7VvaT2P8IS1rWAA8jNfkff1A31fWfk8z44tFJCiDPJK-C6CPxcfpg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLHOuecKRpJB9UsyuJwlIUgb0gcvlJZCENnFQZmWpI1%2FtUmfHMDWMoBa05%2FsNsFpVKVrnK1S4PlpjomNhD%2B2ugx55UFuLD5gqZrXvYq4bE8DP9fq%2Ba7Huw1VuBDSKego1udU6fRUkXGmT1BeIA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
6d2b6e5bdc987774-LHR
expires
Mon, 24 Jan 2022 19:41:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dailyvoice.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 13:39:48 GMT
x-content-type-options
nosniff
age
277666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 21 Jan 2023 13:39:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 19F0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dailyvoice.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 13:39:48 GMT
x-content-type-options
nosniff
age
277666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 21 Jan 2023 13:39:48 GMT
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://dailyvoice.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://dailyvoice.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
translator
hbopenbid.pubmatic.com/ Frame 20A3 		0
0
openrtb
ads.adaptv.advertising.com/rtb/ Frame 20A3 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.244.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-244-174.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 20A3 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
x-openrtb-version
2.5
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:35 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
grumi.js
rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/ Frame C72F 		421 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:d600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fba324acdc914e76c2fcf8de211bc315dca79754b83a66c14ddc7b8e56eb777

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:21 GMT
content-encoding
br
last-modified
Mon, 24 Jan 2022 18:18:30 GMT
server
AmazonS3
age
15
etag
W/"718343bb82f970032fc862c2dd0f7825"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
7H74J0Iy_aMxMg5_iQsXlLOFYuDl5WsO
via
1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
DUS51-P2
content-type
text/javascript
x-amz-cf-id
hVPEqJ5TkSqzWPo1oY_H_Ku9Wpx7PceVPtNr0LKks39O9zCwotjjnA==
grumi.js
rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/ Frame D6C6 		421 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:d600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fba324acdc914e76c2fcf8de211bc315dca79754b83a66c14ddc7b8e56eb777

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:21 GMT
content-encoding
br
last-modified
Mon, 24 Jan 2022 18:18:30 GMT
server
AmazonS3
age
15
etag
W/"718343bb82f970032fc862c2dd0f7825"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
7H74J0Iy_aMxMg5_iQsXlLOFYuDl5WsO
via
1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
DUS51-P2
content-type
text/javascript
x-amz-cf-id
GmGSe4gpi1AiY0qObeb_uaQUDsHrbW_IoGRNwrAshTgShvjEeu0FYg==
grumi.js
rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/ Frame 0A00 		421 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:d600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fba324acdc914e76c2fcf8de211bc315dca79754b83a66c14ddc7b8e56eb777

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:21 GMT
content-encoding
br
last-modified
Mon, 24 Jan 2022 18:18:30 GMT
server
AmazonS3
age
15
etag
W/"718343bb82f970032fc862c2dd0f7825"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
7H74J0Iy_aMxMg5_iQsXlLOFYuDl5WsO
via
1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
DUS51-P2
content-type
text/javascript
x-amz-cf-id
gSK3E42U6bYZWdz5g4acOa8KmAzJbI-T89fki8NwjnxAEcmAi4bwsQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame D23B 		0
442 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyChwIASoYbGFyZ2UtYmFubmVyLXJkYS12YW5pbGxhCgoIAioGc2VydmVyCjIIBCoubXlzaWRpYV9hbmFseXRpY3NfZXhwMixwZXJmX3ZpZGVvX2NvbnRyb2wyXzEwcAoNECshAAAAAAAACEAwBAoNEAMhAAAA0Mz8ZEAwBAoNEA0hAAAAAKCZuT8wBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQKDRArIQAAAAAAABhAMAQKDRAQIQAAAAAAAAAAMAQKDRARIQAAAADAMdFAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAABBAMAQKDRAXIQAAAGhm1mtAMAQSGkNPX2N6N2FHeV9VQ0ZjSmM1UW9kbnh3R3RnIhp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/8b63a7a81b6f18e94cb38611e7e405da.js?tag=pingback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 4809 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://dailyvoice.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://dailyvoice.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Mon, 24 Jan 2022 18:47:35 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 20A3 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
59127
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Mon, 24 Jan 2022 02:22:08 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
lMB7TiqQ5Coh0x0Y15pWBhSR1XVlUkmUPXo3StmxgvjOrMkdG1-dLw==
w_480_00000.ts
video.primis.tech/uploads/cn19/video/users/hls/27808/video_5e6e03dfb5313399300332/vid61eb77a94190a236910800.mp4/ 		466 KB
467 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn19/video/users/hls/27808/video_5e6e03dfb5313399300332/vid61eb77a94190a236910800.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
eea17bbcff3ed99bceb977dbcc12b974c92efb9d41638146418bd2a34c63dfed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
via
1.1 ee327b50c68ee28ed3c41a10d5a0b1d4.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
content-length
477520
last-modified
Sat, 22 Jan 2022 03:27:53 GMT
server
Tengine
etag
"dace704f59fbecf2bfdd9346ec89ff74"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
cVlK2WDwpgs-pUF_mqq9z3I8gb1xVgOED5aDdhPcncf5EsNVGfQglg==
expires
Mon, 07 Feb 2022 18:47:35 GMT
9427dd0d-835c-471c-a5db-ab01ae8a681c
consumer.krxd.net/consent/get/ Frame E040 		234 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/9427dd0d-835c-471c-a5db-ab01ae8a681c?idt=device&dt=kxcookie&callback=Krux.ns.investingchannelinc.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af79908a73e251f3cb4f4d45f99cb192f0377d2c2a0f3383aab2900969758f9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a011-dub-prod.krxd.net, cache-hhn4082-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1643050055.099869,VS0,VE29
content-length
190
x-cache-hits
0, 0
container.html
0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4568 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 18:47:34 GMT
expires
Tue, 24 Jan 2023 18:47:34 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
grumi.js
rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/ Frame 7E3A 		421 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:d600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fba324acdc914e76c2fcf8de211bc315dca79754b83a66c14ddc7b8e56eb777

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:21 GMT
content-encoding
br
last-modified
Mon, 24 Jan 2022 18:18:30 GMT
server
AmazonS3
age
15
etag
W/"718343bb82f970032fc862c2dd0f7825"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
7H74J0Iy_aMxMg5_iQsXlLOFYuDl5WsO
via
1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
DUS51-P2
content-type
text/javascript
x-amz-cf-id
QQpRu0P8bO5KUOZyHrP4SaCfuoGg4RgVotbZfeWwTCDpyWNTueR85A==
grumi.js
rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/ Frame A4CA 		421 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:d600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fba324acdc914e76c2fcf8de211bc315dca79754b83a66c14ddc7b8e56eb777

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:21 GMT
content-encoding
br
last-modified
Mon, 24 Jan 2022 18:18:30 GMT
server
AmazonS3
age
15
etag
W/"718343bb82f970032fc862c2dd0f7825"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
7H74J0Iy_aMxMg5_iQsXlLOFYuDl5WsO
via
1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
DUS51-P2
content-type
text/javascript
x-amz-cf-id
2Yx11inBvEVY5J18P4R-7PePfnmJWneD3ev4xnKvPhYQv3OSHsf04A==
grumi.js
rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/ Frame BFFC 		421 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:d600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fba324acdc914e76c2fcf8de211bc315dca79754b83a66c14ddc7b8e56eb777

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:21 GMT
content-encoding
br
last-modified
Mon, 24 Jan 2022 18:18:30 GMT
server
AmazonS3
age
15
etag
W/"718343bb82f970032fc862c2dd0f7825"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
7H74J0Iy_aMxMg5_iQsXlLOFYuDl5WsO
via
1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
DUS51-P2
content-type
text/javascript
x-amz-cf-id
bw6Q0g7A5xbF37s3RGayVq-fve2m8jp8D_mUmcoTj_cP4vtsHzPw5A==
5609a0d2-d869-435b-952e-7baa4107124f
https://dailyvoice.com/ 		65 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dailyvoice.com/5609a0d2-d869-435b-952e-7baa4107124f
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
66258
Content-Type
text/javascript
pv
api.btloader.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=lVX0XNFse&w=5670947827744768&o=5714937848528896&cv=2.0.2-2-gfdc9054&r=false&pageURL=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
clear
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ Frame 8D75 		19 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: prebid.s-onetag.com
URL: https://prebid.s-onetag.com/21151f2e-6fc8-4e5d-881a-18a0f86778a8/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a23ed617-3108-4931-8362-5f746d2be553
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://dailyvoice.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 2912 		23 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.26.0&iv=ov
Requested by
Host: prebid.s-onetag.com
URL: https://prebid.s-onetag.com/21151f2e-6fc8-4e5d-881a-18a0f86778a8/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
615dd827b8cc758ad58f5ebb01905fecab155ce23da98f4754832830ff96e406

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://dailyvoice.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
init
gw.geoedge.be/api/ Frame C72F 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.210.209.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-209-200.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame C72F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssj2HeLHJS2lsSTeL2QlKFCVNHFOKlsZIRaweb6jjfJO-wM1Kcfm8YZoextupixjvy0ZJ-liROW0tZqXftVzlcQmrPflpeiRBG4jEWViDE-5sc9jUpxp0qnGHIjHZh6t9fq0vg5YNXHO7lCgi1kSWLtjeNgjysSN35uC798gkGQ5XMbpORvj1HsgxXaP6bCQhBnXz0LaCuU_1THTMtqpYEVmmw0emJDbjvwWisMyfPQwqgganBXe7t7BK_mYbaYPDNCALsidIKJ1zqgI9cjIKNRh_HLFFykdsbTKRXT2ngmhcFGKN-s1NAmjNs-WZ18FXgb65BgJGAVGQ&sai=AMfl-YSPwD1ep_l38EOBd-y8aQWjDHm3mrIXdOdrhlFYysJR-Asi9_7qyts1-IcBnqTeJENFt0HtEknYfecWFHTFp8c8-EmwDl-Xb2DG9iHnZgGy8lf1A-6my_arhjURcW0&sig=Cg0ArKJSzPzswsYCYnGSEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 24 Jan 2022 18:47:35 GMT
fpi.js
ap.lijit.com/www/delivery/ Frame C72F 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=556326&width=728&height=90
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"6197f1ea-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C72F 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:35 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9853 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=254313&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61eef44680d18%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:33 GMT
content-length
0
init
gw.geoedge.be/api/ Frame D6C6 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.210.209.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-209-200.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame D6C6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJZMFFT8Wob_Mw8NoZF-artumNebBkMCjQK0R5VSmSgEAjz9kjmZH70h1c0Y9HRnGJ06FdbkvWbkpgvpio7SZL6Kd8ZWD7jGfyaSYzoGWwdDhG2BpPMimxDGWDWtSq7SpuRvebQfvKSawaB6YlFiObyvrCohU-Xouety-toZzyoS-H1y11epqbQn2VAGlyq1Nfu3bWj3yyDl15rfF6q5i9a40gvqIQ20tfVplDAvmNpVG5TwceflxtCbV0tNs96MyroEfMJpTl1aaST82GKkDCZfZWM5-Hs-DcM9fLwDF2X74DsBMjvmoRHNKL5LSUfKJEXrlj3SEUpWLN&sai=AMfl-YRauzhWiowvA0a8uo3r8lwEjySpBdW9u7SOeM_LmCu_Glb4oqiGTiN5CozmBzRKqxcZYM-jzD8XqktmnlOp7u8eiQY2GVFx4s8pQJQnkD8rz7qGxeOc8IRtLxhjg8s&sig=Cg0ArKJSzPnJc7DAKsm-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 24 Jan 2022 18:47:35 GMT
fpi.js
ap.lijit.com/www/delivery/ Frame D6C6 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=556329&width=300&height=250
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"6197f1ea-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D6C6 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:35 GMT
init
gw.geoedge.be/api/ Frame 0A00 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.210.209.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-209-200.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0A00 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBj8QlUwpyQUfYqn7OHhLS84q_Y3qP9p-hs5DEplf6B5GqRT6mHXKl7SKjJRD8HN2Rz2F_oC2N5MkLfDeD4_8MtGo9U-rRbRhiF3vehLscm1FRkIVeJcQhyrdWycjmfKpyE6kNXYlL10ofXyOFaxJEhLXcdDZrv-NftpoEttldfzUkuwn2gTKwD-QKRDTRkJmYlcBZF8RqocLo5akOvgovHUOaaygkvb2o1ZglPsLJrCvVvRRDzM7NzdVV__j9U4vxlW-jGoEhk2MbPay35unaiT__9Dsl-e1N_Ks7Q5Io9gSyPw6HH76N8tJEKA8up8P2mfSOQqGj5n9q&sai=AMfl-YSx3SChK3RXcRXoz71rVqNb2MJHHvGbmEOQVamG5V9MBeMwF3kv9d_F4bz-vInhRgSX3uO5_-p0l1czozfBHrvSNkqNVEW6rOczLUv2HCCzWUtetEMeZ250TXbH4q4&sig=Cg0ArKJSzB_QF30KbshyEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 24 Jan 2022 18:47:35 GMT
fpi.js
ap.lijit.com/www/delivery/ Frame 0A00 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=556331&width=300&height=600
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"6197f1ea-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0A00 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:35 GMT
pubfig.messaging.2.22.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
a.pub.network/core/pubfig/ 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.messaging.2.22.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c529e436f076bdd932736e1e7c90e229bff81b381de87eb8697f7222c0d841e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash
crc32c=rzn4Hw==, md5=eB0PgcfO/6vocxzVJUb9Ug==
date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84236
x-guploader-uploadid
ADPycdtWfKP8h1do1tsL2sY9SuDeZfNUNAKbplF7ttPzGig9_AO5HlBuP_0eJRQrJSUqfLP1zJ4XxBM0nbvrYxRUAIsT5LNTUQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Wed, 03 Nov 2021 19:07:29 GMT
server
cloudflare
etag
W/"781d0f81c7ceffabe8731cd52546fd52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQwnHVC6YhJH57k1qO%2BYo2NgqrQCLF6HnM1iAmWkwuekg1hZ4kDMoYLejad2JFtxXLivMRlPA5MN3C6N10dpowRMAzs3sreGUs1xfISrms5hJ%2Ffha68RmHpcTmYLK7X6w%2Bk8QE0%2BWFWVuVg%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1635966449401232
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
186040
cf-ray
6d2b6e5d7b5569eb-MAD
expires
Sun, 23 Jan 2022 20:23:39 GMT
e20676c9892145d5a6a3ed95996ea458
i.liadm.com/s/e/a-00ex/0/ Frame 5B4B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00ex%2F0%2Fe20676c9892145d5a6a3ed95996ea458%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&6745e7ae-17ae-41c9-b8a5-b29...
  • https://i.liadm.com/s/e/a-00ex/0/e20676c9892145d5a6a3ed95996ea458?mpid=7156&muid=d94061ee-f447-4000-9c05-557f1997fead
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-00ex/0/e20676c9892145d5a6a3ed95996ea458?mpid=7156&muid=d94061ee-f447-4000-9c05-557f1997fead
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00ex?s=&cim=&ps=true&ls=true&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
35.171.60.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-60-144.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
70c034637b6eeb85
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
MT3 4133 baa842e master cdg-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/a-00ex/0/e20676c9892145d5a6a3ed95996ea458?mpid=7156&muid=d94061ee-f447-4000-9c05-557f1997fead
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 24 Jan 2022 18:47:34 GMT
35759
i6.liadm.com/s/ Frame 5B4B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=45b3f819-9c1d-422e-b008-efa913aeeeb1
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=45b3f819-9c1d-422e-b008-efa913aeeeb1
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=45b3f819-9c1d-422e-b008-efa913aeeeb1
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00ex?s=&cim=&ps=true&ls=true&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
2600:1f18:444a:4602:2c20:3113:5c28:1366 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=45b3f819-9c1d-422e-b008-efa913aeeeb1
Date
Mon, 24 Jan 2022 18:47:35 GMT
Connection
keep-alive
trace-id
2ff1dced51b337e3
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
e20676c9892145d5a6a3ed95996ea458
i.liadm.com/s/e/a-00ex/0/ Frame 5B4B
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=6745e7ae-17ae-41c9-b8a5-b29aca78b996&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00ex%2F0%2Fe20676c9892145d5a6a3ed95996ea458%3Fmpid%3D82775%26muid%3D%2...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=6745e7ae-17ae-41c9-b8a5-b29aca78b996&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00ex%2F0%2Fe20676c9892145d5a6a3ed95996ea458%3Fmp...
  • https://i.liadm.com/s/e/a-00ex/0/e20676c9892145d5a6a3ed95996ea458?mpid=82775&muid=33954602667591782293093344066085338567
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-00ex/0/e20676c9892145d5a6a3ed95996ea458?mpid=82775&muid=33954602667591782293093344066085338567
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00ex?s=&cim=&ps=true&ls=true&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
35.171.60.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-60-144.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
da4beb5a092c59d6
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

DCS
dcs-prod-irl1-1-v027-096269d91.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
0Tq5WY/DTFI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://i.liadm.com/s/e/a-00ex/0/e20676c9892145d5a6a3ed95996ea458?mpid=82775&muid=33954602667591782293093344066085338567
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
live_intent_sync
x.dlx.addthis.com/e/ Frame 5B4B
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=6745e7ae-17ae-41c9-b8a5-b29aca78b996
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=6745e7ae-17ae-41c9-b8a5-b29aca78b996&rd=Y
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=6745e7ae-17ae-41c9-b8a5-b29aca78b996&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00ex?s=&cim=&ps=true&ls=true&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 24 Jan 2022 18:47:35 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=6745e7ae-17ae-41c9-b8a5-b29aca78b996&rd=Y
pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Mon, 24 Jan 2022 18:47:35 GMT
52176
i6.liadm.com/s/ Frame 5B4B
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=6745e7ae-17ae-41c9-b8a5-b29aca78b996&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=6745e7ae-17ae-41c9-b8a5-b29aca78b996&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1
  • https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00ex?s=&cim=&ps=true&ls=true&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
2600:1f18:444a:4602:2c20:3113:5c28:1366 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1
Date
Mon, 24 Jan 2022 18:47:35 GMT
Connection
keep-alive
trace-id
50395b1f8aef4db2
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
52164
i.liadm.com/s/ Frame 5B4B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=6745e7ae-17ae-41c9-b8a5-b29aca78b996
  • https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=6745e7ae-17ae-41c9-b8a5-b29aca78b996
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=liveintent
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455420190490776&expires=30&ssp=liveintent
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00ex?s=&cim=&ps=true&ls=true&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
35.171.60.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-60-144.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
c47628304c435093
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
//i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1
Date
Mon, 24 Jan 2022 18:47:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
trc.taboola.com/sg/liveintent/1/cm/ Frame 5B4B 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/liveintent/1/cm/
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00ex?s=&cim=&ps=true&ls=true&duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
via
1.1 varnish
server
nginx
x-timer
S1643050055.375559,VS0,VE9
x-served-by
cache-hhn4081-HHN
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0
analytics
pba.aws.lijit.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.252.109 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-252-109.us-east-2.compute.amazonaws.com
Software
nginx/1.14.1 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://dailyvoice.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx/1.14.1
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
content-type
analytics
pba.aws.lijit.com/ Frame 2912 		0
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Requested by
Host: prebid.s-onetag.com
URL: https://prebid.s-onetag.com/21151f2e-6fc8-4e5d-881a-18a0f86778a8/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.252.109 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-252-109.us-east-2.compute.amazonaws.com
Software
nginx/1.14.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx/1.14.1
x-powered-by
Express
view
securepubads.g.doubleclick.net/pcs/ Frame 7E3A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2tOCNcnIqdMc-ELcGVDrNpkPwe1eAH2lssqx35saEdggdB0zQGExkstWPWwF8yEy2mmBYfNjE4p1-hzUhYgqXpc6zBHoMoezh18-CCANXc971fR4to1SoaI4TWxynmt2VePfgBMGNVC2hzNP7imYesm0eO1c6UYPKXSQOMdjmxbwHU_QWjlLw2O8shp562GCIDpTR1YCFX1qZlpg_vyWoXcrQkXZ1s5EjZLXiajXB9t9Uoy9fMA_wFUEULgGl7DuJ5kr6uO4UHtlPFKlezWnG9RMvS7mWuDNktqGxJBY1IAyEHdaDtM5mjKxM7YASnIFhyqktbKoLy-PX&sai=AMfl-YTU1eCJnSuO7GdtFUu_u8JWFLRAj4cb51MPkBRISvJ1dICyFGvLAdllfRbDwSwKkietE0Yl229y7sRC4OmfDc1_V8I0aErGaFivHLPugfyx7bIGuUPplDdMlcJpO0g&sig=Cg0ArKJSzG9XuKPSh-d2EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 7E3A 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
24384
x-jsd-version
1.13.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19150-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6d2b6e5dbc1d691f-FRA
nobidtag.js
public.servenobid.com/nobidtag/ Frame 7E3A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/nobidtag/nobidtag.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d360b6b8f3a149c37565fbda52006922bb7c85ce97d66b95707e9ac2c3245b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
br
x-azure-ref-originshield
0BcftYQAAAABNPOltZtEuQYgH3SPsLLE6QU1TMDRFREdFMTkwOAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-amz-request-id
7GTYNKKAC78H596P
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0897103a-6355-4b89-92f6-53a82b1da700
x-cache
TCP_HIT
x-amz-meta-codebuild-content-md5
276cf0a41034befc9a603617ae1a1731
x-amz-id-2
0KrBvgA07PW+V8sD8WJgb5NcggScbiH2WPz+Ibp3kr1gb2qRhVsBKTnIGCmk1egEWhNIPTIwr6Y=
last-modified
Wed, 15 Dec 2021 19:31:34 GMT
server
AmazonS3
etag
"4cf4abc0329096a5ef8fbc51642c79f0"
x-azure-ref
0R/TuYQAAAACne6OdW71eTKD06PD2tsaiRlJBRURHRTEwMTgAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
x-amz-meta-codebuild-content-sha256
8644b4f52d5a37b8f0b84f0bbcfa66f9e0f7f97407e4d25c13a055f86b22baed
cache-control
max-age=86400
accept-ranges
bytes
content-type
application/x-javascript
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7E3A 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:35 GMT
/
ads.us.e-planning.net/uspd/1/ Frame 9532
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b59a5b5f1e702264a5e0cda6f998b5e6d56793352561032b2b365a2f12448991

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Mon, 24 Jan 2022 18:47:35 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Mon, 24 Jan 2022 18:47:35 GMT
x-sid
AMS-739
content-encoding
gzip

Redirect headers

server
openresty
date
Mon, 24 Jan 2022 18:47:35 GMT
content-type
text/html; charset=iso-8859-1
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-739
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5F1E 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=53793
expires
Tue, 25 Jan 2022 09:44:08 GMT
date
Mon, 24 Jan 2022 18:47:35 GMT
vary
Accept-Encoding
cookie
cm.adform.net/ Frame 86E6 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Mon, 24 Jan 2022 18:47:35 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame 4559 		251 B
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-756
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
DE
cache-control
public, max-age=3600
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-storageserver
DE-51
cdn-fileserver
141
cdn-proxyver
1.02
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-cachedat
12/27/2021 07:28:04
cdn-edgestorageid
756
cdn-status
200
cdn-requestid
d4f75218447aa7debcde8bbae695678e
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 4F3A
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=FRueQIBMNWQuSIDOkLqP&pi=admatic&tc=1
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=FRueQIBMNWQuSIDOkLqP&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Length
0
Etag
69ab2fd6f81ae0c0

Redirect headers

date
Mon, 24 Jan 2022 18:47:35 GMT Mon, 24 Jan 2022 18:47:35 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=FRueQIBMNWQuSIDOkLqP&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
pbsync.html
js.adscale.de/ Frame A445 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:f200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Fri, 21 Jan 2022 03:53:43 GMT
x-amz-version-id
9EXG5D7gSEtb3BiUSVKAeG8DwJodDYlp
server
AmazonS3
content-encoding
gzip
date
Mon, 24 Jan 2022 17:03:22 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 71899bd3f76489e8a6e71cc77aaa6424.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P3
x-amz-cf-id
0eZhIGEeinLWcBVf8z7klV3kVp6aoLjZtmOYj5sXSZ7Xzy8os6hOfA==
age
6254
csync
sync.console.adtarget.com.tr/ Frame 3752 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Length
0
Etag
69ab2fd6f81ae0c0
csync
sync.console.adtarget.com.tr/ Frame 8EF8 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Length
0
Etag
69ab2fd6f81ae0c0
csync
sync.console.adtarget.com.tr/ Frame 58C2 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306708&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
VertaMedia 1.0
Etag
69ab2fd6f81ae0c0
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame 58C2 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
VertaMedia 1.0
Etag
69ab2fd6f81ae0c0
Content-Length
43
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame A4CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0nQS_i4TYblNQv4qLZxgnflwyPwKwEqi6mUxoVDPSPjkmrIEN-huiaw3szSNx9utk5P0YD47p4ZABdaBIjsIBPfR4RFMrEg4TXJ2PokN6EqedPOA1QMADBfbvkSxR1bxbF-hsqTniRK72xFK4-5TkX4LAZbB3luYbeXH3Vtmoh7oj3JKLopG1YpKigNCqJ9dQC_hVJMk2TcbgYzYZlxS9KBNsWKwDqiRCj3Xyc6x8H08HPvTSEyyLAoKnY1K_ynQtkm8DmD8fXDjE3JYjVxMmTtN-BQp_F-KJZkERscwT9r0l1xsmykj3t4eIMmCa8TCocFbwjTs_dQMPGg&sai=AMfl-YRq78xIyixub42P11JhETdj2hkg6HcLCxLxLocRE7DgOzbnzReFp7AIzA9oBBcJ0n9KOFmOvPF771N-aEQbj3jOgbvDoPpjSH9R518idWKBVSpYQsBBaQY3IjPmlcY&sig=Cg0ArKJSzKHfMDL6W4TbEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame A4CA 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
24384
x-jsd-version
1.13.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19150-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6d2b6e5dbc21691f-FRA
nobidtag.js
public.servenobid.com/nobidtag/ Frame A4CA 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/nobidtag/nobidtag.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d360b6b8f3a149c37565fbda52006922bb7c85ce97d66b95707e9ac2c3245b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
br
x-azure-ref-originshield
0BcftYQAAAABNPOltZtEuQYgH3SPsLLE6QU1TMDRFREdFMTkwOAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-amz-request-id
7GTYNKKAC78H596P
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0897103a-6355-4b89-92f6-53a82b1da700
x-cache
TCP_HIT
x-amz-meta-codebuild-content-md5
276cf0a41034befc9a603617ae1a1731
x-amz-id-2
0KrBvgA07PW+V8sD8WJgb5NcggScbiH2WPz+Ibp3kr1gb2qRhVsBKTnIGCmk1egEWhNIPTIwr6Y=
last-modified
Wed, 15 Dec 2021 19:31:34 GMT
server
AmazonS3
etag
"4cf4abc0329096a5ef8fbc51642c79f0"
x-azure-ref
0R/TuYQAAAAAzdK1V2GXURJC2epJyYDPjRlJBRURHRTEwMTgAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
x-amz-meta-codebuild-content-sha256
8644b4f52d5a37b8f0b84f0bbcfa66f9e0f7f97407e4d25c13a055f86b22baed
cache-control
max-age=86400
accept-ranges
bytes
content-type
application/x-javascript
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A4CA 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BFFC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvt9X7MOwgoM_i9lMSRDTPadQai8bWLSPKqclQsf7uTFnZikE0hWlv_TbtS7GmaBrbynsjEzAwS_JGSUHMeXmCWLQLXH5H01U8x-S7gnqZtDh-fJe_KQEvX28nJKnfBdcBLl8-yr_Xw27VydA8GKo-YAvowOC5XdxzjQoKfJO9zKGTh7I9lK0tW7lN1SrFqBYPIyDzzEVq-LNcfRlgkp71kaNSFQW9SGAZvQURUKwTCCYsxUo2M2Z3jjEm5ndu7-QXLd-uW0ZetvB5i70t-K4SPwSi5qt6l4LQ0lm_W0gNtzhgjkx3Uwf2v8TuUKgjEnQxp8ZbfYc&sai=AMfl-YRngJEF4OmcNm1Qjwtc8X_Rmh6MmVUxv6K34Vf_vWcaoUAvaVrdZWjuXyKPaHGPTIbYLma4_fjA5vbMHAubFovsBtnVbi9Ihekg3rcB1cjTFFerIji1VvCgsG_R9Fk&sig=Cg0ArKJSzAXQmOMEkjBJEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame BFFC 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
24384
x-jsd-version
1.13.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19150-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6d2b6e5dbc2f691f-FRA
nobidtag.js
public.servenobid.com/nobidtag/ Frame BFFC 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/nobidtag/nobidtag.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d360b6b8f3a149c37565fbda52006922bb7c85ce97d66b95707e9ac2c3245b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
br
x-azure-ref-originshield
0BcftYQAAAABNPOltZtEuQYgH3SPsLLE6QU1TMDRFREdFMTkwOAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-amz-request-id
7GTYNKKAC78H596P
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0897103a-6355-4b89-92f6-53a82b1da700
x-cache
TCP_HIT
x-amz-meta-codebuild-content-md5
276cf0a41034befc9a603617ae1a1731
x-amz-id-2
0KrBvgA07PW+V8sD8WJgb5NcggScbiH2WPz+Ibp3kr1gb2qRhVsBKTnIGCmk1egEWhNIPTIwr6Y=
last-modified
Wed, 15 Dec 2021 19:31:34 GMT
server
AmazonS3
etag
"4cf4abc0329096a5ef8fbc51642c79f0"
x-azure-ref
0R/TuYQAAAAAptJIA6cwORKLQbGuhqgYsRlJBRURHRTEwMTgAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
x-amz-meta-codebuild-content-sha256
8644b4f52d5a37b8f0b84f0bbcfa66f9e0f7f97407e4d25c13a055f86b22baed
cache-control
max-age=86400
accept-ranges
bytes
content-type
application/x-javascript
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BFFC 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:35 GMT
grumi.js
rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/ Frame 4568 		421 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:d600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fba324acdc914e76c2fcf8de211bc315dca79754b83a66c14ddc7b8e56eb777

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:21 GMT
content-encoding
br
last-modified
Mon, 24 Jan 2022 18:18:30 GMT
server
AmazonS3
age
15
etag
W/"718343bb82f970032fc862c2dd0f7825"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
7H74J0Iy_aMxMg5_iQsXlLOFYuDl5WsO
via
1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
DUS51-P2
content-type
text/javascript
x-amz-cf-id
_hme8Nf55vX6PNxuzUrD1FOKydzh2-8r_RVuMn0AR6AvoH4sM80TPg==
usermatch.gif
beacon.krxd.net/ Frame E040
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=google
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T253dEFyYU8
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEO7UzpWD9eB5xUDAAGF5nyQ&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEO7UzpWD9eB5xUDAAGF5nyQ&google_cver=1
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1643050055
x-served-by
beacon-n020-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEO7UzpWD9eB5xUDAAGF5nyQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame E040
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T253dEFyYU8
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEO7UzpWD9eB5xUDAAGF5nyQ&google_cver=1
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEO7UzpWD9eB5xUDAAGF5nyQ&google_cver=1
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1643050055
x-served-by
beacon-n022-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEO7UzpWD9eB5xUDAAGF5nyQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame E040
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=OnwtAraO&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=OnwtAraO&gdpr=0
  • https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=45b3f819-9c1d-422e-b008-efa913aeeeb1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=45b3f819-9c1d-422e-b008-efa913aeeeb1
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
cache-control
private, no-cache, no-store
x-request-time
D=40 t=1643050055
x-served-by
beacon-n007-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=45b3f819-9c1d-422e-b008-efa913aeeeb1
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
379708.gif
idsync.rlcdn.com/ Frame E040 		42 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=OnwtAraO
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
usermatch.gif
beacon.krxd.net/ Frame E040
Redirect Chain
  • https://stags.bluekai.com/site/26357?id=OnwtAraO&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOnwtAraO%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
  • https://beacon.krxd.net/usermatch.gif?_kuid=OnwtAraO&partner=bluekai&bk_uuid=$_BK_UUID
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?_kuid=OnwtAraO&partner=bluekai&bk_uuid=$_BK_UUID
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
cache-control
private, no-cache, no-store
x-request-time
D=27 t=1643050055
x-served-by
beacon-n015-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?_kuid=OnwtAraO&partner=bluekai&bk_uuid=$_BK_UUID
Date
Mon, 24 Jan 2022 18:47:35 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
p
sb.scorecardresearch.com/ Frame E040 		64 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OnwtAraO&rn=1643050055
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-116.fra6.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
xdXK6ReGtsizppi2VHBpoRpfXWYsjfB37_TSLMJpXi5QbqK6w4LsfQ==
match
ps.eyeota.net/ Frame E040 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=i0r4o4v&uid=OnwtAraO
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
usermatch.gif
beacon.krxd.net/ Frame E040
Redirect Chain
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=8766712360259569763
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?adnxs_uid=8766712360259569763
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
cache-control
private, no-cache, no-store
x-request-time
D=40 t=1643050055
x-served-by
beacon-n013-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6eecd8a2-0ba2-4457-b74e-8410e337697a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://beacon.krxd.net/usermatch.gif?adnxs_uid=8766712360259569763
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
image.sbxx
global.ib-ibi.com/ Frame E040 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.ib-ibi.com/image.sbxx?go=247532&pid=314&xid=OnwtAraO
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_256_CBC
Server
69.169.86.38 Cranford, United States, ASN29838 (AMC, US),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP
usermatch.gif
beacon.krxd.net/ Frame E040
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dpubmatic%26partner_uid%3D%23PM_USER_ID
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dpubmatic%26partner_uid%3D%23PM_USER_ID&rdf=1
  • https://beacon.krxd.net/usermatch.gif?partner=pubmatic&partner_uid=0AE1D294-2B2E-417F-A012-150A310C50E5
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=pubmatic&partner_uid=0AE1D294-2B2E-417F-A012-150A310C50E5
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1643050055
x-served-by
beacon-n002-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=pubmatic&partner_uid=0AE1D294-2B2E-417F-A012-150A310C50E5
date
Mon, 24 Jan 2022 18:47:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
398696.gif
idsync.rlcdn.com/ Frame E040
Redirect Chain
  • https://fei.pro-market.net/engine?mimetype=img&du=88&csync=OnwtAraO
  • https://idsync.rlcdn.com/398696.gif?partner_uid=1035705701749506153
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/398696.gif?partner_uid=1035705701749506153
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp-eu-5.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://idsync.rlcdn.com/398696.gif?partner_uid=1035705701749506153
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2E5B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 24 Jan 2022 18:47:35 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 24 Jan 2022 18:47:35 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 24 Jan 2022 18:47:35 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sync
ap.lijit.com/ Frame C72F 		80 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
fbd7d5de5e7a55ea07ecf232b58b99732dee1f0900e59e4e8374ebab8ad52c43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Nov 2021 18:51:37 GMT
Server
nginx
ETag
W/"6197f239-14155"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Tue, 25 Jan 2022 18:47:35 GMT
sync
ap.lijit.com/ Frame D6C6 		80 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
fbd7d5de5e7a55ea07ecf232b58b99732dee1f0900e59e4e8374ebab8ad52c43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Nov 2021 18:51:37 GMT
Server
nginx
ETag
W/"6197f239-14155"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Tue, 25 Jan 2022 18:47:35 GMT
sync
ap.lijit.com/ Frame 0A00 		80 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
fbd7d5de5e7a55ea07ecf232b58b99732dee1f0900e59e4e8374ebab8ad52c43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Nov 2021 18:51:37 GMT
Server
nginx
ETag
W/"6197f239-14155"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Tue, 25 Jan 2022 18:47:35 GMT
c
c.pub.network/ 		36 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
7e65aca503c430f8f52e7dca8e3f39f6d401f46bc0a0e1d7df748e1a7d7b63b7

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://dailyvoice.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
init
gw.geoedge.be/api/ Frame 7E3A 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.210.209.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-209-200.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
content-length
0
truncated
/ Frame 7E3A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14f221202508ef0807061e3ca6c2f8cb0236adfae835bd2ab6c57ce30b235588

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
init
gw.geoedge.be/api/ Frame A4CA 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.210.209.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-209-200.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
content-length
0
truncated
/ Frame A4CA 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30223ef6d2d645bd208595a59b54d7baa71166a10fc9338aafa6d8562bbfe8b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
init
gw.geoedge.be/api/ Frame BFFC 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.210.209.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-209-200.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
content-length
0
truncated
/ Frame BFFC 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1081f473105753a8d3a3d06f0606514c348607eefae06f2f55f9347b1763c23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
analytics
pba.aws.lijit.com/ Frame 8D75 		0
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Requested by
Host: prebid.s-onetag.com
URL: https://prebid.s-onetag.com/21151f2e-6fc8-4e5d-881a-18a0f86778a8/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.252.109 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-252-109.us-east-2.compute.amazonaws.com
Software
nginx/1.14.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx/1.14.1
x-powered-by
Express
analytics
pba.aws.lijit.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.252.109 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-252-109.us-east-2.compute.amazonaws.com
Software
nginx/1.14.1 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://dailyvoice.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx/1.14.1
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
content-type
gen_204
pagead2.googlesyndication.com/pagead/ Frame D23B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyChwIASoYbGFyZ2UtYmFubmVyLXJkYS12YW5pbGxhCgoIAioGc2VydmVyCjIIBCoubXlzaWRpYV9hbmFseXRpY3NfZXhwMixwZXJmX3ZpZGVvX2NvbnRyb2wyXzEwcAoNEBQhAAAAAMBT0kAwBAoNEBUhAAAAAAAAKEAwBAoNEBYhAAAAAAAAHEAwBAoNEBghAAAAAAA0hEAwBBIaQ09fY3o3YUd5X1VDRmNKYzVRb2RueHdHdGciGnRleHQvdmFuaWxsYV90ZXh0X2Nsb3NlX3YyKAM=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/8b63a7a81b6f18e94cb38611e7e405da.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4568 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 11:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24522
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 24 Jan 2023 11:58:53 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 4568 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
24384
x-jsd-version
1.13.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19150-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6d2b6e5ef92b694f-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4568 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:35 GMT
adcfg
ap.lijit.com/ Frame C72F 		158 B
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/adcfg?zoneid=556326&tid=97ed1b79b47f4d9d979e7fae3967c22c2f448d0b&mode=1&dmn=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
a77e0ff4eb45ac555c20ef0d56213e3417d3f0642f300c88839c3a7609064bc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
146
truncated
/ Frame C72F 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9459505240d1a718ed0d6e8596702099401ae62a9e8119b24931c4dea4a007a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
adcfg
ap.lijit.com/ Frame 0A00 		159 B
534 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/adcfg?zoneid=556331&tid=0789f6d70fec4c1789e2e9b4ac15703e938fa596&mode=1&dmn=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
326275e8a960b49ff20fe376bc7851eed60751e4bc00979451c381d88ae14c4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
145
truncated
/ Frame 0A00 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eadbfa820edd4f6c4325ebc1ce880bef10f1ecbb8a64c68eef9e0b03920c4e2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
adcfg
ap.lijit.com/ Frame D6C6 		159 B
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/adcfg?zoneid=556329&tid=a516a7409275492bbb531c25c9bc7e363feab999&mode=1&dmn=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
32f03ed1996b687eb43bc4525b472d9af0347c06607243a0ded13392157ed9e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
146
truncated
/ Frame D6C6 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ee1c48bb2cef23a1a1f47a7e72e28197790382d6301c4f9df95be9a7cd15982

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
bundle.js
cdn.admatic.com.tr/user/ Frame 4559 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
141
cdn-storageserver
DE-199
cdn-cachedat
12/27/2021 09:53:15
cdn-pullzone
266102
server
BunnyCDN-DE1-756
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"604aed10-d908"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
8b2c7d52581c9c19ac181ec149086dbc
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
um
u-ams02.e-planning.net/ Frame 9532
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D54eea1f944edcc2e
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=54eea1f944edcc2e
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=54eea1f944edcc2e
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:34 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=54eea1f944edcc2e
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 9532 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D54eea1f944edcc2e%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
p368r1ovhmm4695d3u355aaup63dpjnc
ptag
a.audrte.com/ Frame 9532 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.81.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-81-149.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
b3d9a4029aaf3a514d93a0850c6e5e3408e56500a604ffc2e1550771d25532cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1682
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 9532 		266 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 23 Jan 2027 18:47:35 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 9532
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D54eea1f944edcc2e
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 9532
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D54eea1f944edcc2e%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=54eea1f944edcc2e&uid=8766712360259569763
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=54eea1f944edcc2e&uid=8766712360259569763
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
da6ec931-9e84-4a82-a049-e920978f0f4a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=54eea1f944edcc2e&uid=8766712360259569763
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame E6E7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jan 2022 18:47:35 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
date
Mon, 24 Jan 2022 18:47:35 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FFAB 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D54eea1f944edcc2e%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=53793
expires
Tue, 25 Jan 2022 09:44:08 GMT
date
Mon, 24 Jan 2022 18:47:35 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 861C 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54eea1f944edcc2e%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
55f2685630c35806582cd87305507f04fcd2875f8c3b1c3a259273a9e6f68c9c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|45|230|39|3|111|81|4
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 24 Jan 2022 18:47:35 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Length
1659
Connection
keep-alive
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 11DD 		1 KB
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-type
text/html
content-length
624
x-cff
B
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:27 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
x-cf3
H
cf4age
0
x-cf-tsc
1641922229
cf4ttl
157680000.000
content-encoding
gzip
x-cf2
H
server
CFS 0215
x-cf1
29080:fC.fra2:co:1585621119:cacheN.fra2-01:H
accept-ranges
bytes
/
onetag-sys.com/usync/ Frame D958 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 1D6D 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f06f5bfcde21bbaf217a13b4f41ed17527fe580b4224570fe7066f4a79be425

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d2b6e5f8d8c6907-FRA
content-encoding
br
uu
ih.adscale.de/ Frame A445
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1643050055
  • https://ih.adscale.de/uu?cbfn=receive&t=1643050055&nut&uu=8bdee77727124e4e90d642231474edb2
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1643050055&nut&uu=8bdee77727124e4e90d642231474edb2
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1c0fa8a2e4f9839bafe1e9412603d6fb00c42bc47c9194a5fa7e034364084c6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1643050055&nut&uu=8bdee77727124e4e90d642231474edb2
date
Mon, 24 Jan 2022 18:47:35 GMT
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 4568 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWmyAVxuTHdKduna2Yyn6DzmL1WUytROpNbUdWq30gHEOUsAhTIRac2g2rRkpN_oeHd-WoXz7DQVDEriKmVbC4esCdSX_S3ae_526C8WQyd56-fsvLxbKcbblMtgJEk5zzKmeJ801qdQkLyIkIrruDc_xfM2YnfdoEWGOw6zBIuH1aUmZx-o_TD0lYn_Y7lZ9GQryyQb98oxnoIq_d7U8WM8Qv-YNhRe6cwH4m3aoYwGmpQdzh36c2x-S12fUPmEGonY92xaw8dKNDEQsON-YaVnkZjt7JZS9I9oCry-xDjUvmVrgj6vF3SBQJow&sai=AMfl-YSpmr4KNcxIR6Z4XDx_-Sxen45uVnx_iFxbfoSCEQI1ImmcFNQBFEFzRDXKDShq2uvlW_Ob2Y7GvHzFJ1EwnmhXkKF_H2xgjwc6IQCOQ_WRHM_grK7sCrrGqWPVq5Y&sig=Cg0ArKJSzEmO2WOUjYO_EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
init
gw.geoedge.be/api/ Frame 4568 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.210.209.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-209-200.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
content-length
0
truncated
/ Frame 4568 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3469c6b1ad6c0c97b537b71354bf0a330e40215407afde07db13793a7d1a7071

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
addelivery
ap.lijit.com/ Frame C72F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/addelivery?zoneid=556326&tid=a_556326_b5cb108b649b47099ac97c7e122cb48a&cb=undefined&mode=1&ifr=true&od=dailyvoice.com&time=18%3A47%3A35&fd=1&be=sf&loc=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&orig_loc=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=a_556326_b5cb108b649b47099ac97c7e122cb48a
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
f22422b96d98e94ac3d3243d25ce61ec7e238943f8a1981d6a25ef8f0e2a12a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
984
addelivery
ap.lijit.com/ Frame 0A00 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/addelivery?zoneid=556331&tid=a_556331_f9cf01ff90f145deb9414e8084651993&cb=undefined&mode=1&ifr=true&od=dailyvoice.com&time=18%3A47%3A35&fd=1&be=sf&loc=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&orig_loc=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=a_556326_b5cb108b649b47099ac97c7e122cb48a
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
84a277c19f5476bf0e06a1e971d1ad535b0570e1a6875a8674c19ce2b626abcc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
976
user
ads3.admatic.com.tr/ Frame 4559 		51 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.236 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-236-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
a2c81c90626a7f0f427002be5c3bbd9233dfeeb7441eb8674febaf21f2f69056

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
br
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
55
addelivery
ap.lijit.com/ Frame D6C6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/addelivery?zoneid=556329&tid=a_556329_a1c7ba82a6e548429188f64b203c9ea6&cb=undefined&mode=1&ifr=true&od=dailyvoice.com&time=18%3A47%3A35&fd=1&be=sf&loc=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&orig_loc=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=a_556326_b5cb108b649b47099ac97c7e122cb48a
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
c39fc22b2eec8f6b29c93a6dc10dd654b4b692c3d60dd8b1c7a4791b978dc6c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
982
js
tags.mathtag.com/notify/ Frame 2B06 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvWkRNNVlUa3hPRFF0TlRZM015MHhNR1ExTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NDExMzQ4NTk3ODQ1ODIxMTIvOTY5NjA0NC85OTY4MjAyLzkvYlFyZVpXbG5LZjBpNXd1SHF5TjRUTlIwc2hvVkt1TmF1T1B4SUk0a0FqOC8xLzkvMC8wLzE3NjQwNzUvMC8yMjY1ODkvMTA0MTgwMi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzM5NDExMzQ4NTk3ODQ1ODIxMTIvenJoLzAvNzY4Mi84Mi85OTkvMi8yMDAxOjFiNjA6MTAxMDo6LzAuMDAwLzE2NDMwNTAwNTQvMTY0MzA1MzY1NC85LzE3NTI2Lw/MBaGPxTpVhmkSfCd6pMllswF324&nodeid=2803&group=zrh&auctionid=3941134859784582112&shardkey=3941134859784582112&sid=9968202&cid=9696044&bp=a_cfjjig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.234&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F934e78eb-a938-46d5-ba63-02cf2d9e9c78%2F
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
bdb4c005117d952872d082607e8a6f71bd2109437742b113444dcf001137aa74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1643050054
Last-Modified
Mon, 24 Jan 2022 18:47:34 GMT
Server
MMBD/3.300.0
x-mm-latency
2 (1)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x70, zrh-bidder-x158
Connection
close
Expires
Mon, 24 Jan 2022 18:47:34 GMT
934e78eb-a938-46d5-ba63-02cf2d9e9c78
beacon-fra2.rubiconproject.com/beacon/d/ Frame 2B06 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/934e78eb-a938-46d5-ba63-02cf2d9e9c78?oo=0&accountId=17526&siteId=173454&zoneId=839174&sizeId=15&e=6A1E40E384DA563BEB0F593E8E375B49F104B5AFA1196875C34CFBB9F4811184FF0303FAF071F9700043DB742659AEEC172DB22D3B21A9B5F9A5AC4F6EAF29C0E5EE244DF73DBC76F88052A59E68A027B6D123DDCF201A9C96B8BA4E21FD762683C71DA96BC8FFF829541BAA0770E17A1E2B596689924A07BCD9AB1B63E0FFBB998234B169F036921B42A53E043A929B4300267781DA910A71D6BB9A623A8C6BD1CA793185005EF75C36EADDF896A153E532A96683DB730C
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:34 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
img
tags.mathtag.com/notify/ Frame 2B06 		49 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvWkRNNVlUa3hPRFF0TlRZM015MHhNR1ExTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NDExMzQ4NTk3ODQ1ODIxMTIvOTY5NjA0NC85OTY4MjAyLzkvYlFyZVpXbG5LZjBpNXd1SHF5TjRUTUdvN01KUWhJSC11c0tjUnRqdThWNC8xLzkvMC8wLzE3NjQwNzUvMC8yMjY1ODkvMTA0MTgwMi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzM5NDExMzQ4NTk3ODQ1ODIxMTIvenJoLzAvNzY4Mi84Mi85OTkvMi8yMDAxOjFiNjA6MTAxMDo6LzAuMDAwLzE2NDMwNTAwNTQvMTY0MzA1MzY1NC85LzE3NTI2Lw/Y-7YJ5N31Q1NKcCRxRVCvplxfJg&nodeid=2803&group=zrh&auctionid=3941134859784582112&shardkey=3941134859784582112&sid=9968202&cid=9696044&price=F50F83C7015E5A5C&bp=a_cfjjig&nfy_act=LD5wfn0&type=burl&client=c2s&src=imp&bfip=185.29.133.234
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
x-mm-bid-request-time
1643050054
Last-Modified
Mon, 24 Jan 2022 18:47:34 GMT
Server
MMBD/3.300.0
x-mm-latency
3 (1)
Content-Type
image/gif
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x37, zrh-bidder-x158
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 24 Jan 2022 18:47:34 GMT
adreq
ads.servenobid.com/ Frame A4CA 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=1461
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/nobidtag/nobidtag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cfb8a652505e0ea33c036c7dfcf7c16f1905f27b9f548efb5d3733d4b462c437

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://dailyvoice.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
13926
g2.gumgum.com/usync/ Frame 8EE1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3d7b1d44ac767000edd3f6eacd4bef23b1e536d7d3f15a6d7c4969bf804d4e4f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-type
text/html;charset=UTF-8
server
nginx
etag
W/"0a0f800a913774c2cf8bc89b402e0c3a4"
timing-allow-origin
*
content-encoding
gzip
ps
pixel.33across.com/ Frame E0D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Mon, 24 Jan 2022 18:47:35 GMT
/
onetag-sys.com/usync/ Frame 3B5B 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame D8C7 		976 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
86b832d6b9815ee590e24499d7a40bdef98b5cc4caef5c1bd6a11b61369be071

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-type
text/html
content-length
976
usermatch
ssum-sec.casalemedia.com/ Frame 3954 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
18e7a706767130203f76ae7ff26c20092c0d0ed6a294976825c2522499fb3a35

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|241|45|196|109|41|65
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 24 Jan 2022 18:47:35 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Length
1552
Connection
keep-alive
sync
ads.servenobid.com/ Frame A4CA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=8766712360259569763
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=8766712360259569763
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
16aad8d8-1cad-403e-93bd-106dd9d78416
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=8766712360259569763
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame A4CA
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
0
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
HTTP/1.1
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame A4CA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1643050055726
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6788259908
  • https://sync.1rx.io/usersync/tradedesk/45b3f819-9c1d-422e-b008-efa913aeeeb1
  • https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
date
Mon, 24 Jan 2022 18:47:37 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX935c60d0aa294a4ab0a57d2ce8e47555003
content-type
text/html
101954
jadserve.postrelease.com/suid/ Frame A4CA 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ads.servenobid.com/ Frame A4CA
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5134455420190490776
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5134455420190490776
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5134455420190490776
Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame A4CA 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame A4CA
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=612cb020-e18f-4e70-818a-1ec844bbe7fb&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=612cb020-e18f-4e70-818a-1ec844bbe7fb&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=612cb020-e18f-4e70-818a-1ec844bbe7fb&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Mon, 24 Jan 2022 18:47:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame A4CA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-J3AaqpFE2uEh6nnf2lJpRC.ZDU9cVvB9HhvY2Rw-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-J3AaqpFE2uEh6nnf2lJpRC.ZDU9cVvB9HhvY2Rw-~A
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-J3AaqpFE2uEh6nnf2lJpRC.ZDU9cVvB9HhvY2Rw-~A
date
Mon, 24 Jan 2022 18:47:35 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
adreq
ads.servenobid.com/ Frame 7E3A 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=690
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/nobidtag/nobidtag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
feacee48617c539fb99a9ba3a3676b683c015a2e102762caa970ce44a398e072

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://dailyvoice.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
13926
g2.gumgum.com/usync/ Frame AA27 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
159d55d9c621050b6cd35ad2924947c786d63012c77066660c7e1cedaa4239fc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-type
text/html;charset=UTF-8
server
nginx
etag
W/"0e8868af2e21f1a6d31de086b2f630df4"
timing-allow-origin
*
content-encoding
gzip
sync
ads.servenobid.com/ Frame 7E3A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=8766712360259569763
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=8766712360259569763
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1605377e-c83d-4971-b460-dfc5b13fd8cd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=8766712360259569763
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 7E3A
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
0
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
HTTP/1.1
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
ps
pixel.33across.com/ Frame 7B4D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Mon, 24 Jan 2022 18:47:35 GMT
/
onetag-sys.com/usync/ Frame 4F99 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 640A 		855 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
9fc69b0df424d43d28b62ac6904967ed2b0d3e6c04ef66238bacbb562d251169

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-type
text/html
content-length
855
sync
ads.servenobid.com/ Frame 7E3A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1643050055744
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5953797327
  • https://sync.1rx.io/usersync/tradedesk/45b3f819-9c1d-422e-b008-efa913aeeeb1
  • https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
date
Mon, 24 Jan 2022 18:47:37 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX935c60d0aa294a4ab0a57d2ce8e47555003
content-type
text/html
101954
jadserve.postrelease.com/suid/ Frame 7E3A 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ads.servenobid.com/ Frame 7E3A
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5134455420190490776
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5134455420190490776
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5134455420190490776
Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 7E3A 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 7E3A
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=6764a67a-1b7c-42d7-9023-5e262667614a&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=6764a67a-1b7c-42d7-9023-5e262667614a&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=6764a67a-1b7c-42d7-9023-5e262667614a&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Mon, 24 Jan 2022 18:47:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 2D00 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dffc58677d08f09888a9c5369fec7cf723aa552eaf09ff929eff1ba518726114

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|45|230|39|130|152|191|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 24 Jan 2022 18:47:35 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Length
1547
Connection
keep-alive
sync
ads.servenobid.com/ Frame 7E3A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-J3AaqpFE2uEh6nnf2lJpRC.ZDU9cVvB9HhvY2Rw-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-J3AaqpFE2uEh6nnf2lJpRC.ZDU9cVvB9HhvY2Rw-~A
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-J3AaqpFE2uEh6nnf2lJpRC.ZDU9cVvB9HhvY2Rw-~A
date
Mon, 24 Jan 2022 18:47:35 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
adreq
ads.servenobid.com/ Frame BFFC 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6669
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/nobidtag/nobidtag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fe13729cf3ce297369e5e3c7a943a337dea29003339d9ce57d3bb814be550046

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://dailyvoice.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
13926
g2.gumgum.com/usync/ Frame 6BEF 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ec05e1e672ef8972429bb6d6745a1ac3ce2ff8770839fd725b52c3a83e92663f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-type
text/html;charset=UTF-8
server
nginx
etag
W/"071ae5446f9e2495d50bcf2f2efefd70b"
timing-allow-origin
*
content-encoding
gzip
sync
ads.servenobid.com/ Frame BFFC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=8766712360259569763
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=8766712360259569763
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
05f8d748-be4a-4f16-8581-8f74ba7a42fd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=8766712360259569763
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame BFFC
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=c13524b18ed67fd5a6e30906
0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=c13524b18ed67fd5a6e30906
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=c13524b18ed67fd5a6e30906
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
ps
pixel.33across.com/ Frame 0E8F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

x-33x-status
2000208
server
33XP003
date
Mon, 24 Jan 2022 18:47:35 GMT
/
onetag-sys.com/usync/ Frame 72E4 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 41F9 		772 B
1022 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0ed257735e717fdac90039c93b9d58f260f53ed5157f7a749f4677634319ff63

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-type
text/html
content-length
772
RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
sync.targeting.unrulymedia.com/csync/ Frame BFFC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7210246882
  • https://sync.1rx.io/usersync/tradedesk/45b3f819-9c1d-422e-b008-efa913aeeeb1
  • https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
101954
jadserve.postrelease.com/suid/ Frame BFFC 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ads.servenobid.com/ Frame BFFC
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5134455420190490776
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5134455420190490776
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5134455420190490776
Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame BFFC 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame BFFC
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=3519e8ef-4179-4723-9367-c5547ae0011f&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=3519e8ef-4179-4723-9367-c5547ae0011f&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=3519e8ef-4179-4723-9367-c5547ae0011f&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Mon, 24 Jan 2022 18:47:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 9C50 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ef1d75414c2e9af222ce08c2c760d1780d78874f0ed62ec3bd740831e542446c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|45|206|218|221|105
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 24 Jan 2022 18:47:35 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Length
1706
Connection
keep-alive
sync
ads.servenobid.com/ Frame BFFC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-J3AaqpFE2uEh6nnf2lJpRC.ZDU9cVvB9HhvY2Rw-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-J3AaqpFE2uEh6nnf2lJpRC.ZDU9cVvB9HhvY2Rw-~A
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-J3AaqpFE2uEh6nnf2lJpRC.ZDU9cVvB9HhvY2Rw-~A
date
Mon, 24 Jan 2022 18:47:35 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
view
securepubads.g.doubleclick.net/pcs/ Frame 4568 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnBZU5VrFtZnI7yQ-SUxku8tX4OBs4Bzc9z7SRP-w3I5gCT9kMrLfvAv9Use2ru8IyFEwaBHh5ou65TA75WcEQTNYjQfkYDWflL-Ki-zFO6OZgebHsJg6-IRWgfKse-Jf7di9xuKqPAwCLm3KYrqdGN7mYUgP6GBcfHxOsRe07B8yvqO9qDl_g1Hjh_SgT3j5ucxz-dP3Ng3554l2aaI5_FAZQSubzrcT02zfiEvW51Zm5DBweSOJ-6bLTUXRtzq_Mw_0K-UrEzP-PRJe7_xIVkKPjz7KwIwQx1Pj2Es4_gOufHwkpUATGB8cYXDEk&sai=AMfl-YT3ZkzubEeJvFxrUB6x3FZFQMETeNAfGpgsHt2ZaQjuxU3nJdjof0Bv6b7JPAGR9j49yugVISVPvaaVz-fcR7S8FjIcRmssV_NtMEaVHNgcfCuqJtMK6CDwKgNiKO0&sig=Cg0ArKJSzOGNioFPDOk8EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 24 Jan 2022 18:47:35 GMT
blacklist_script.js
tagan.adlightning.com/nobid/ Frame DBCC 		32 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nobid/blacklist_script.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-117.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a297ae54a59f218f51ff15b708470dd6a25f0ea065541ab6962c1ad1b173232

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:10:02 GMT
content-encoding
gzip
age
2254
x-cache
Hit from cloudfront
content-length
14571
x-amz-meta-git_commit
91212c4
last-modified
Mon, 24 Jan 2022 17:50:51 GMT
server
AmazonS3
etag
"c0d48239261f9422d9feda32465aea13"
x-amz-version-id
I7Cbaq2BMzY6V4rEBBEa_.0STRe07L1X
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
S2pIeTguObrJPHMjpY9GyFOKsLbExPfANv7b439JxdpqhfH87lF9AQ==
blocking_script.js
tagan.adlightning.com/nobid/ Frame DBCC 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nobid/blocking_script.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-117.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04f1a422a3ef8cd2d3374810deb9c22c13bda8e127733ca0e0e4b1e6bee5b1a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 03:35:00 GMT
content-encoding
gzip
age
54756
x-cache
Hit from cloudfront
content-length
28099
x-amz-meta-git_commit
7b120a5
last-modified
Tue, 03 Aug 2021 18:05:42 GMT
server
AmazonS3
etag
"fd08c86ea7f03bfece3e287bb474a3f5"
x-amz-version-id
fInfaGd4AtnLXSt0YN2.z5TL9ndYiGEY
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
rjUJzwPtwT8EZ31cqPgVV8gKcXKFezqAXSrmJ1o1BxHi2ie1EmMHyg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame DBCC 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
bfe7dd06e0bf0c3b6539f6a8b10aad78e47d578aa23cf5e501d36738251975da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27075
x-xss-protection
0
server
sffe
etag
"1111 / 399 of 1000 / last-modified: 1643049547"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 24 Jan 2022 18:47:36 GMT
userconnect.js
js.adscale.de/ Frame A445 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:f200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
p9Ju1UWFMOrICQUKapanB03fet2uI24d
content-encoding
gzip
last-modified
Fri, 21 Jan 2022 03:53:43 GMT
server
AmazonS3
age
242
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 71899bd3f76489e8a6e71cc77aaa6424.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 24 Jan 2022 18:43:34 GMT
x-amz-cf-pop
TXL50-P3
x-amz-cf-id
fghpdgi-lK9Km3M4KqxCI3GXYAdQNLti6KWKDLJJ3Z9RbUxWU4X7ZA==
csync
sync.console.adtarget.com.tr/ Frame A445 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=8bdee77727124e4e90d642231474edb2
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
VertaMedia 1.0
Etag
2bc553fa1dd5435a
Content-Length
0
getuid
ib.adnxs.com/ Frame 1D6D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 1D6D 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 1D6D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=db80bd73-be08-4d09-94cf-74a8fe877873&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=db80bd73-be08-4d09-94cf-74a8fe877873&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d2b6e67ecd16907-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=db80bd73-be08-4d09-94cf-74a8fe877873&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
date
Mon, 24 Jan 2022 18:47:36 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 1D6D 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 1D6D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De30e4e09-47d8-479c-5f99-c139f5f2a246%26reqId%3D4...
  • https://mwzeom.zeotap.com/mw?cid=45b3f819-9c1d-422e-b008-efa913aeeeb1&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=45b3f819-9c1d-422e-b008-efa913aeeeb1&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d2b6e61398d6907-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=45b3f819-9c1d-422e-b008-efa913aeeeb1&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 1D6D 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Mon, 24 Jan 2022 18:47:35 GMT
via
1.1 varnish
server
nginx
x-timer
S1643050056.797642,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn4081-HHN
u
dmp.v.fwmrm.net/ad/ Frame 1D6D 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f607:11a7:cf56:2b1f:dc6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 1D6D 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De30e4e09-47d8-479c-5f99-c139f5f2a246%26reqId%3D49a2089d-f7c6-42bb-7d76-a444e37bd709%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 1D6D
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=6fc31644-06f7-43ce-b22e-b922eb2a0b75&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6fc31644-06f7-43ce-b22e-b922eb2a0b75&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d2b6e68cf0b6907-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=6fc31644-06f7-43ce-b22e-b922eb2a0b75&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 1D6D
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=e30e4e09-47d8-479c-5f99-c139f5f2a246&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://mwzeom.zeotap.com/mw?cid=33954602667591782293093344066085338567&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=33954602667591782293093344066085338567&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d2b6e6139926907-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v027-05c52038e.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
38DVjrrFQTY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=33954602667591782293093344066085338567&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 1D6D 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 1D6D
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=e30e4e09-47d8-479c-5f99-c139f5f2a246&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022012419-47360-0.815264001643050044-6bac30ae1c790409dc618027fc27b2e4&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022012419-47360-0.815264001643050044-6bac30ae1c790409dc618027fc27b2e4&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d2b6e655d186907-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022012419-47360-0.815264001643050044-6bac30ae1c790409dc618027fc27b2e4&zdid=533&env=mWeb
Date
Mon, 24 Jan 2022 18:47:24 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 1D6D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7056846251936512151&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7056846251936512151&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d2b6e64fc146907-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7056846251936512151&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 1D6D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=e30e4e09-47d8-479c-5f99-c139f5f2a246
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=e30e4e09-47d8-479c-5f99-c139f5f2a246
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=e30e4e09-47d8-479c-5f99-c139f5f2a246
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=e30e4e09-47d8-479c-5f99-c139f5f2a246
date
Mon, 24 Jan 2022 18:47:35 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 1D6D
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=e30e4e09-47d8-479c-5f99-c139f5f2a246&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=e30e4e09-47d8-479c-5f99-c139f5f2a246&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=rEvYWtVfWO1XPGOizQf1mO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=rEvYWtVfWO1XPGOizQf1mO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d2b6e67fce66907-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
via
1.1 google
last-modified
Mon, 24 Jan 2022 18:47:36 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=rEvYWtVfWO1XPGOizQf1mO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 1D6D 		36 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=e30e4e09-47d8-479c-5f99-c139f5f2a246&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.108 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 1D6D
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=e30e4e09-47d8-479c-5f99-c139f5f2a246?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=e30e4e09-47d8-479c-5f99-c139f5f2a246?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=7b5e473e169153a7619e0ce7c3ab424c&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7...
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=7b5e473e169153a7619e0ce7c3ab424c&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d2b6e686e446907-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=7b5e473e169153a7619e0ce7c3ab424c&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
cache-control
no-cache
x-server
10.45.23.11
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 1D6D
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-ReuwirlE2oqTb2TzCgFB6d8ctmbN9BRN5Q--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-ReuwirlE2oqTb2TzCgFB6d8ctmbN9BRN5Q--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d2b6e656d456907-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 24 Jan 2022 18:47:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-ReuwirlE2oqTb2TzCgFB6d8ctmbN9BRN5Q--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 1D6D
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Dd%2FjD8%2ByH9zBgMaz7%2FWS5DtqL1ApS%2FLs%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Dd%2FjD8%2ByH9zBgMaz7%2FWS5DtqL1ApS%2FLs%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d2b6e656d476907-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Dd%2FjD8%2ByH9zBgMaz7%2FWS5DtqL1ApS%2FLs%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 1D6D 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=e30e4e09-47d8-479c-5f99-c139f5f2a246&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 1D6D 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1643050055
x-served-by
beacon-n002-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 1D6D 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=e30e4e09-47d8-479c-5f99-c139f5f2a246&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 1D6D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Ye70SAABBy83WABH&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a44...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Ye70SAABBy83WABH&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361&_test=Ye70SAABBy83WABH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d2b6e6938266907-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643050057.031148,VS0,VE0
x-served-by
cache-hhn4076-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Ye70SAABBy83WABH&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361&_test=Ye70SAABBy83WABH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 1D6D
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=d94061ee-f447-4000-9c05-557f1997fead&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=d94061ee-f447-4000-9c05-557f1997fead&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d2b6e686e416907-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Mon, 24 Jan 2022 18:47:36 GMT
Server
MT3 4133 baa842e master cdg-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=d94061ee-f447-4000-9c05-557f1997fead&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Mon, 24 Jan 2022 18:47:35 GMT
usermatch.gif
beacon.krxd.net/ Frame 1D6D
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OnwtAraO&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=e30e4e09-47d8-479c-5f99-c139f5f2a246
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=e30e4e09-47d8-479c-5f99-c139f5f2a246
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
cache-control
private, no-cache, no-store
x-request-time
D=25 t=1643050056
x-served-by
beacon-n006-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 24 Jan 2022 18:47:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=e30e4e09-47d8-479c-5f99-c139f5f2a246
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d2b6e651c566907-FRA
access-control-allow-headers
*
dcm
aax-eu.amazon-adsystem.com/s/ Frame 1D6D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e30e4e09-47d8-479c-5f99-c139f5f2a246&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f9...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e30e4e09-47d8-479c-5f99-c139f5f2a246&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f9...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e30e4e09-47d8-479c-5f99-c139f5f2a246&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VJSK4X6RB74CF7E1PM1P
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SSG23XAH4JWRB3JW0Q0P
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e30e4e09-47d8-479c-5f99-c139f5f2a246&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 1D6D 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=e30e4e09-47d8-479c-5f99-c139f5f2a246&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 1D6D
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De30...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d2b6e687e4a6907-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
date
Mon, 24 Jan 2022 18:47:36 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 1D6D 		557 B
497 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddc8f8e58267836547aa862b247b73eb00209cf0835cfb7a1289de0632a182a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d2b6e60b8786907-FRA
date
Mon, 24 Jan 2022 18:47:35 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Mon, 24 Jan 2022 18:47:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
blacklist_script.js
tagan.adlightning.com/nobid/ Frame 792D 		32 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nobid/blacklist_script.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-117.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a297ae54a59f218f51ff15b708470dd6a25f0ea065541ab6962c1ad1b173232

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:10:02 GMT
content-encoding
gzip
age
2254
x-cache
Hit from cloudfront
content-length
14571
x-amz-meta-git_commit
91212c4
last-modified
Mon, 24 Jan 2022 17:50:51 GMT
server
AmazonS3
etag
"c0d48239261f9422d9feda32465aea13"
x-amz-version-id
I7Cbaq2BMzY6V4rEBBEa_.0STRe07L1X
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
oEnDLZSekCVteMlnOc3FIZVp2MelQODrgKQ4bEmuktK3i1VD8YweFQ==
blocking_script.js
tagan.adlightning.com/nobid/ Frame 792D 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nobid/blocking_script.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-117.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04f1a422a3ef8cd2d3374810deb9c22c13bda8e127733ca0e0e4b1e6bee5b1a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 03:35:00 GMT
content-encoding
gzip
age
54756
x-cache
Hit from cloudfront
content-length
28099
x-amz-meta-git_commit
7b120a5
last-modified
Tue, 03 Aug 2021 18:05:42 GMT
server
AmazonS3
etag
"fd08c86ea7f03bfece3e287bb474a3f5"
x-amz-version-id
fInfaGd4AtnLXSt0YN2.z5TL9ndYiGEY
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
gWIg3_O-tHsZrjX00DcwYe7u55EFZHuJaEqK2oCYG1PqED62sNa3cg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 792D 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
bfe7dd06e0bf0c3b6539f6a8b10aad78e47d578aa23cf5e501d36738251975da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27075
x-xss-protection
0
server
sffe
etag
"1111 / 471 of 1000 / last-modified: 1643049547"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 24 Jan 2022 18:47:36 GMT
blacklist_script.js
tagan.adlightning.com/nobid/ Frame 4853 		32 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nobid/blacklist_script.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-117.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a297ae54a59f218f51ff15b708470dd6a25f0ea065541ab6962c1ad1b173232

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:10:02 GMT
content-encoding
gzip
age
2254
x-cache
Hit from cloudfront
content-length
14571
x-amz-meta-git_commit
91212c4
last-modified
Mon, 24 Jan 2022 17:50:51 GMT
server
AmazonS3
etag
"c0d48239261f9422d9feda32465aea13"
x-amz-version-id
I7Cbaq2BMzY6V4rEBBEa_.0STRe07L1X
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Nt_APLczqTflu4rmWWybmWQrks86IrcKQ0DSVfxMSWQ08c8Jilm31Q==
blocking_script.js
tagan.adlightning.com/nobid/ Frame 4853 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nobid/blocking_script.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-117.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04f1a422a3ef8cd2d3374810deb9c22c13bda8e127733ca0e0e4b1e6bee5b1a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 03:35:00 GMT
content-encoding
gzip
age
54756
x-cache
Hit from cloudfront
content-length
28099
x-amz-meta-git_commit
7b120a5
last-modified
Tue, 03 Aug 2021 18:05:42 GMT
server
AmazonS3
etag
"fd08c86ea7f03bfece3e287bb474a3f5"
x-amz-version-id
fInfaGd4AtnLXSt0YN2.z5TL9ndYiGEY
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
U-AH1Z4WNLPNTn_U35ZgYK-i56NHLfehZGujiT62OYarwFEHMBF4gg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4853 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
1ca76568cd03f07c2f49dc38a17c5ee1b9e76a6d80d9ab9f97b53e561bea8bff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27075
x-xss-protection
0
server
sffe
etag
"1111 / 594 of 1000 / last-modified: 1643049547"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 24 Jan 2022 18:47:36 GMT
0waha4ezfhrk
hal9000.redintelligence.net/zone/ Frame 2B06 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/0waha4ezfhrk?subid=&gdpr=0&gdpr_consent=&rnd=3941134859784582112&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ruc&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4d7830eea5b668e41ab1558883a012b117e20ed3_15%26mt_aid%3D3941134859784582112%26mt_id%3D9696044%26mt_adid%3D226589%26mt_sid%3D9968202%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd94061ee-f447-4000-9c05-557f1997fead%26mt_cid%3Dd94061ee-f447-4000-9c05-557f1997fead%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F934e78eb-a938-46d5-ba63-02cf2d9e9c78%2F%26redirect%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
7fb8cdcfbaad3f0e4a263753a3225f8d0f62f5c4bbc0a789606e99bd2ea74a68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2962
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
pixel.mathtag.com/event/ Frame 2B06 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=3941134859784582112&v3=1041802&v4=9968202&v5=9696044&mt_nsync=1&no_attr=1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.76.200.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-210.deploy.static.akamaitechnologies.com
Software
MT3 4133 baa842e master zrh-pixel-x14 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
MT3 4133 baa842e master zrh-pixel-x14 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:34 GMT
img
tags.mathtag.com/event/ Frame 2B06 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=3941134859784582112&st=9968202&time=1643050055&nodeid=2803
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
MMBD/3.300.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x75, zrh-bidder-x158
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 24 Jan 2022 18:47:34 GMT
js
sync.mathtag.com/sync/ Frame 2B06 		1 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master cdg-pixel-x4 config:1.0.0 /
Resource Hash
6ccff7868187cbeceeb917436f5253e4166cbc710309755f3ef9af48a6f7f0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
Server
MT3 4133 baa842e master cdg-pixel-x4 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Type
text/javascript
Expires
Mon, 24 Jan 2022 18:47:34 GMT
w_480_00001.ts
video.primis.tech/uploads/cn19/video/users/hls/27808/video_5e6e03dfb5313399300332/vid61eb77a94190a236910800.mp4/ 		433 KB
434 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn19/video/users/hls/27808/video_5e6e03dfb5313399300332/vid61eb77a94190a236910800.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
9a2b5e32eb839728aa4c27c928a655e96c0b7db4c0e5ad3c8ae308e05539b914

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
443680
last-modified
Sat, 22 Jan 2022 03:27:53 GMT
server
Tengine
etag
"52c3ee6ed921cb612edb89001f0bc050"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
imrl6LHK_COyJwOQWBchJcq9XQ8nEp_ZIjiUp02lj4t1BXnJncw1eA==
expires
Mon, 07 Feb 2022 18:47:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 0A00 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7f280832ae37c5f6049dd75734e4e59a802fd225ffbec70ea5468ff6c741828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51941
x-xss-protection
0
server
cafe
etag
3657585917932126647
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 18:47:35 GMT
t.dhj
pxdrop.lijit.com/1/d/ Frame 0A00 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=dailyvoice.com&pn=%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&pubid=dailyvoice&v0=261342
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Mon, 24 Jan 2022 18:47:35 GMT
containertag
ap.lijit.com/ Frame 0A00 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/containertag?containerId=18&zoneId=556331&v=2
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
ab303d1dab9b02c6272f6f1905ffa0053b0cc0b5b8fbf5a5c7e0bc604dadaf35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Content-Type
application/json
Expires
Fri, 20 Mar 2009 00:00:00 GMT
impression
vap1ams1.lijit.com/addelivery/ Frame 0A00 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/addelivery/impression?i_data=iX3nbwFhc39r5f46nThQ1AeymxufmIAIINnwmMQwSxGOg5pGGbSWeJqBd7oppDqOV76CkGcEVLKXLyWk3ft0iwWKZSVqpF-qipoLVrcnekP_CFch8TFMXTIXH-yOUcNrXhMptflzLunjYXBL2cbDCPJGeJGebFMEBE-5Snv5paCM30Kdk9f6gH1eLsvcGjjA2BzU5a61fnbP81GYtmZ1t6WTr_uaAxmxXZ8h4XAd3Zk79iO4eNyuRFR7ZJWQcCOQdL1D_0dkMCcAVyOWlTxs-a04_yk8v03NbdJmErUxtNZiez5zrRs69m509908Vga_zS6WQWcU6GNlo2d-WC-J&bannerid=207433&campaignid=232&endpoint=WATERFALL&zoneid=556331&tid=a_556331_f9cf01ff90f145deb9414e8084651993
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
fp
vap1ams1.lijit.com/data/ Frame 0A00 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/data/fp?tid=a_556331_f9cf01ff90f145deb9414e8084651993&zoneid=556331&starttime=1643050055517&adcfg=2&adcfg_response=68&addelivery=69&addelivery_response=254&lgfired=257&container=265&EOL=265&ctstart=0&elapsed_ms=266
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:35 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C72F 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
082c0f76e5c8255c6792e5b7b88ed9805d6ff554c34fc67a71cbc8726d41c7fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51931
x-xss-protection
0
server
cafe
etag
14614822307380979958
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 18:47:35 GMT
t.dhj
pxdrop.lijit.com/1/d/ Frame C72F 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=dailyvoice.com&pn=%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&pubid=dailyvoice&v0=261342
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Mon, 24 Jan 2022 18:47:35 GMT
beacon
gslbeacon.lijit.com/ Frame E4FA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gslbeacon.lijit.com/beacon?viewId=a_556326_b5cb108b649b47099ac97c7e122cb48a&rand=7876&informer=13410438&type=fpads&loc=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&v=1.2
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

Server
nginx
Date
Mon, 24 Jan 2022 18:47:35 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap3ams1
containertag
ap.lijit.com/ Frame C72F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/containertag?containerId=18&zoneId=556326&v=2
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
ab303d1dab9b02c6272f6f1905ffa0053b0cc0b5b8fbf5a5c7e0bc604dadaf35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:35 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Content-Type
application/json
Expires
Fri, 20 Mar 2009 00:00:00 GMT
impression
vap1ams1.lijit.com/addelivery/ Frame C72F 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/addelivery/impression?i_data=u_11zX0wP3h0OavofJxCCk_ESARFHRBMG0Nq8ZCYTCd5XvlwAH9zmbv6txP8JWu7Mrx3LYWzcoQQ739jV2V2wI_Vn0GmNn9TpgyLO48Yx8UoS0-xoShjlKcPAJxqKZPFxEYaaBc9hXCa4zG7uAJYxv0j6Xb9bjM4Z9seE4eET9LdzXrocRddhgYtHh_yqqvRQKW83-4xWFInfeGD-Ma-SyrADHTb9BLIxU01XQRSP5U98jfmiVm3WIYoSDyCdUF8fP3ofZEGq1ZmBv_9Yoyske71wPJWxitPsqBfMAaVA83Op4NhaiH5yMjgTFgiet8khPdnqCnp72ee2KfQY0hm&bannerid=207429&campaignid=232&endpoint=WATERFALL&zoneid=556326&tid=a_556326_b5cb108b649b47099ac97c7e122cb48a
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
fp
vap1ams1.lijit.com/data/ Frame C72F 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/data/fp?tid=a_556326_b5cb108b649b47099ac97c7e122cb48a&zoneid=556326&starttime=1643050055503&adcfg=3&adcfg_response=79&addelivery=81&addelivery_response=285&lgfired=288&beacon=293&container=297&EOL=298&ctstart=0&elapsed_ms=298
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:36 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
casale
match.adsrvr.org/track/cmf/ Frame 3954 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3954 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3954
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BG05RBWPWXQ7E98CE4DC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GNDFYYDGNV7MAH1YPKWB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3954
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ye70RiWLROK0s22WR3QvzgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:36 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3954
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:36 GMT

Redirect headers

date
Mon, 24 Jan 2022 18:47:36 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame 3954
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=c67bc9d2e0464fac9e1708155619e66d&expiration=1645642055
43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=c67bc9d2e0464fac9e1708155619e66d&expiration=1645642055
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:36 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:35 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=c67bc9d2e0464fac9e1708155619e66d&expiration=1645642055
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge
cm.adgrx.com/ Frame 3954 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-6
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum.casalemedia.com/ Frame 3954
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643136456&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643136456&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:36 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643136456&gdpr=1
pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 3954 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
new
ads3.admatic.com.tr/user/ Frame 4559 		145 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.236 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-236-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
9c91aff2b4ea9b11d37f561e6a741512edbe7cfe1a9b537f9d9b9d803d7e80ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
br
etag
l6SMDpEDAPQaPkilf6IjBm4STxGiOkPvKaX1vtG0qfHTpoGYL2FcrfFR4nJ-5nmaIcJ9KTW5BNJ1U9RcprZwsg
last-modified
Mon, 24 Jan 2022 19:47:36 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
149
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame D6C6 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa92a134dce4454af641fa19c84e0a859bd16038b7d749ac7390917910dbb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51939
x-xss-protection
0
server
cafe
etag
13496951882142060057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 18:47:35 GMT
t.dhj
pxdrop.lijit.com/1/d/ Frame D6C6 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=dailyvoice.com&pn=%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&pubid=dailyvoice&v0=261342
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Mon, 24 Jan 2022 18:47:36 GMT
containertag
ap.lijit.com/ Frame D6C6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/containertag?containerId=18&zoneId=556329&v=2
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
ab303d1dab9b02c6272f6f1905ffa0053b0cc0b5b8fbf5a5c7e0bc604dadaf35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Content-Type
application/json
Expires
Fri, 20 Mar 2009 00:00:00 GMT
impression
vap1ams1.lijit.com/addelivery/ Frame D6C6 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/addelivery/impression?i_data=fYyyoiI_dJQ1cCW7sxD8PXdlGLgVdxMHygdH6CNQrcVCQFMbRmbqqKBremzLoMTL71NVXSfo-MT_XtMzRt-j-jNIkwrN2QTWHl6fwImNM_ypvD1DpbLf_dkB0SkuegnEwFVuYFs86wAS-K1qxosbNx_YgVLKkIJzZp5WnjOP7Lna1FqVIjR9v2OcoMgOwcTIw06AWq2D-XqBu9ePHqJ7EVR0jJ-VjCuiDYykOAiIsgFwdZN9AMaNnmC1eqVClSL6Q3GkgGCYxIqqSikMaXTlbFe6m1q_v4861kAmvxq5fHNXcBReTz1S5nu4hG_AuLItxYhQkrS5P3XE6nORYXmS&bannerid=207431&campaignid=232&endpoint=WATERFALL&zoneid=556329&tid=a_556329_a1c7ba82a6e548429188f64b203c9ea6
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
fp
vap1ams1.lijit.com/data/ Frame D6C6 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/data/fp?tid=a_556329_a1c7ba82a6e548429188f64b203c9ea6&zoneid=556329&starttime=1643050055532&adcfg=0&adcfg_response=66&addelivery=67&addelivery_response=304&lgfired=306&container=308&EOL=308&ctstart=0&elapsed_ms=308
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:36 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
dcm
s.amazon-adsystem.com/ Frame 861C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54eea1f944edcc2e%26uid%3D
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YFY82ZDQ0NTQEK52W1KQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
79ZV79XG54NY5BT1MEQG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 861C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ye70RiWLROK0s22WR3QvzgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54eea1f944edcc2e%26uid%3D
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:36 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 861C 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54eea1f944edcc2e%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 861C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54eea1f944edcc2e%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 861C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d94061ee-f447-4000-9c05-557f1997fead&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d94061ee-f447-4000-9c05-557f1997fead&gdpr=1&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54eea1f944edcc2e%26uid%3D
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:37 GMT

Redirect headers

Date
Mon, 24 Jan 2022 18:47:36 GMT
Server
MT3 4133 baa842e master cdg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d94061ee-f447-4000-9c05-557f1997fead&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 24 Jan 2022 18:47:35 GMT
match
c1.adform.net/serving/cookie/ Frame 861C 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54eea1f944edcc2e%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 861C
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=lQ5oacULOTqODmk_mlkgaJMLbD-OCWw1kQZ1jGGk
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=lQ5oacULOTqODmk_mlkgaJMLbD-OCWw1kQZ1jGGk
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54eea1f944edcc2e%26uid%3D
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:36 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=lQ5oacULOTqODmk_mlkgaJMLbD-OCWw1kQZ1jGGk
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 861C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7745894741315734165
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7745894741315734165
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54eea1f944edcc2e%26uid%3D
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:37 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7745894741315734165
pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
um
u-ams02.e-planning.net/ Frame 861C 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=54eea1f944edcc2e&uid=Ye70RiWLROK0s22WR3QvzgAA%261108
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54eea1f944edcc2e%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
server
openresty
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 2D00
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
S9XM670GQK23GZK74AFP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VBAGV09Y5HHVH3AS0106
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2D00
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ye70RiWLROK0s22WR3QvzgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:37 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2D00 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 2D00 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ie
match.prod.bidr.io/cookie-sync/ Frame 2D00 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.13.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2D00
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1b75aba9-08a7-4fe8-b3e4-47f88545190f
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1b75aba9-08a7-4fe8-b3e4-47f88545190f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:37 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1b75aba9-08a7-4fe8-b3e4-47f88545190f
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
index
dmp.brand-display.com/cm/api/ Frame 2D00 		43 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.45.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-45-107.us-west-2.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
last-modified
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 24 Jan 2022 18:47:38 GMT
bridge
cm.adgrx.com/ Frame 2D00 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-6
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
sync
ads.servenobid.com/ Frame 2D00 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
userconnect
ih.adscale.de/ Frame A445 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1643050056197&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
content-length
149
content-type
application/javascript
request.php
hal90009.redintelligence.net/ Frame 2B06
Redirect Chain
  • https://hal90009.redintelligence.net/request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=9d09d7c48e&subid=&uid=a8a73e007f723c67&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90009.redintelligence.net/request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=9d09d7c48e&subid=&uid=a8a73e007f723c67&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
612 B
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=9d09d7c48e&subid=&uid=a8a73e007f723c67&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4d7830eea5b668e41ab1558883a012b117e20ed3_15%26mt_aid%3D3941134859784582112%26mt_id%3D9696044%26mt_adid%3D226589%26mt_sid%3D9968202%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd94061ee-f447-4000-9c05-557f1997fead%26mt_cid%3Dd94061ee-f447-4000-9c05-557f1997fead%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F934e78eb-a938-46d5-ba63-02cf2d9e9c78%2F%26redirect%3D&documentReferer=https%3A%2F%2F0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fdailyvoice.com&random=2806542301189&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
138.201.63.149 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
4cd2687f922c75f61bdc7f25d1d3e38b8f6dbf34f54fe4021fbf2a31f4a8fa88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
51589900225339903912182011849009
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
328
Expires
Mon, 24 Jan 2022 18:47:36 +0100

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=9d09d7c48e&subid=&uid=a8a73e007f723c67&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4d7830eea5b668e41ab1558883a012b117e20ed3_15%26mt_aid%3D3941134859784582112%26mt_id%3D9696044%26mt_adid%3D226589%26mt_sid%3D9968202%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd94061ee-f447-4000-9c05-557f1997fead%26mt_cid%3Dd94061ee-f447-4000-9c05-557f1997fead%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F934e78eb-a938-46d5-ba63-02cf2d9e9c78%2F%26redirect%3D&documentReferer=https%3A%2F%2F0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fdailyvoice.com&random=2806542301189&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Mon, 24 Jan 2022 18:47:36 +0100
pixel
cm.g.doubleclick.net/ Frame 9C50 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9C50 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 9C50
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NBW669KTF2AY1BH7036H
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VGA0T9AXV3RRM8RFJV9S
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9C50
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ye70RiWLROK0s22WR3QvzgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:37 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 9C50 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ibs:dpid=23728&dpuuid=Ye70RiWLROK0s22WR3QvzgAA%261108
dpm.demdex.net/ Frame 9C50 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Ye70RiWLROK0s22WR3QvzgAA%261108?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.105.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-105-123.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
tpid=Ye70RiWLROK0s22WR3QvzgAA%261108
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame 9C50 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=Ye70RiWLROK0s22WR3QvzgAA%261108?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.14.8
content-type
image/gif
content-length
49
expires
0
crum
dsum-sec.casalemedia.com/ Frame 9C50
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:37 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx/1.20.0
content-length
76
sync
ads.servenobid.com/ Frame 9C50 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
cmp
spl.zeotap.com/ Frame 1D6D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d2b6e64ebf16907-FRA
csync
sync.console.adtarget.com.tr/ Frame 4559 		0
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=B9qXIiyXBDCVwa7te5xbJm3YKiKpOm4e5OukvW7wpbvE4zxjQ3PKvDicZlsHAWAkt_8NPnk2w06rNjJMUJVq6g
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:36 GMT
Server
VertaMedia 1.0
Etag
2bc553fa1dd5435a
Content-Length
0
1434
check.analytics.rlcdn.com/check/ 		25 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1434
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-97.ams54.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
via
1.1 80826ca6c4fd6005aeacf5a03c8d42e8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
x-amzn-requestid
2411f462-dacd-43c2-9b99-b915f7e7e41f
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61eef448-3e4b754f25ffb1451c3285c8
x-amz-apigw-id
MdsbbH1ujoEF3SQ=
content-length
25
x-amz-cf-id
tqGjSrox8SnnpnHDyEM--XSaTS28DknKU1z77WkPLApY8wGshxma7Q==
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/ Frame 0A00 		284 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8953041492648340&plah=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8282b7bc93322de54a9c12fdd3ba6a6e4c6b42002cb0793d23da157727b5d45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104511
x-xss-protection
0
server
cafe
etag
8669457024530343480
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 18:47:36 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220119/r20190131/ Frame 0C1E 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220119/r20190131/zrt_lookup.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Mon, 24 Jan 2022 16:19:13 GMT
expires
Mon, 07 Feb 2022 16:19:13 GMT
cache-control
public, max-age=1209600
age
8903
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cc.js
tags.crwdcntrl.net/c/15238/ Frame 9532 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-90.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 21:44:30 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
75788
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
8b8FDIqBp4Dy6T9i-t3ep3UrniFa-F46w9ddjoPfvga5BNh4ndS-PA==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 7FEA 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Mon, 24 Jan 2022 18:47:36 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Sat, 23 Jan 2027 18:47:36 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 35D6 		0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AEE1lNUTvSUIBN-n
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Mon, 24 Jan 2022 18:47:36 GMT
Content-Length
0
Etag
2bc553fa1dd5435a
pubads_impl_2022011410.js
securepubads.g.doubleclick.net/gpt/ Frame DBCC 		351 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011410.js?31064231
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
f1cf4b797c01e51e3cbdc81cdc65bc53153eef575f765c5650a5459b9e93ffdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 21:50:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248229
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121039
x-xss-protection
0
last-modified
Sat, 15 Jan 2022 00:17:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 21 Jan 2023 21:50:27 GMT
pubads_impl_2022011410.js
securepubads.g.doubleclick.net/gpt/ Frame 792D 		351 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011410.js?31064231
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
f1cf4b797c01e51e3cbdc81cdc65bc53153eef575f765c5650a5459b9e93ffdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 21:50:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248230
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121039
x-xss-protection
0
last-modified
Sat, 15 Jan 2022 00:17:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 21 Jan 2023 21:50:27 GMT
pubads_impl_2022011410.js
securepubads.g.doubleclick.net/gpt/ Frame 4853 		351 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011410.js?31064239
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
f1cf4b797c01e51e3cbdc81cdc65bc53153eef575f765c5650a5459b9e93ffdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 21:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76517
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121039
x-xss-protection
0
last-modified
Sat, 15 Jan 2022 00:17:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 23 Jan 2023 21:32:20 GMT
user
ads3.admatic.com.tr/ Frame 4559
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=9d16bdb3-df4b-4ce5-8ca6-dc19409f1b4d&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
35 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.236 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-236-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
c
c.pub.network/ 		36 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.5.3bc9fcda2d0fabcd3f40724dc7003d41fb4a90ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
7e65aca503c430f8f52e7dca8e3f39f6d401f46bc0a0e1d7df748e1a7d7b63b7

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://dailyvoice.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
usersync
rtb.gumgum.com/ Frame 6BEF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=8766712360259569763
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=8766712360259569763
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6b01b5dc-da1d-4bd6-b7e3-5cb3828bd149
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=8766712360259569763
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 6BEF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_61001eb7-d422-4353-b650-2d64f5ea790a&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=ca12eaa9-f273-4fcf-af43-97cc855ad919&ssp=gumgum2
  • https://rtb.gumgum.com/usersync?b=bsw&i=4557f183-3838-48df-bbf2-f73b9b10a9b1
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=4557f183-3838-48df-bbf2-f73b9b10a9b1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=4557f183-3838-48df-bbf2-f73b9b10a9b1
Date
Mon, 24 Jan 2022 18:47:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 6BEF
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%288aC1RFo2i6rja2jm6MDhHztTLjHgfGvM-jydmAPRhlJU52l2hE9giCepQ5JtGNik%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_65d4e4a6-1537-4086-9445-1adf888808b4&obuid=ENC(8aC1RFo2i6rja2jm6MDhHztTLjHgfGvM-jydmAPRhlJU52l2hE9giCepQ5JtGNik)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=lmWK_l3Y3SWvbOspOjaVn0zy3ccH9X4esi_Pv3FodJf3F0UCAnvVvqKJ_5unm_Oz
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=VrBUIL_JmK8zKB5nloeY
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=VrBUIL_JmK8zKB5nloeY
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:38 GMT
Cache-Control
no-cache
X-TraceId
065338fefc288699cf072bd1c432c4dc
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=VrBUIL_JmK8zKB5nloeY
Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
99
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 6BEF
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=9f8e347b-d5c3-437d-a4e2-bd84f6c69b80
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=9f8e347b-d5c3-437d-a4e2-bd84f6c69b80
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=9f8e347b-d5c3-437d-a4e2-bd84f6c69b80
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 6BEF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-26049d05-0300-4bbe-701c-172a4182ed25$ip$84.19.175.184
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-26049d05-0300-4bbe-701c-172a4182ed25$ip$84.19.175.184
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-26049d05-0300-4bbe-701c-172a4182ed25$ip$84.19.175.184
Date
Mon, 24 Jan 2022 18:47:37 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 6BEF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-hNZt2_VE2peosMZFMe87WZMw.b5bXPgIguDc~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-hNZt2_VE2peosMZFMe87WZMw.b5bXPgIguDc~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 24 Jan 2022 18:47:37 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-hNZt2_VE2peosMZFMe87WZMw.b5bXPgIguDc~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
rtb.gumgum.com/ Frame 6BEF
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=19c29ceb-7d46-11ec-adc0-29ae3790b9b2
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=19c29ceb-7d46-11ec-adc0-29ae3790b9b2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=19c29ceb-7d46-11ec-adc0-29ae3790b9b2
Date
Mon, 24 Jan 2022 18:47:36 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
19c29cec-7d46-11ec-adc0-29ae3790b9b2
services
sync.technoratimedia.com/ Frame 6BEF 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
199172260
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 6BEF 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
content-length
0
server
a
usersync
rtb.gumgum.com/ Frame 6BEF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_61001eb7-d422-4353-b650-2d64f5ea790a&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=i0N6SIB-cZeynmOuoipk&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT22JQJY3FGSKCFVRVUZLZNZWU65LPNFYGWJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=i0N6SIB-cZeynmOuoipk&us_privacy=1---
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=i0N6SIB-cZeynmOuoipk&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=i0N6SIB-cZeynmOuoipk&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 6BEF
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=2f1005de-fdf5-4781-b982-43c87eb73eaf
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=2f1005de-fdf5-4781-b982-43c87eb73eaf
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=2f1005de-fdf5-4781-b982-43c87eb73eaf
date
Mon, 24 Jan 2022 18:47:37 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ads.servenobid.com/ Frame 6BEF
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003&rndcb=2821964151
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=adconductor&bds_param=4557f183-3838-48df-bbf2-f73b9b10a9b1
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=d17886cc-6113-4c61-b707-33b7efbeab99&expires=10&ssp=adconductor&bsw_param=4557f183-3838-48df-bbf2-f73b9b10a9b1
  • https://sync.1rx.io/usersync/bidswitch/4557f183-3838-48df-bbf2-f73b9b10a9b1?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
date
Mon, 24 Jan 2022 18:47:38 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX935c60d0aa294a4ab0a57d2ce8e47555003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 6BEF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=g0mmqsiGpUjS&ev=1&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=g0mmqsiGpUjS&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb.gumgum.com/usersync?b=pln&i=g0mmqsiGpUjS&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-775b5b88b7-8tclh
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 6BEF 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
content-length
0
sync
ads.servenobid.com/ Frame 6BEF 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_61001eb7-d422-4353-b650-2d64f5ea790a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame 8EE1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=8766712360259569763
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=8766712360259569763
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cf2e7298-f8e6-4d5f-9813-5a25ba9bbfcd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=8766712360259569763
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 8EE1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_88d325e0-9bae-4846-8aba-f0487090da5b&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=4557f183-3838-48df-bbf2-f73b9b10a9b1
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=4557f183-3838-48df-bbf2-f73b9b10a9b1
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=bebc4781-1764-470c-af9a-81651deb1ec0&ssp=gumgum2&expires=30&user_group=5&bsw_param=4557f183-3838-48df-bbf2-f73b9b10a9b1
  • https://rtb.gumgum.com/usersync?b=bsw&i=4557f183-3838-48df-bbf2-f73b9b10a9b1
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=4557f183-3838-48df-bbf2-f73b9b10a9b1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=4557f183-3838-48df-bbf2-f73b9b10a9b1
Date
Mon, 24 Jan 2022 18:47:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
s.ad.smaato.net/c/ Frame 8EE1
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28JaHU3yocxyWUeIr4OxCCVj9LkmGN_6xz7T_utB6nl7SwwSREd5FURJJqsE0hABEz%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_65d4e4a6-1537-4086-9445-1adf888808b4&obuid=ENC(JaHU3yocxyWUeIr4OxCCVj9LkmGN_6xz7T_utB6nl7SwwSREd5FURJJqsE0hABEz)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DlmWK_l3Y3SWvbOspOjaVn0zy3ccH9X4esi_Pv3FodJf3F0UCAnvVvqKJ_5unm_Oz
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DlmWK_l3Y3SWvbOspOjaVn0zy3ccH9X4esi_Pv3FodJf3F0UCAnvVvqKJ_5unm_Oz
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
2600:9000:2057:ce00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
rYkQz_XsGZV01saDXfuIkNL-5wXFqDAWNAz3BpCAwCb5Cph9qT_jXw==
x-cache
FunctionGeneratedResponse from cloudfront

Redirect headers

Location
https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DlmWK_l3Y3SWvbOspOjaVn0zy3ccH9X4esi_Pv3FodJf3F0UCAnvVvqKJ_5unm_Oz
Date
Mon, 24 Jan 2022 18:47:38 GMT
X-TraceId
d3c0a99ca290cb5c08f3c8254f0ec48d
Content-Length
0
usersync
rtb.gumgum.com/ Frame 8EE1
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=9f8e347b-d5c3-437d-a4e2-bd84f6c69b80
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=9f8e347b-d5c3-437d-a4e2-bd84f6c69b80
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=9f8e347b-d5c3-437d-a4e2-bd84f6c69b80
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 8EE1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-4e31d384-391e-48a2-70cb-b24351c7711e$ip$84.19.175.184
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-4e31d384-391e-48a2-70cb-b24351c7711e$ip$84.19.175.184
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-4e31d384-391e-48a2-70cb-b24351c7711e$ip$84.19.175.184
Date
Mon, 24 Jan 2022 18:47:37 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 8EE1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-hNZt2_VE2peosMZFMe87WZMw.b5bXPgIguDc~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-hNZt2_VE2peosMZFMe87WZMw.b5bXPgIguDc~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 24 Jan 2022 18:47:37 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-hNZt2_VE2peosMZFMe87WZMw.b5bXPgIguDc~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
rtb.gumgum.com/ Frame 8EE1
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=19c29d64-7d46-11ec-a519-b1962ed8ea81
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=19c29d64-7d46-11ec-a519-b1962ed8ea81
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=19c29d64-7d46-11ec-a519-b1962ed8ea81
Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
19c29d65-7d46-11ec-a519-b1962ed8ea81
services
sync.technoratimedia.com/ Frame 8EE1 		0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
91438341
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 8EE1 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
content-length
0
server
a
usersync
rtb.gumgum.com/ Frame 8EE1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_88d325e0-9bae-4846-8aba-f0487090da5b&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=taPqLvjraDgId-1PqYdg&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25DBKBYUY5TKOJQUIZ2JMQWTCUDRLFSGOJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=taPqLvjraDgId-1PqYdg&us_privacy=1---
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=taPqLvjraDgId-1PqYdg&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=taPqLvjraDgId-1PqYdg&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 8EE1
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=2f1005de-fdf5-4781-b982-43c87eb73eaf
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=2f1005de-fdf5-4781-b982-43c87eb73eaf
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=2f1005de-fdf5-4781-b982-43c87eb73eaf
date
Mon, 24 Jan 2022 18:47:37 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 8EE1
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003&rndcb=8272538175
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=4557f183-3838-48df-bbf2-f73b9b10a9b1&google_hm=NDU1N2YxODMtMzgzOC00OGRmLWJiZjItZjczYjliMTBh...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEahGcyMOenctxKwjQR8QWQ&google_cver=1&ssp=adconductor&bsw_param=4557f183-3838-48df-bbf2-f73b9b10a9b1
  • https://sync.1rx.io/usersync/bidswitch/4557f183-3838-48df-bbf2-f73b9b10a9b1?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
date
Mon, 24 Jan 2022 18:47:37 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX935c60d0aa294a4ab0a57d2ce8e47555003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 8EE1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=Xfa5nugf6Nma&ev=1&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=Xfa5nugf6Nma&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb.gumgum.com/usersync?b=pln&i=Xfa5nugf6Nma&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-775b5b88b7-767b9
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 8EE1 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
content-length
0
sync
ads.servenobid.com/ Frame 8EE1 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_88d325e0-9bae-4846-8aba-f0487090da5b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/ Frame C72F 		284 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8953041492648340&plah=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8282b7bc93322de54a9c12fdd3ba6a6e4c6b42002cb0793d23da157727b5d45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104511
x-xss-protection
0
server
cafe
etag
8669457024530343480
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 18:47:37 GMT
usync.js
eus.rubiconproject.com/ Frame E6E7 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f46cc92a45e5d2f9007c9aff6ea24d395c901a5878f441733bb5d08682f4765a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17648
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Mon, 24 Jan 2022 23:41:45 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/ Frame D6C6 		284 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8953041492648340&plah=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8282b7bc93322de54a9c12fdd3ba6a6e4c6b42002cb0793d23da157727b5d45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104511
x-xss-protection
0
server
cafe
etag
8669457024530343480
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 18:47:37 GMT
usersync
rtb.gumgum.com/ Frame AA27
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=8766712360259569763
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=8766712360259569763
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8c58d1ee-9bb6-45eb-9cf8-cf2bbd874d51
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=8766712360259569763
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame AA27
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_65d4e4a6-1537-4086-9445-1adf888808b4&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=4557f183-3838-48df-bbf2-f73b9b10a9b1
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=4557f183-3838-48df-bbf2-f73b9b10a9b1
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=bebc4781-1764-470c-af9a-81651deb1ec0&ssp=gumgum2&expires=30&user_group=5&bsw_param=4557f183-3838-48df-bbf2-f73b9b10a9b1
  • https://rtb.gumgum.com/usersync?b=bsw&i=4557f183-3838-48df-bbf2-f73b9b10a9b1
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=4557f183-3838-48df-bbf2-f73b9b10a9b1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=4557f183-3838-48df-bbf2-f73b9b10a9b1
Date
Mon, 24 Jan 2022 18:47:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync
ssbsync.smartadserver.com/api/ Frame AA27
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28lmWK_l3Y3SWvbOspOjaVn0zy3ccH9X4esi_Pv3FodJf3F0UCAnvVvqKJ_5unm_Oz%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_65d4e4a6-1537-4086-9445-1adf888808b4&obuid=ENC(lmWK_l3Y3SWvbOspOjaVn0zy3ccH9X4esi_Pv3FodJf3F0UCAnvVvqKJ_5unm_Oz)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5...
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DlmWK_l3Y3SWvbOspOjaVn0zy3ccH9X4esi_Pv3FodJf3F0UCAnvVvqKJ_5unm_Oz%26gdpr%3D$GDPR_APPLIES%26gdpr_consent%3D$CONSNT_STRING
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-length
0

Redirect headers

Location
https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DlmWK_l3Y3SWvbOspOjaVn0zy3ccH9X4esi_Pv3FodJf3F0UCAnvVvqKJ_5unm_Oz%26gdpr%3D$GDPR_APPLIES%26gdpr_consent%3D$CONSNT_STRING
Date
Mon, 24 Jan 2022 18:47:38 GMT
X-TraceId
f6dd264da251b5f4673de9b646ed6e0d
Content-Length
0
usersync
rtb.gumgum.com/ Frame AA27
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=9f8e347b-d5c3-437d-a4e2-bd84f6c69b80
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=9f8e347b-d5c3-437d-a4e2-bd84f6c69b80
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=9f8e347b-d5c3-437d-a4e2-bd84f6c69b80
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame AA27
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-66753af1-8f9a-4db8-7946-7c657dba76e3$ip$84.19.175.184
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-66753af1-8f9a-4db8-7946-7c657dba76e3$ip$84.19.175.184
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-66753af1-8f9a-4db8-7946-7c657dba76e3$ip$84.19.175.184
Date
Mon, 24 Jan 2022 18:47:37 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame AA27
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-hNZt2_VE2peosMZFMe87WZMw.b5bXPgIguDc~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-hNZt2_VE2peosMZFMe87WZMw.b5bXPgIguDc~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 24 Jan 2022 18:47:37 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-hNZt2_VE2peosMZFMe87WZMw.b5bXPgIguDc~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
rtb.gumgum.com/ Frame AA27
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=19c2eb5f-7d46-11ec-aad8-9f94043e2d80
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=19c2eb5f-7d46-11ec-aad8-9f94043e2d80
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=19c2eb5f-7d46-11ec-aad8-9f94043e2d80
Date
Mon, 24 Jan 2022 18:47:36 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
19c2eb60-7d46-11ec-aad8-9f94043e2d80
services
sync.technoratimedia.com/ Frame AA27 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
145435590
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame AA27 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
content-length
0
server
a
usersync
rtb.gumgum.com/ Frame AA27
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_65d4e4a6-1537-4086-9445-1adf888808b4&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=VrBUIL_JmK8zKB5nloeY&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VTSIJKUSTC7JJWUWOD2JNBDK3TMN5SVSJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=VrBUIL_JmK8zKB5nloeY&us_privacy=1---
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=VrBUIL_JmK8zKB5nloeY&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=VrBUIL_JmK8zKB5nloeY&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame AA27
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=2f1005de-fdf5-4781-b982-43c87eb73eaf
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=2f1005de-fdf5-4781-b982-43c87eb73eaf
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=2f1005de-fdf5-4781-b982-43c87eb73eaf
date
Mon, 24 Jan 2022 18:47:37 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
sync.targeting.unrulymedia.com/csync/ Frame AA27
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003&rndcb=6604578814
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadconductor%26expires%3D30%26user_group%3D...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadconductor%26expires%3D30%26user_group%3D...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=7fbe4ca5-e716-5318-b0bf-0fc2d151fb8b&ssp=adconductor&expires=30&user_group=1
  • https://sync.1rx.io/usersync/bidswitch/4557f183-3838-48df-bbf2-f73b9b10a9b1?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
usersync
rtb.gumgum.com/ Frame AA27
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=ycQgNgUO2mg4&ev=1&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=ycQgNgUO2mg4&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb.gumgum.com/usersync?b=pln&i=ycQgNgUO2mg4&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-775b5b88b7-w4g6p
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame AA27 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:36 GMT
content-length
0
sync
ads.servenobid.com/ Frame AA27 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_65d4e4a6-1537-4086-9445-1adf888808b4
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
t.dhj
pxdrop.lijit.com/1/d/ Frame 0A00 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=dailyvoice.com&GDPR_v2=&pubid=dailyvoice
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Mon, 24 Jan 2022 18:47:37 GMT
ct
ap.lijit.com/data/ Frame 0A00 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/data/ct?tid=a_556331_f9cf01ff90f145deb9414e8084651993&zoneid=556331&cid=18&geo=DE&all_tags=590%2C604&tss=1290&fired_tags=590&count=1&status=1%2C8&elapsed_ms=1290
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
sync
ads.servenobid.com/ Frame D8C7 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1911095417174861644&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame D8C7
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDM1NTM5MjQyNjY2MTQ4ODQ5MQ==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEHnGdYpb5iKkSxjJSiqRqq4&gdpr=0&gdpr_consent=&google_cver=1
43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEHnGdYpb5iKkSxjJSiqRqq4&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEHnGdYpb5iKkSxjJSiqRqq4&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
smart
sync.adotmob.com/cookie/ Frame D8C7 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame D8C7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
43 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
MT3 4133 baa842e master cdg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 24 Jan 2022 18:47:36 GMT
/
s.ad.smaato.net/c/ Frame D8C7 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ce00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
DvVIz1q575Y8HY1u5DqKz4sO3wgde_5gf3kT3prCB1uVXu8flaRXgg==
x-cache
FunctionGeneratedResponse from cloudfront
sync
ads.servenobid.com/ Frame 640A 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1285710365985187680&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 640A
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=8766712360259569763&gdpr=0&gdpr_consent=
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=8766712360259569763&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
115d1983-1a75-4bf3-b559-92b440092611
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=8766712360259569763&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 640A
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDM1NTM5MjQyNjY2MTQ4ODQ5MQ==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEHnGdYpb5iKkSxjJSiqRqq4&gdpr=0&gdpr_consent=&google_cver=1
43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEHnGdYpb5iKkSxjJSiqRqq4&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEHnGdYpb5iKkSxjJSiqRqq4&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
redir
rtb-csync.smartadserver.com/ Frame 640A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJKL07D3ekAAEDLX71mMQ&gdpr=0
43 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJKL07D3ekAAEDLX71mMQ&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJKL07D3ekAAEDLX71mMQ&gdpr=0
Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
/
rtb-csync.smartadserver.com/redir/ Frame 640A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=9KYIKNP7qj5n&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=9KYIKNP7qj5n&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=9KYIKNP7qj5n&ev=1&pid=560288&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-775b5b88b7-xwfzg
expires
-1
sync
ads.servenobid.com/ Frame 41F9 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=4355392426661488491&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 41F9
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=eZv2DSmep15im_dbdsy-DH-e8ltinPJRfZPyHhLk
43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=eZv2DSmep15im_dbdsy-DH-e8ltinPJRfZPyHhLk
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=eZv2DSmep15im_dbdsy-DH-e8ltinPJRfZPyHhLk
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 41F9
Redirect Chain
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=7f6b392868&gdpr=0&gdpr_consent=
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=7f6b392868&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Referrer-Policy
origin-when-cross-origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=UTF-8
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=7f6b392868&gdpr=0&gdpr_consent=
X-XSS-Protection
1; mode=block
Transfer-Encoding
chunked
Connection
keep-alive
X-Content-Type-Options
nosniff
dcm
s.amazon-adsystem.com/ Frame 41F9
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USE...
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=4355392426661488491&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=4355392426661488491&gdpr=0&gdpr_consent=&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=4355392426661488491&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
F8ENBZ376NC3RWQQZE2F
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BH28X7WMSWQY5GG1ASEM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=4355392426661488491&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 41F9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=4557f183-3838-48df-bbf2-f73b9b10a9b1
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mkd8c95bad-6abf-456c-853b-382365fa1b84&expires=7&user_group=5&ssp=smartadserver&bsw_param=4557f183-3838-48df-bbf2-f73b9b10a9b1
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=4557f183-3838-48df-bbf2-f73b9b10a9b1&gdpr=&gdpr_consent=
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=4557f183-3838-48df-bbf2-f73b9b10a9b1&gdpr=&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=4557f183-3838-48df-bbf2-f73b9b10a9b1&gdpr=&gdpr_consent=
Date
Mon, 24 Jan 2022 18:47:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
t.dhj
pxdrop.lijit.com/1/d/ Frame C72F 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=dailyvoice.com&GDPR_v2=&pubid=dailyvoice
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Mon, 24 Jan 2022 18:47:37 GMT
ct
ap.lijit.com/data/ Frame C72F 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/data/ct?tid=a_556326_b5cb108b649b47099ac97c7e122cb48a&zoneid=556326&cid=18&geo=DE&all_tags=590%2C604&tss=1277&fired_tags=590&count=1&status=1%2C8&elapsed_ms=1277
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
t.dhj
pxdrop.lijit.com/1/d/ Frame D6C6 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=dailyvoice.com&GDPR_v2=&pubid=dailyvoice
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Mon, 24 Jan 2022 18:47:37 GMT
ct
ap.lijit.com/data/ Frame D6C6 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/data/ct?tid=a_556329_a1c7ba82a6e548429188f64b203c9ea6&zoneid=556329&cid=18&geo=DE&all_tags=590%2C604&tss=1237&fired_tags=590&count=1&status=1%2C8&elapsed_ms=1237
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
map
ih.adscale.de/ Frame D652 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
88bc349ec115285c3c89adb1b097518bc66c09abf2d0b0d05b67ec777644f94f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2604
usersync
rtb.gumgum.com/ Frame 5466
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master cdg-pixel-x3 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Expires
Mon, 24 Jan 2022 18:47:36 GMT
usersync
rtb.gumgum.com/ Frame 2CA1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=atm&i=Ye70SAABBy83WABH&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=Ye70SAABBy83WABH&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=Ye70SAABBy83WABH&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Mon, 24 Jan 2022 18:47:37 GMT
via
1.1 varnish
x-served-by
cache-hhn4076-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1643050057.131430,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame EF89 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82MTAwMWViNy1kNDIyLTQzNTMtYjY1MC0yZDY0ZjVlYTc5MGE=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
date
Mon, 24 Jan 2022 18:47:37 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0C70 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=53791
expires
Tue, 25 Jan 2022 09:44:08 GMT
date
Mon, 24 Jan 2022 18:47:37 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 5F0C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Mon, 24 Jan 2022 18:47:36 GMT
usersync
rtb.gumgum.com/ Frame B9B7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=45b3f819-9c1d-422e-b008-efa913aeeeb1&t=1645642057
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=45b3f819-9c1d-422e-b008-efa913aeeeb1&t=1645642057
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=45b3f819-9c1d-422e-b008-efa913aeeeb1&t=1645642057
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame FE77
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jan 2022 18:47:37 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=gumgum
date
Mon, 24 Jan 2022 18:47:37 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
um
cs.emxdgt.com/ Frame F929 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
text/html
date
Mon, 24 Jan 2022 18:47:36 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame D1E9
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=Ye70ScCo8YUAAJyTHJYAAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=Ye70ScCo8YUAAJyTHJYAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 24 Jan 2022 18:47:37 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=Ye70ScCo8YUAAJyTHJYAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
8
X-SO-HostName
a-ad40262.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":54,"gdpr":true,"ipv4":"0.0.0.0","key":"Ye70ScCo8YUAAJyTHJYAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40262"}
X-SO-Key
Ye70ScCo8YUAAJyTHJYAAAAA
X-SO-IP
84.19.175.184
X-SO-Cluster-ID
54
X-SO-Upstream-ID
a-ad40262
usersync
rtb.gumgum.com/ Frame 3FD2
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://rtb.gumgum.com/usersync?b=rth&i=FRueQIBMNWQuSIDOkLqP&pi=gumgum
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=FRueQIBMNWQuSIDOkLqP&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 24 Jan 2022 18:47:37 GMT Mon, 24 Jan 2022 18:47:37 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=FRueQIBMNWQuSIDOkLqP&pi=gumgum
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 7D03
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master cdg-pixel-x15 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Expires
Mon, 24 Jan 2022 18:47:36 GMT
usersync
rtb.gumgum.com/ Frame 8D13
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=atm&i=Ye70SAABBy83WABH&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=Ye70SAABBy83WABH&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=Ye70SAABBy83WABH&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Mon, 24 Jan 2022 18:47:37 GMT
via
1.1 varnish
x-served-by
cache-hhn4076-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1643050057.152857,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1A32 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84OGQzMjVlMC05YmFlLTQ4NDYtOGFiYS1mMDQ4NzA5MGRhNWI=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
date
Mon, 24 Jan 2022 18:47:37 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 37A6 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=53791
expires
Tue, 25 Jan 2022 09:44:08 GMT
date
Mon, 24 Jan 2022 18:47:37 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 9002 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP003
date
Mon, 24 Jan 2022 18:47:36 GMT
usersync
rtb.gumgum.com/ Frame 7D10
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=45b3f819-9c1d-422e-b008-efa913aeeeb1&t=1645642057
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=45b3f819-9c1d-422e-b008-efa913aeeeb1&t=1645642057
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=45b3f819-9c1d-422e-b008-efa913aeeeb1&t=1645642057
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame F585
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jan 2022 18:47:37 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=gumgum
date
Mon, 24 Jan 2022 18:47:37 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
um
cs.emxdgt.com/ Frame 6CB7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
text/html
date
Mon, 24 Jan 2022 18:47:36 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 650D
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=Ye70ScCo8YIAAAZ6DxgAAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=Ye70ScCo8YIAAAZ6DxgAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 24 Jan 2022 18:47:37 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=Ye70ScCo8YIAAAZ6DxgAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
3
X-SO-HostName
a-ad40045.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng30.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":52,"gdpr":true,"ipv4":"0.0.0.0","key":"Ye70ScCo8YIAAAZ6DxgAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40045"}
X-SO-Key
Ye70ScCo8YIAAAZ6DxgAAAAA
X-SO-IP
84.19.175.184
X-SO-Cluster-ID
52
X-SO-Upstream-ID
a-ad40045
usersync
rtb.gumgum.com/ Frame 609C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://rtb.gumgum.com/usersync?b=rth&i=FRueQIBMNWQuSIDOkLqP&pi=gumgum
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=FRueQIBMNWQuSIDOkLqP&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 24 Jan 2022 18:47:37 GMT Mon, 24 Jan 2022 18:47:37 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=FRueQIBMNWQuSIDOkLqP&pi=gumgum
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTY0MmA1MDA1NCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA2OTtkJaN0YT0jJat9NmAjJax9NDp2JaZcZF9jYXNmRG9gYWyhPWRunWk5qz9cY2UhY29gJaN1YxyxPWRunWk5qz9cY2UhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw04NC4kOS4kNmUhMTt0JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwx3LwAhNDY5Mv43MSUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwFyZWY0NDY4MGQkOCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwQmMDUjMDU3MTQkJaVcZD1TZWgcozRiU1BfYXyypwYkZWVzNDQ2OTNuMmEzpHVvVXJfPWu0qHBmJTNBJTJGJTJGZGFcoHy2o2ywZS5wo20yMxZhZXpgrW9lnlUlRzJyZGZipzQyMxZhZXqmJTJGoWVlpzyfoC1frW5wnC1znXJypl1zYWylZzyyoGQgY291oaR5LW1uov1wnGFlZ2VxLWFzqGVlLXNgo290nGyyLXNbo3AgqGylYWRyLXJypG9lqC1mYXymJTJGODI0NTE2JTJGJzZfo2F0U3RuqHVmPXRlqWUzZWyxp3A9pHJyYzyx
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:36 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
usersync
rtb.gumgum.com/ Frame 965B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master cdg-pixel-x15 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Expires
Mon, 24 Jan 2022 18:47:36 GMT
usersync
rtb.gumgum.com/ Frame E436
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=atm&i=Ye70SAABBy83WABH&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=Ye70SAABBy83WABH&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=Ye70SAABBy83WABH&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Mon, 24 Jan 2022 18:47:37 GMT
via
1.1 varnish
x-served-by
cache-hhn4076-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1643050057.167664,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 35F5 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82NWQ0ZTRhNi0xNTM3LTQwODYtOTQ0NS0xYWRmODg4ODA4YjQ=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
date
Mon, 24 Jan 2022 18:47:37 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C6FC 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=53791
expires
Tue, 25 Jan 2022 09:44:08 GMT
date
Mon, 24 Jan 2022 18:47:37 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame E351 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Mon, 24 Jan 2022 18:47:36 GMT
usersync
rtb.gumgum.com/ Frame 9235
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=45b3f819-9c1d-422e-b008-efa913aeeeb1&t=1645642057
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=45b3f819-9c1d-422e-b008-efa913aeeeb1&t=1645642057
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=45b3f819-9c1d-422e-b008-efa913aeeeb1&t=1645642057
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame 0B8F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jan 2022 18:47:37 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=gumgum
date
Mon, 24 Jan 2022 18:47:37 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
um
cs.emxdgt.com/ Frame 18A8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
text/html
date
Mon, 24 Jan 2022 18:47:36 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 2BA5
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=Ye70ScCo8XwAAOffDK0AAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=Ye70ScCo8XwAAOffDK0AAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 24 Jan 2022 18:47:38 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=Ye70ScCo8XwAAOffDK0AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
114
X-SO-HostName
a-ad40023.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng24.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":48,"gdpr":true,"ipv4":"0.0.0.0","key":"Ye70ScCo8XwAAOffDK0AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40023"}
X-SO-Key
Ye70ScCo8XwAAOffDK0AAAAA
X-SO-IP
84.19.175.184
X-SO-Cluster-ID
48
X-SO-Upstream-ID
a-ad40023
usersync
rtb.gumgum.com/ Frame 1BB8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://rtb.gumgum.com/usersync?b=rth&i=FRueQIBMNWQuSIDOkLqP&pi=gumgum
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=FRueQIBMNWQuSIDOkLqP&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 24 Jan 2022 18:47:37 GMT Mon, 24 Jan 2022 18:47:37 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=FRueQIBMNWQuSIDOkLqP&pi=gumgum
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
request_content.php
hal90009.redintelligence.net/ Frame 0990 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request_content.php?s=51589900225339903912182011849009&a=870a97fa
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
b665ec282934ddbcdeac35ef0629e1da06b03da3c2e78f6eca226b9be6cc5e7a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/

Response headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Mon, 24 Jan 2022 18:47:37 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2315
Connection
close
Content-Type
text/html; charset=utf-8
iframe
sync.mathtag.com/sync/ Frame 2FBA 		629 B
748 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/iframe?mt_uuid=d94061ee-f447-4000-9c05-557f1997fead&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master cdg-pixel-x26 config:1.0.0 /
Resource Hash
048675b5bae1d7dada511b7b02c60f3fb7a02e891a3931ab3afe3ab36033ca6f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/

Response headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Content-Type
text/html
Connection
close
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master cdg-pixel-x26 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires
Mon, 24 Jan 2022 18:47:36 GMT
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame 15CC 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jan 2022 18:47:37 GMT
Connection
keep-alive
Vary
Accept-Encoding
img
sync.mathtag.com/misc/ Frame 2B06 		43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master cdg-pixel-x7 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
MT3 4133 baa842e master cdg-pixel-x7 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:36 GMT
GS.d
js.cookieless-data.com/ Frame 7FEA 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1643050057486
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.12 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-12.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame DBCC 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DBCC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame DBCC 		43 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2791918878648380&correlator=3718065118639942&output=ldjh&impl=fif&eid=31064231%2C44752541&vrg=2022011410&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220124&iu_parts=102766797%3A33043040%2Cnobid%2Cdailyvoice%2Cdailyvoice-pb&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&prev_scp=_bdrid%3D607%26_pl%3D0.01%26_cp%3D0.02%26_bdid%3D6ba5a0d99c39f00b866fc87e87455b1a661c2f34__3%26_exc%3D0%26_chnl%3Dweb%26_catchall%3Dtrue&eri=4&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&bc=31&abxe=1&dt=1643050057537&dlt=1643050055706&idt=1474&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=650&adys=3033&adks=3653108709&ucis=m4cfdrhkvr95&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=2&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&top=dailyvoice.com&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x0&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=721916924&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011410.js?31064231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e421a015c184f4f39b937dad972c00ca2c6a2f245a99d2bfb82316030801b504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10792
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dailyvoice.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DBCC 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011410&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011410.js?31064231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e70bbd7295f985d05265a416b064f3e9a852b2d1662ec39f7c3d032ee0c86b6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8962
x-xss-protection
0
container.html
54ca66065a33f4bdf10b105b1e102c44.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3A46 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://54ca66065a33f4bdf10b105b1e102c44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 24 Jan 2022 18:47:37 GMT
expires
Tue, 24 Jan 2023 18:47:37 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
any
idx.liadm.com/idex/unknown/ 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/unknown/any?duid=6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-00ex.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.140.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-140-237.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://dailyvoice.com
Date
Mon, 24 Jan 2022 18:47:37 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
envelope
api.rlcdn.com/api/identity/ 		44 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1434
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://dailyvoice.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
usync.html
eus.rubiconproject.com/ Frame ED4A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jan 2022 18:47:37 GMT
Connection
keep-alive
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 2EF2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13410438
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

Server
nginx
Date
Mon, 24 Jan 2022 18:47:37 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap1ams1
sync.html
public.servenobid.com/ Frame 4CBF 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbfd30e5fd2bd475d319b5b55ab61469966d1517b703f9bd830a6f3207387c27

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

cache-control
max-age=86400
content-type
text/html
content-encoding
br
last-modified
Wed, 15 Dec 2021 19:31:35 GMT
accept-ranges
bytes
etag
"32347ab14bd5257f1f3d2e210ba82276"
server
AmazonS3
x-cache
TCP_HIT
x-amz-id-2
53BErDP6RIAzaj3IEAFG0PfhZImAYwl3RQf9Mta9aLOypYiXC+nwnIaqEP/P0uohApdrYLTH7KU=
x-amz-request-id
FSVEEVFEN87A19H0
x-amz-meta-codebuild-content-sha256
8644b4f52d5a37b8f0b84f0bbcfa66f9e0f7f97407e4d25c13a055f86b22baed
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0897103a-6355-4b89-92f6-53a82b1da700
x-amz-meta-codebuild-content-md5
276cf0a41034befc9a603617ae1a1731
x-azure-ref-originshield
0OKbtYQAAAADBXTfMvRSRT5yuv5C2Qf0eQU1TMDRFREdFMTgxMgA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref
0SfTuYQAAAACZZDoRGPUbRYnRYzhSsIU0RlJBRURHRTEwMTgAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date
Mon, 24 Jan 2022 18:47:37 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 3F6E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 24 Jan 2022 18:47:37 GMT
Connection
keep-alive
checksync.php
contextual.media.net/ Frame 14CE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUR0N35X&prvid=29%2C2034%2C2033%2C173%2C251%2C175%2C178%2C3018%2C3017%2C3016%2C214%2C159%2C237%2C117%2C70%2C97%2C99%2C77%2C3012%2C3010%2C182%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C80%2C10000%2C9%2C229%2C108%2C208%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.30.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-30-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
670d69d07ddde86002ffaca162ff65caf9f30687ed7da76512cd4da8e489561c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Wed, 26 Jan 2022 18:47:37 GMT
date
Mon, 24 Jan 2022 18:47:37 GMT
content-length
8126
sync
pre.ads.justpremium.com/v/1.0/t/ Frame D140 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a8g0fvl1643050054292
Requested by
Host: daily-voice-res.cloudinary.com
URL: https://daily-voice-res.cloudinary.com/raw/upload/v1640915222/static/Prebid6.5.0_20211230.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.92.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-92-225.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6333d39495e6e3b83223e6ed453ab41917b7350105f70c03e53d5e426a7104e7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
text/html; charset=utf-8
cache-control
public, no-cache, no-store, must-revalidate
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame E6E7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&khaos=KYT1KVKK-6-FUJ0
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif
integrator.js
adservice.google.de/adsid/ Frame 792D 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 792D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 792D 		439 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007220524383775&correlator=196352319311918&output=ldjh&impl=fif&eid=31064231&vrg=2022011410&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220124&iu_parts=102766797%3A33043040%2Cnobid%2Cdailyvoice%2Cdailyvoice-pb&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600&prev_scp=_bdrid%3D607%26_pl%3D0.01%26_cp%3D0.02%26_bdid%3Dc2e98f41545c71f4f2b3e7e7ca888fc0fadcf518__3%26_exc%3D0%26_chnl%3Dweb%26_catchall%3Dtrue&eri=4&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&bc=31&abxe=1&dt=1643050057594&dlt=1643050055735&idt=1490&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=2&adxs=1196&adys=2408&adks=3649625763&ucis=668kgfe55gfv&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=2&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&top=dailyvoice.com&vis=1&scr_x=0&scr_y=0&psz=300x600&msz=300x0&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=126950074&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011410.js?31064231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
d66c9dfae2d4713302d60bb7efa34585025a2d8ba49d8d0846e9845b90b98dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
236
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dailyvoice.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 792D 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011410&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011410.js?31064231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a97c949b91025f6f2c723bbfc1661341be9100bfac33add8864933d1f07b8720
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9203
x-xss-protection
0
container.html
f48e19840c19f686d03efee28777f675.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 51DC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f48e19840c19f686d03efee28777f675.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 24 Jan 2022 18:47:37 GMT
expires
Tue, 24 Jan 2023 18:47:37 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 4853 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4853 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4853 		43 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=650256725040585&correlator=577027676906716&output=ldjh&impl=fif&eid=31061815%2C31064236%2C31064239%2C21065724&vrg=2022011410&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220124&iu_parts=102766797%3A33043040%2Cnobid%2Cdailyvoice%2Cdailyvoice-pb&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&prev_scp=_bdrid%3D607%26_pl%3D0.01%26_cp%3D0.02%26_bdid%3Da92f94911d3c007d778ffa024be60f1d6e165a78__3%26_exc%3D0%26_chnl%3Dweb%26_catchall%3Dtrue&eri=4&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&bc=31&abxe=1&dt=1643050057630&dlt=1643050055745&idt=1529&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1110&adks=1452319888&ucis=xnx9hyavyj67&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=2&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&top=dailyvoice.com&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=1852932188&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011410.js?31064239
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
833b213d8617c9c05a79164da75798ae2a75dae69084072e5b0b3997a96c2625
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10925
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dailyvoice.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4853 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011410&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011410.js?31064239
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b618224a84acc4ff1b913b24cd085da2b06a436e109a8d813beaab67fb638490
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9057
x-xss-protection
0
container.html
e5b1ca0460fdc8de5eaacafc33edcf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 583C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e5b1ca0460fdc8de5eaacafc33edcf4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 24 Jan 2022 18:47:37 GMT
expires
Tue, 24 Jan 2023 18:47:37 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
match.js
js.adscale.de/ Frame D652 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:f200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
6yxz9P1E1EbZLbgeFdU76eOhgQ9O.Cr2
content-encoding
gzip
last-modified
Fri, 21 Jan 2022 03:53:43 GMT
server
AmazonS3
age
1291
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 71899bd3f76489e8a6e71cc77aaa6424.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 24 Jan 2022 18:26:07 GMT
x-amz-cf-pop
TXL50-P3
x-amz-cf-id
TOzJZ7jebTpPNFXrma5OOMon4UMMs2nAKx93BpXX-HgzmfVk_enW2w==
cookie.js
partner.googleadservices.com/gampad/ Frame 0A00 		12 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=dailyvoice.com&callback=_gfp_s_&client=ca-pub-8953041492648340&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 0A00 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0A00 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 07A9 		77 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=600&slotname=4818556260&adk=4118982070&adf=366370288&pi=t.ma~as.4818556260&w=300&psa=0&format=300x600&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050056919&bpp=3&bdt=1890&idt=422&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=2&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=1791259828&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1196&ady=432&biw=1600&bih=1200&isw=300&ish=600&ifk=2683811075&scr_x=0&scr_y=0&eid=31063751%2C44753740&oid=2&pvsid=4022265781398971&pem=146&tmod=1306111432&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3lm0hel3u1y4&fsb=1&dtd=761
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5daaaad01b359c56d12e335b48c219e6db2c29f3c20f4430545fa4df743920d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 24 Jan 2022 18:47:38 GMT
server
cafe
content-length
30940
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usync.js
eus.rubiconproject.com/ Frame FE77 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f46cc92a45e5d2f9007c9aff6ea24d395c901a5878f441733bb5d08682f4765a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17648
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Mon, 24 Jan 2022 23:41:45 GMT
usync.js
eus.rubiconproject.com/ Frame F585 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f46cc92a45e5d2f9007c9aff6ea24d395c901a5878f441733bb5d08682f4765a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17648
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Mon, 24 Jan 2022 23:41:45 GMT
usync.js
eus.rubiconproject.com/ Frame 0B8F 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f46cc92a45e5d2f9007c9aff6ea24d395c901a5878f441733bb5d08682f4765a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17648
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Mon, 24 Jan 2022 23:41:45 GMT
optout_check
beacon.krxd.net/ 		92 B
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.investingchannelinc.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5c96c1200380cebd1f06bab6766f28e58fa3c86ca2385b860945f7e0ef5c5db7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=42 t=1643050057
x-served-by
beacon-n013-dub-prod.krxd.net
content-type
text/javascript
get
cdn.krxd.net/userdata/ 		377 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=9427dd0d-835c-471c-a5db-ab01ae8a681c&technographics=1&callback=Krux.ns.investingchannelinc.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79c14dd0dce9b3bdf9d009aba5bce0d53b5ae24d2b557e03cc4c4cca811143dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
age
0
x-served-by
userdata-a015-ash-prod.krxd.net, cache-hhn4055-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1643050058.757333,VS0,VE102
content-length
285
x-cache-hits
0, 0
view
securepubads.g.doubleclick.net/pcs/ Frame C72F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFzVcE0wPGcE6sQyjiFWKKl17hlOUQaozTj6euLaMFNIbScoXslv_sbS7KQOAEIXOQ_pARzmG-6L5_KvNX4vkAliY82SNnK16VHi139OT3KIPunsOzhv_jmoyIfRywhtY0fmnNMykZMWScTYrXyG9ep6wvIh_n2jkRCdiryZdsY3ncXbzGVxKgU4hMzTuNvSApMT2U67YKRjY3XuEr9n9n8A-H3UrXwH-HiXJgQFl_aNPMzzFqJbbk9cafixvaRx3d1DwoYsYQ69k0kQBudqDn6og-gYIbTNqmiwRai3wVU8O6FCz9yHdNlT1Y0Q&sai=AMfl-YTW-Uxelqm8nSGgLnZ0sXgq7zIzzFAZEnaJ2zZNRL34Fw77adOIfFQmG69ot_g5tpRhMlDftvx_1e5mjPRg6myfzJgJ4R015Bcn7J1H0GJ7VOjc__DJ3fBQuJihkdo&sig=Cg0ArKJSzNQLBtb3CgLiEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 24 Jan 2022 18:47:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D6C6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEd7M89VDw-tZMm5g0iPZIifqZ7PMj9JEO2gGkKwS8Z6gNQNuvD_bnPXC_Scvvd_5DcKo5St7Hjbosy1r-4qbPbeZ8Lfer1NjVxNMJp7K2YHYRb9hBYBc5pCxp-1rf4Og3EEybre6TrN11JIAkgVjnZMsCqgaeNUkms2TkxtXxNxex6GcAkBx6491Wc-J75zDVhTnTJzWfkpyCYFG8Qo0U6bbQYHMlGgujlInmAx4QlFf7IDXtsVHXIM7zWLw3uxjZhuYkNh4d5sBNyZ8JvpL3qEo1l6HaQsThCKxZJxBdEK8QPCycQ2-17rIUKr_7&sai=AMfl-YQZFh05t32wrzBxBUUDbw8wCESHMfdVfjTrE8hH0os6b_DQT3fbncvfUNbT2qKOFmf5NI0MiGhdXHI9tAFnUluEy5jY-M6LMHVR9e3KtungxmOe-H7wBWw-647ckRE&sig=Cg0ArKJSzJpx_FWeYqiIEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 24 Jan 2022 18:47:37 GMT
usync.js
eus.rubiconproject.com/ Frame 15CC 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f46cc92a45e5d2f9007c9aff6ea24d395c901a5878f441733bb5d08682f4765a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17648
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Mon, 24 Jan 2022 23:41:45 GMT
v1
ads.yahoo.com/cms/ Frame E6E7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYT1KVKK-6-FUJ0&sigv=1&esig=2~449c6f8be1eda91639989c50cac9cb1934c21d26
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYT1KVKK-6-FUJ0&sigv=1&esig=2~449c6f8be1eda91639989c50cac9cb1934c21d26
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYT1KVKK-6-FUJ0&sigv=1&esig=2~449c6f8be1eda91639989c50cac9cb1934c21d26
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5e3ed5b16ff95387d0b9d1c5e78ff6a2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame E6E7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Ye70SAABBy83WABH
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Ye70SAABBy83WABH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643050058.806619,VS0,VE0
x-served-by
cache-hhn4076-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Ye70SAABBy83WABH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
709414.gif
id.rlcdn.com/ Frame E6E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
sync.php
pixel.rubiconproject.com/exchange/ Frame E6E7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame E6E7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lUMUtWS0stNi1GVUow
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lUMUtWS0stNi1GVUow
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lUMUtWS0stNi1GVUow
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5e3ed5b16ff95387d0b9d1c5e78ff6a2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame E6E7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjJjZGRhMDJiNDBkMTQyNjQ0ZGM4ZmVlZmFlMDM2OTJiOTdhZjA5Zg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjJjZGRhMDJiNDBkMTQyNjQ0ZGM4ZmVlZmFlMDM2OTJiOTdhZjA5Zg
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjJjZGRhMDJiNDBkMTQyNjQ0ZGM4ZmVlZmFlMDM2OTJiOTdhZjA5Zg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5daa34953a867809056448757b76591b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame E6E7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPcjW2VgTkYaevHNpIfJ2aI&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPcjW2VgTkYaevHNpIfJ2aI&google_cver=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPcjW2VgTkYaevHNpIfJ2aI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame E6E7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d94061ee-f447-4000-9c05-557f1997fead&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d94061ee-f447-4000-9c05-557f1997fead&expires=28
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type
image/gif

Redirect headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
MT3 4133 baa842e master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d94061ee-f447-4000-9c05-557f1997fead&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 24 Jan 2022 18:47:36 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame C72F 		12 B
54 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=dailyvoice.com&callback=_gfp_s_&client=ca-pub-8953041492648340&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame C72F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C72F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 064F 		18 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b6f9514a04947565ca6b84a1f07540cfc6263251aa97c1506f6dcbd1ec4e92d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 24 Jan 2022 18:47:38 GMT
server
cafe
content-length
9957
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ Frame C72F 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220119&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8953041492648340&plah=dailyvoice.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
034cd31fad97b05dfdf2498f3e3cf0cfc9ff03294fcc90b740a1913ae9e4f1df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9049
x-xss-protection
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 0990 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=51589900225339903912182011849009&a=870a97fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 10:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290818
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Jan 2023 10:00:39 GMT
/
track.adform.net/adfscript/ Frame 0990 		745 B
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=52612369;click=https%3A%2F%2Fhal90009.redintelligence.net%2Fc%2Fpxlyzh1ievmsxx8%3Ftprde%3D
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=51589900225339903912182011849009&a=870a97fa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d9a6cc51fa8f524e3aee0e966195f6e480d398c53279ad0d715980a4479e261f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
548
expires
-1
cookie.js
partner.googleadservices.com/gampad/ Frame D6C6 		12 B
54 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=dailyvoice.com&callback=_gfp_s_&client=ca-pub-8953041492648340&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame D6C6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D6C6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 873F 		18 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84bd70f6da705a72a7d500523919032c24c42fe231841f24c54934f4322a7774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 24 Jan 2022 18:47:38 GMT
server
cafe
content-length
9951
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ Frame D6C6 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220119&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8953041492648340&plah=dailyvoice.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5df945a902604ec4143b0149e5498328e26c8cd81993c8c6405a03ee629566d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9245
x-xss-protection
0
img
ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/ Frame D652
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=8bdee77727124e4e90d642231474edb2&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F965e2bc6793644c0ab38cff055c0b6b8%2F1643050057122%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/img?tpid=101&tpuid=BBID-01-03177640579542809-16507512
49 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/img?tpid=101&tpuid=BBID-01-03177640579542809-16507512
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/img?tpid=101&tpuid=BBID-01-03177640579542809-16507512
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DBCC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:40 GMT
usync.js
eus.rubiconproject.com/ Frame ED4A 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f46cc92a45e5d2f9007c9aff6ea24d395c901a5878f441733bb5d08682f4765a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17648
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Mon, 24 Jan 2022 23:41:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 792D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:40 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4853 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:40 GMT
ptrack
a.audrte.com/ Frame 9532 		368 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=84.19.175.184&p=M1353665098&artime=2022-01-24T18:47:37.886Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ciUyRmNzeW5jJTNGdCUzRGElMjZlcCUzRDMwNzQ0MiUyNmV4dHVpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ci8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.81.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-81-149.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
f01fab299ee1d80bc609045b12747430985784847d8346a86d2fb6f911e23ffa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:38 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
img
sync.mathtag.com/misc/ Frame 2FBA 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=d94061ee-f447-4000-9c05-557f1997fead&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master cdg-pixel-x31 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.mathtag.com/sync/iframe?mt_uuid=d94061ee-f447-4000-9c05-557f1997fead&no_iframe=1&mt_lim=2&type=1,2&source=bidder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:37 GMT
Server
MT3 4133 baa842e master cdg-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:36 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/022111152338000/ Frame 7641 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022111152338000/amp4ads-v0.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7691c90790c6550f595de4b7425e5f63fe9ac7ba27d35f0d9e81a3ef944e35a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55512
x-xss-protection
0
server
sffe
date
Mon, 24 Jan 2022 11:25:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"211febc96caa9486"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Jan 2023 11:25:35 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/022111152338000/v0/ Frame 7641 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022111152338000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4994
x-xss-protection
0
server
sffe
date
Mon, 24 Jan 2022 11:25:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b314c3eb801664ba"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Jan 2023 11:25:35 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/022111152338000/v0/ Frame 7641 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022111152338000/v0/amp-analytics-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28443
x-xss-protection
0
server
sffe
date
Mon, 24 Jan 2022 11:25:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"976e6f5df80f4e35"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Jan 2023 11:25:35 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/022111152338000/v0/ Frame 7641 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022111152338000/v0/amp-fit-text-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1727
x-xss-protection
0
server
sffe
date
Mon, 24 Jan 2022 11:25:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"423ab13fb6ff63c9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Jan 2023 11:25:35 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/022111152338000/v0/ Frame 7641 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022111152338000/v0/amp-form-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12843
x-xss-protection
0
server
sffe
date
Mon, 24 Jan 2022 11:25:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08cf721d9e54e414"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Jan 2023 11:25:35 GMT
truncated
/ Frame 7641 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
805df0b51ae7dee7dd6651977d06de22943aae520cd34cedae993580a72e701e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
3930313291439706633
tpc.googlesyndication.com/daca_images/simgad/ Frame 7641 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/3930313291439706633
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd19376ba416f42cce055b7ceed17fbfc1455af1d172a3d67fea16f0ca83662d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 07:01:10 GMT
x-content-type-options
nosniff
age
560788
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44660
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 06:15:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 18 Jan 2023 07:01:10 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7641 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 20:15:16 GMT
x-content-type-options
nosniff
server
cafe
age
81142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 24 Jan 2022 20:15:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7641 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
47044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 25 Jan 2022 05:43:34 GMT
l
www.google.com/ads/measurement/ Frame 7641 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZVroBj49KGot5Hdb7ggUez9jPCQI2007iqQWm0_jEebTOwNi_0KLDd8U56yuHuiqnT4Wi
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 7641 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CgtcaSfTuYfHyI7qClQf95IzYBpa678xnzfXv0ZUP29keEAEghrPwI2CVmqCCsAegAYbvq5UCyAEC4AIAqAMByAMIqgSDA0_QC3Lk7Qy136yZ5fY-cw4BU-7Z45gLj1alFrWuKvz4Z_73XZreH6XABjyUqO6-jxhDeMMERKzWDSNI_yWceMWT7q24zZs4dZL9gxvh0yCL_epsdty4eMs0GvZw7JrFKHwuxXz8wjTHpGYu1VNjhZPITTbEc2zmIMw4J4NkGhfTfEveHhQffn0RFuLAVRZFZd9nNvAHjLXWo1ZPGheJlPEXXd6tE2EcC1BTmJP54ipnkqJI5COte2EE-_bFpst0jaFUkQ4YS3oQM2rFjj_ypOlHleo7s-4RRdgHfQRq1xe5CBj1E_w4wNeteqyt3LRYuQT9ofSAKJIy-9lHlG67rso8Rsaw_qr-MLT-yf-FjxCgb1QTpOZsFpltnDpWOWEm8WRUeCipLk5JwhR4nSaO5CeHR0b4eGuAYwJuZKvi9d5b-UGLH_fSQf-KcrGTAArbcTiRKCWn0CgFhV--t7p0-3wTVmQpIrxcWDx6SK-56SECu8VCgcSnep17CQZrbRks35Y1oMAEn4bZ3NoD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB-KQ1OoBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQgesB0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi0xMDI1OTM4NDc3NDI2MzcxgAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTE4MzU0ODk0NzM5OTIzNDcYlaca&sigh=leQSelHhCSE&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
13926
g2.gumgum.com/usync/ Frame AFA1 		2 KB
846 B 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1b5612d4f3e7cbe78786d1a4ce15a5ac0c90fb5d3dd80dcd85653c8cc2a0ddab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-type
text/html;charset=UTF-8
server
nginx
etag
W/"029d865f1b35c652ac13a81590450ab82"
timing-allow-origin
*
content-encoding
gzip
ps
pixel.33across.com/ Frame 6E13 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Mon, 24 Jan 2022 18:47:37 GMT
/
onetag-sys.com/usync/ Frame 379F 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame D429 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
ce31d5b4fc6d2c8f1279c4111065f5dbb52a4c665580b0fbaa1fe56cccbe8166

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-type
text/html
content-length
1051
sync
ads.servenobid.com/ Frame 4CBF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.26%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=6640133194
  • https://sync.1rx.io/usersync3/centro/2069.26/no-consent?zcc=0&sspret=1&rndcb=6640133194
  • https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
date
Mon, 24 Jan 2022 18:47:38 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX935c60d0aa294a4ab0a57d2ce8e47555003
content-type
text/html
101954
jadserve.postrelease.com/suid/ Frame 4CBF 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B820 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
280cdbb75a8cb2f070c7963d77702661ac86ec4ecede64b471e678a10cb18591

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|130|88|8|57|195|31
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 24 Jan 2022 18:47:38 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Content-Length
1618
Connection
keep-alive
sync
ads.servenobid.com/ Frame 4CBF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=8766712360259569763
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=8766712360259569763
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d7b964b7-a014-4631-9c28-f4b17a5e2b48
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=8766712360259569763
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 4CBF
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=c13524b18ed67fd5a6e30906
0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=c13524b18ed67fd5a6e30906
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=c13524b18ed67fd5a6e30906
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 4CBF
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5134455420190490776
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5134455420190490776
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5134455420190490776
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 4CBF 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 4CBF
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=6764a67a-1b7c-42d7-9023-5e262667614a&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=6764a67a-1b7c-42d7-9023-5e262667614a&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=6764a67a-1b7c-42d7-9023-5e262667614a&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Mon, 24 Jan 2022 18:47:37 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 4CBF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-J3AaqpFE2uEh6nnf2lJpRC.ZDU9cVvB9HhvY2Rw-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-J3AaqpFE2uEh6nnf2lJpRC.ZDU9cVvB9HhvY2Rw-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-J3AaqpFE2uEh6nnf2lJpRC.ZDU9cVvB9HhvY2Rw-~A
date
Mon, 24 Jan 2022 18:47:38 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch
ssum-sec.casalemedia.com/ Frame BE2A 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f7c8f2079299c76d7aef168d979ac8e915d3a462ee4869a8f7d03f9a9dc9a83b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|4|88|31|40|221|57
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 24 Jan 2022 18:47:38 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Content-Length
1589
Connection
keep-alive
jp
rtb.gumgum.com/usync/ Frame 4949 		821 B
562 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-2eca3dc4-7e62-4840-b5d0-b11220868846-29095-126586333%26ex_uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&us_privacy=&limit=6
Requested by
Host: pre.ads.justpremium.com
URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a8g0fvl1643050054292
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
171ec5455c29848892e628ff73f4ef99efc29200608fcc247a87e037129ef211

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pre.ads.justpremium.com/

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-type
text/html;charset=UTF-8
server
nginx
etag
W/"0d64935428e28634f0fa2d8a82accbd87"
timing-allow-origin
*
content-encoding
gzip
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C72F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:40 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/022111152338000/ Frame 16F6 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022111152338000/amp4ads-v0.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7691c90790c6550f595de4b7425e5f63fe9ac7ba27d35f0d9e81a3ef944e35a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55512
x-xss-protection
0
server
sffe
date
Mon, 24 Jan 2022 11:25:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"211febc96caa9486"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Jan 2023 11:25:35 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/022111152338000/v0/ Frame 16F6 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022111152338000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4994
x-xss-protection
0
server
sffe
date
Mon, 24 Jan 2022 11:25:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b314c3eb801664ba"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Jan 2023 11:25:35 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/022111152338000/v0/ Frame 16F6 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022111152338000/v0/amp-analytics-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28443
x-xss-protection
0
server
sffe
date
Mon, 24 Jan 2022 11:25:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"976e6f5df80f4e35"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Jan 2023 11:25:35 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/022111152338000/v0/ Frame 16F6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022111152338000/v0/amp-fit-text-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1727
x-xss-protection
0
server
sffe
date
Mon, 24 Jan 2022 11:25:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"423ab13fb6ff63c9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Jan 2023 11:25:35 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/022111152338000/v0/ Frame 16F6 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022111152338000/v0/amp-form-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12843
x-xss-protection
0
server
sffe
date
Mon, 24 Jan 2022 11:25:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08cf721d9e54e414"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Jan 2023 11:25:35 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 16F6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 20:15:16 GMT
x-content-type-options
nosniff
server
cafe
age
81142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 24 Jan 2022 20:15:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 16F6 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
47044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 25 Jan 2022 05:43:34 GMT
truncated
/ Frame 16F6 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c45d30453a6e1b912d06f041d3d4b4fcaf7c28681e05b2ef078fd0f9668b0c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
17177235262227185398
tpc.googlesyndication.com/daca_images/simgad/ Frame 16F6 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/17177235262227185398
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cf7a2f0cea0aa064b6f4a29423e0a4f25ff2da874f29b44bf381a0009e898a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 20:13:07 GMT
x-content-type-options
nosniff
age
426871
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28882
x-xss-protection
0
last-modified
Sat, 15 May 2021 06:42:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 19 Jan 2023 20:13:07 GMT
l
www.google.com/ads/measurement/ Frame 16F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3Qy8-hYWPdIH8dPyWFDJOsYm5fZD1oQOd9z5uSNroGFZGBvmoiI8A8OUHFpxXSqD14y3H
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 16F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTUB_SfTuYeP8KrGI9u8P-46UOIm-k-5nkaec2MUP29keEAEghrPwI2CVmqCCsAegAaXjhdkDyAEC4AIAqAMByAMIqgSHA0_QRRvcsO74F5yesmM8emIlOLYYlEj-oUZFcNsxZnQOwUgGGwzGNggTAXAlkJre8Jn0EJzC_CjOvywIaBl09Bc1EEAjoiTvRZUChtAvZM2JtM5SQikzrff88ppH4uQ5DO2XEcaE1ayK3kpmJnxHsQ9Z2a1PTDpsKuYw6ll6kOz3LdcMfoaSpvPuRlTM8WujmYh1SzTuQKkd4K9C4g1_C5rYWO-wq7pdmcPwE3juTeJi9XfiSqV3_cVtAacX0ER2i9MhBMnsn1Do_xuxuMAnDkCA0RQx8B9BUvh0qA373jZ1O8-kh1op1v-Zqen-rxDMOg1vh8l8sTw_XV1rzjiD0MG_4UVA-gUReXsEjnwAKiD__4TPFJJ1aCqaowOw0-8hM7ggXfcY4DBv0fCVZ-GCwoM5gc51PxJ649pq8yJWFICtQag4EbVyG6TFHwkYhtXlnmlFgSKz1-m3wqJXKsy5t6hmG3c5s_2qxm-d3CVcdpmEwoqpJu2QoulC9K5XAEZMErH9sXlkPxDABOSxvc7lA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeCla9-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ8_YC0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi0xMDI1OTM4NDc3NDI2MzcxgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTE4MzU0ODk0NzM5OTIzNDcYlaca&sigh=a5YM1ZR7AQY&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
sync.php
pixel.rubiconproject.com/exchange/ Frame FE77 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=KYT1KVKK-6-FUJ0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D6C6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:40 GMT
viewability
hal90009.redintelligence.net/ Frame 0990 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/viewability?s=51589900225339903912182011849009&a=8cc13e9a&vb=m
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=51589900225339903912182011849009&a=870a97fa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/request_content.php?s=51589900225339903912182011849009&a=870a97fa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 0990 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52612369;click=https%3A%2F%2Fhal90009.redintelligence.net%2Fc%2Fpxlyzh1ievmsxx8%3Ftprde%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0ae298f2509111b6eff0a258cb53fafcd63adbacfef38e453f46d7ff50edc24e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 09:30:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 25 Jan 2022 22:26:15 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://dailyvoice.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 24 Jan 2022 18:47:38 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://dailyvoice.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
pragma
no-cache
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
196297
search.spotxchange.com/openrtb/2.3/dados/ Frame 20A3 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/196297?src_sys=prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 24 Jan 2022 18:47:38 GMT
X-SpotX-Timing-Transform
0.001164
X-SpotX-Timing-SpotMarket
0.007334
X-SpotX-Timing-Page-Mux
0.000270
X-SpotX-Timing-Page-Require
0.000451
X-fe
107
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000026
X-SpotX-Timing-Page
0.016214
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.001387
Last-Modified
Mon, 24 Jan 2022 18:47:38 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.007334
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://dailyvoice.com
X-SpotX-Timing-Page-Misc
0.005570
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 20A3 		36 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=491831&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%229ee0aa650f6cb8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221030f43bee6b614%22%2C%22ext%22%3A%7B%22siteID%22%3A%22491831%22%2C%22dfp_ad_unit_code%22%3A%22%2F106981%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22placement%22%3A1%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A2.6%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22864%22%2C%22hp%22%3A1%2C%22rid%22%3A%227b8454f1-e235-4b9d-81e5-3e84b4cbcd61%22%7D%2C%7B%22asi%22%3A%22primis.tech%22%2C%22sid%22%3A%2227975%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
52ae89de9e85bbe5d5cdab996d82ebeb4d7c72260fe443f5c1a62401e7f4e4bd

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.184], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://dailyvoice.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Mon, 24 Jan 2022 18:47:38 GMT
avjp
primis-d.openx.net/v/1.0/ Frame 20A3 		106 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5f82fc0d-7ff9-4971-92f3-73eb87e8968b&nocache=1643050058265&gdpr_consent=&gdpr=1&schain=1.0%2C1!freestar.com%2C864%2C1%2C7b8454f1-e235-4b9d-81e5-3e84b4cbcd61%2C%2C!primis.tech%2C27975%2C1%2C%2C%2C&skip=1&auid=540289187&vwd=400&vht=225&aucs=adUnit_12&aumfs=2600
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
via
1.1 google
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://dailyvoice.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 20A3 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 20A3 		173 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.173.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-173-189.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
82b52216a0aaa00f8d9b0724b4c6d9a63b503a80ec5c690e8ee3903efcf92a8f

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://dailyvoice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
openrtb
adx.adform.net/adx/ Frame 20A3 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://dailyvoice.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 20A3 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://dailyvoice.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 20A3 		67 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1643050058270&pKey=712619000&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fdailyvoice.com%2F&playerSize=400x225&schain=1.0%2C1!freestar.com%2C864%2C1%2C7b8454f1-e235-4b9d-81e5-3e84b4cbcd61%2C%2C!primis.tech%2C27975%2C1%2C%2C%2C
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://dailyvoice.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1643050058291050-391
Expires
Mon, 24 Jan 2022 18:47:38 GMT
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwQmMDUjMDU0JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTMmOTtjNmtzrD00MDAzrT0lMwUzoXN0YT0kNwI3MmE4NCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPWRunWk5qz9cY2UhY29gJaN1YxyxPWRunWk5qz9cY2UhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw04NC4kOS4kNmUhMTt0JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwx3LwAhNDY5Mv43MSUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwFyZWY0NDY4MGQkOCZlqz49JHgWUF9SVx5sTUFDUx99JzF0qGVgpHRNqWk0nXBfnWVlPTIjJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NDMjNTAjNTtlNTpzqWyxPVNyn2yhZG9TUGkurWVlNwFyZWY0NDY5M2EmMSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZxYWyfrXZinWNyLzNioSUlRz5yql15o3JeJTJGYzVxZz9lZCUlRz5yq3MyMxZgZXJlnWkfLWk5ozNbLWZcpzVmLWZunXJznWVfZC1wo3VhqHxgoWFhLWNbYXJaZWQgYWZ0ZXIgp21io3RbnWUgp2uipC10nXJuZGUgpzVjo3J0LXNurXMyMxY4MwQ1MTYyMxYzZzkiYXRTqGF0qXM9qHJ1ZSZynWRmpD1jpzVvnWQ=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
p
a.audrte.com/ Frame 9532
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=f73ZBw6bgXbSXuzOl1phEr2EQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=f73ZBw6bgXbSXuzOl1phEr2EQ&gdpr=0&gdpr_consent=&google_gid=CAESEAIqfYBU0mCrzslnuqeEG_0&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Server
54.236.81.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-81-149.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
ps.eyeota.net/ Frame 9532
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6472559499329098849
  • https://ps.eyeota.net/match?bid=kh51m51&uid=f73ZBw6bgXbSXuzOl1phEr2EQ&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=f73ZBw6bgXbSXuzOl1phEr2EQ&gdpr=0&gdpr_consent=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:38 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=f73ZBw6bgXbSXuzOl1phEr2EQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 9532 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=f73ZBw6bgXbSXuzOl1phEr2EQ&gdpr=0&gdpr_consent=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:38 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
w_480_00002.ts
video.primis.tech/uploads/cn19/video/users/hls/27808/video_5e6e03dfb5313399300332/vid61eb77a94190a236910800.mp4/ 		356 KB
357 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn19/video/users/hls/27808/video_5e6e03dfb5313399300332/vid61eb77a94190a236910800.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3f790071fb900cd1064b7f24e165f20a479b7482a502af24b6a9a884bce1f77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
via
1.1 94a519c8a0bf381244e89215b16b0952.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
content-length
364532
last-modified
Sat, 22 Jan 2022 03:27:53 GMT
server
Tengine
etag
"02a425e61c531cb5f37afe0c7952b41d"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
lkzqJs854FWwWg98BqVhHas_vq85x8cvPm3b0XRC__maYTWIlMYGBQ==
expires
Mon, 07 Feb 2022 18:47:38 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame D652
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=a7de7796f2d63934349e1618b...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Ye70RiWLROK0s22WR3QvzgAA%261108
49 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Ye70RiWLROK0s22WR3QvzgAA%261108
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Ye70RiWLROK0s22WR3QvzgAA%261108
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Mon, 24 Jan 2022 18:47:38 GMT
pixel.gif
beacon.krxd.net/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=womptv2nm&_kpid=9427dd0d-835c-471c-a5db-ab01ae8a681c&_kcp_s=Freestar&_kcp_d=dailyvoice.com&_knifr=28&_kua_kx_tz=0&geo_country=de&geo_region=ni&geo_dma=276001&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=de&_kua_kx_geo_region=ni&_kua_kx_geo_dma=276001&_kpa_url_path_1=new-york&_kpa_url_path_2=bedford&_kpa_url_path_3=news&_kpa_domain=dailyvoice.com&t_navigation_type=0&t_dns=17&t_tcp=203&t_http_request=-1&t_http_response=196&t_content_ready=1695&t_window_load=0&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=w2vlh9b0w&_kurl_=https%3A%2F%2Fdailyvoice.com%2Fconnecticut%2Fbrookfield%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&userdata_user=OnwtAraO%2Cw2vlh9b0w&sview=1&kplt0=39860&kplt1=47346&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F9427dd0d-835c-471c-a5db-ab01ae8a681c%2C398%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C447%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C492
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
cache-control
private, no-cache, no-store
x-request-time
D=42 t=1643050058
x-served-by
beacon-n002-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ads.servenobid.com/ Frame D429 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=4355392426661488491&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame D429
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03030001_61eef44a55c11&gdpr=0&gdpr_consent=
43 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03030001_61eef44a55c11&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Mon, 24 Jan 2022 18:47:38 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03030001_61eef44a55c11&gdpr=0&gdpr_consent=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
/
rtb-csync.smartadserver.com/redir/ Frame D429
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=VrBUIL_JmK8zKB5nloeY&gdpr=0
43 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=VrBUIL_JmK8zKB5nloeY&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=116&partneruserid=VrBUIL_JmK8zKB5nloeY&gdpr=0
Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
140
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame D429
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDM1NTM5MjQyNjY2MTQ4ODQ5MQ==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDM1NTM5MjQyNjY2MTQ4ODQ5MQ==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDM1NTM5MjQyNjY2MTQ4ODQ5MQ==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame D429
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4c98bad9-fe45-472f-9533-701b4dae78a3&gdpr=0&gdpr_consent=
43 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4c98bad9-fe45-472f-9533-701b4dae78a3&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4c98bad9-fe45-472f-9533-701b4dae78a3&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1163659
content-length
0
expires
Mon, 24 Jan 2022 00:00:00 GMT
services
sync.technoratimedia.com/ Frame AFA1 		0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
35478578
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame AFA1 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-length
0
server
a
usersync
rtb.gumgum.com/ Frame AFA1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_65d4e4a6-1537-4086-9445-1adf888808b4&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=VrBUIL_JmK8zKB5nloeY&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VTSIJKUSTC7JJWUWOD2JNBDK3TMN5SVSJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=VrBUIL_JmK8zKB5nloeY&us_privacy=1---
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=VrBUIL_JmK8zKB5nloeY&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:39 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=VrBUIL_JmK8zKB5nloeY&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame AFA1
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F1506%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=4723330714
  • https://sync.1rx.io/usersync3/appnexus/1506/8766712360259569763?zcc=0&sspret=1&rndcb=4723330714
  • https://sync.targeting.unrulymedia.com/csync/RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
date
Mon, 24 Jan 2022 18:47:39 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX935c60d0aa294a4ab0a57d2ce8e47555003
content-type
text/html
sync
ssbsync.smartadserver.com/api/ Frame AFA1 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-length
0
sync
ads.servenobid.com/ Frame AFA1 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_65d4e4a6-1537-4086-9445-1adf888808b4
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
services
sync.technoratimedia.com/ Frame 4949 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-2eca3dc4-7e62-4840-b5d0-b11220868846-29095-126586333%26ex_uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&us_privacy=&limit=6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
79750374
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 4949 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-2eca3dc4-7e62-4840-b5d0-b11220868846-29095-126586333%26ex_uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&us_privacy=&limit=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:37 GMT
content-length
0
server
a
usersync
rtb.gumgum.com/ Frame 4949
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_65d4e4a6-1537-4086-9445-1adf888808b4&gdpr=1&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=VrBUIL_JmK8zKB5nloeY&gdpr=1
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=VrBUIL_JmK8zKB5nloeY&gdpr=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-2eca3dc4-7e62-4840-b5d0-b11220868846-29095-126586333%26ex_uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&us_privacy=&limit=6
Protocol
H2
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=VrBUIL_JmK8zKB5nloeY&gdpr=1
Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
98
Content-Type
text/html; charset=utf-8
Ye70RiWLROK0s22WR3QvzgAABFQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B820 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Ye70RiWLROK0s22WR3QvzgAABFQAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:6948:8012:aae3:d8b9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
getuid
secure.adnxs.com/ Frame B820 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
ie
match.prod.bidr.io/cookie-sync/ Frame B820 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.13.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame B820 		85 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1643050058.407876,VS0,VE90
x-served-by
cache-hhn4076-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame B820
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=b85e455b-edd0-4a82-836c-b3822ec13f6f&expiration=1674586058
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=b85e455b-edd0-4a82-836c-b3822ec13f6f&expiration=1674586058
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:38 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=b85e455b-edd0-4a82-836c-b3822ec13f6f&expiration=1674586058
date
Mon, 24 Jan 2022 18:47:38 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame B820
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420190490776
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420190490776
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:38 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420190490776
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame B820
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1c9118a5-c7cb-4203-96da-b240346a9c05
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1c9118a5-c7cb-4203-96da-b240346a9c05
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:38 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1c9118a5-c7cb-4203-96da-b240346a9c05
date
Mon, 24 Jan 2022 18:47:38 GMT
server
Apache-Coyote/1.1
content-length
0
noop
px.owneriq.net/ Frame B820
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6963364581423386183&uid=Q6963364581423386183&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
sync
ads.servenobid.com/ Frame B820 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
getuid
secure.adnxs.com/ Frame BE2A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
Ye70RiWLROK0s22WR3QvzgAABFQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BE2A 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Ye70RiWLROK0s22WR3QvzgAABFQAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:6948:8012:aae3:d8b9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
rum
dsum-sec.casalemedia.com/ Frame BE2A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7745894741315734165
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7745894741315734165
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:38 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7745894741315734165
pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame BE2A 		85 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1643050058.408065,VS0,VE93
x-served-by
cache-hhn4076-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
noop
px.owneriq.net/ Frame BE2A
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6963364581884121236&uid=Q6963364581884121236&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
tpid=Ye70RiWLROK0s22WR3QvzgAA%261108
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame BE2A 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=Ye70RiWLROK0s22WR3QvzgAA%261108?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.19.135
content-type
image/gif
content-length
49
expires
0
crum
dsum-sec.casalemedia.com/ Frame BE2A
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420190490776
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420190490776
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:38 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420190490776
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
htw-pixel.gif
js-sec.indexww.com/ht/ Frame BE2A 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Ye70RiWLROK0s22WR3QvzgAA%261108
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:38 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1630
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 19:14:48 GMT
usync.html
eus.rubiconproject.com/ Frame DB83
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jan 2022 18:47:38 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=gumgum
date
Mon, 24 Jan 2022 18:47:38 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
um
cs.emxdgt.com/ Frame 5EF4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
text/html
date
Mon, 24 Jan 2022 18:47:37 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame E2CB
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=Ye70SsCo8XwAAOffDL4AAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=Ye70SsCo8XwAAOffDL4AAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 24 Jan 2022 18:47:38 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=Ye70SsCo8XwAAOffDL4AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
7
X-SO-HostName
m-ad251.dc4p.scaleout.jp
X-SO-LB-Hostname
m-tgng24.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":59,"gdpr":true,"ipv4":"0.0.0.0","key":"Ye70SsCo8XwAAOffDL4AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad251"}
X-SO-Key
Ye70SsCo8XwAAOffDL4AAAAA
X-SO-IP
84.19.175.184
X-SO-Cluster-ID
59
X-SO-Upstream-ID
m-ad251
pixel
cm.g.doubleclick.net/ Frame 8A27 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82NWQ0ZTRhNi0xNTM3LTQwODYtOTQ0NS0xYWRmODg4ODA4YjQ=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
date
Mon, 24 Jan 2022 18:47:38 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8661 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=53790
expires
Tue, 25 Jan 2022 09:44:08 GMT
date
Mon, 24 Jan 2022 18:47:38 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 5A6D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Mon, 24 Jan 2022 18:47:38 GMT
usync.html
eus.rubiconproject.com/ Frame 82AB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-2eca3dc4-7e62-4840-b5d0-b11220868846-29095-126586333%26ex_uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&us_privacy=&limit=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jan 2022 18:47:38 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=gumgum
date
Mon, 24 Jan 2022 18:47:38 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
um
cs.emxdgt.com/ Frame 3DD2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-2eca3dc4-7e62-4840-b5d0-b11220868846-29095-126586333%26ex_uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&us_privacy=&limit=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Mon, 24 Jan 2022 18:47:37 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame D033
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=Ye70SsCo8YUAAJyTHKAAAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=Ye70SsCo8YUAAJyTHKAAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-2eca3dc4-7e62-4840-b5d0-b11220868846-29095-126586333%26ex_uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&us_privacy=&limit=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 24 Jan 2022 18:47:38 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=Ye70SsCo8YUAAJyTHKAAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
2
X-SO-HostName
a-ad40047.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":58,"gdpr":true,"ipv4":"0.0.0.0","key":"Ye70SsCo8YUAAJyTHKAAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40047"}
X-SO-Key
Ye70SsCo8YUAAJyTHKAAAAAA
X-SO-IP
84.19.175.184
X-SO-Cluster-ID
58
X-SO-Upstream-ID
a-ad40047
cs&eq_cc=1
um2.eqads.com/um/ Frame 137F
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.249.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-249-39.compute-1.amazonaws.com
Software
/
Resource Hash
545a7737afbc9bc7effa52aba3fc0e8b7ca4961b3fbe75db9b086aff8f734909

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 24 Jan 2022 18:47:38 GMT
pragma
no-cache

Redirect headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
13687057857317064637
tpc.googlesyndication.com/daca_images/simgad/ Frame 07A9 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/13687057857317064637
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=600&slotname=4818556260&adk=4118982070&adf=366370288&pi=t.ma~as.4818556260&w=300&psa=0&format=300x600&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050056919&bpp=3&bdt=1890&idt=422&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=2&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=1791259828&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1196&ady=432&biw=1600&bih=1200&isw=300&ish=600&ifk=2683811075&scr_x=0&scr_y=0&eid=31063751%2C44753740&oid=2&pvsid=4022265781398971&pem=146&tmod=1306111432&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3lm0hel3u1y4&fsb=1&dtd=761
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4027c861bf056eeeaebb88d79858e7b4ce06ad80751f70e8229df26b4c4b53fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 07:53:17 GMT
x-content-type-options
nosniff
age
384861
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96870
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 13:37:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 20 Jan 2023 07:53:17 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/ Frame 07A9 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=600&slotname=4818556260&adk=4118982070&adf=366370288&pi=t.ma~as.4818556260&w=300&psa=0&format=300x600&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050056919&bpp=3&bdt=1890&idt=422&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=2&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=1791259828&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1196&ady=432&biw=1600&bih=1200&isw=300&ish=600&ifk=2683811075&scr_x=0&scr_y=0&eid=31063751%2C44753740&oid=2&pvsid=4022265781398971&pem=146&tmod=1306111432&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3lm0hel3u1y4&fsb=1&dtd=761
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:45:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 18:45:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 07A9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=600&slotname=4818556260&adk=4118982070&adf=366370288&pi=t.ma~as.4818556260&w=300&psa=0&format=300x600&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050056919&bpp=3&bdt=1890&idt=422&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=2&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=1791259828&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1196&ady=432&biw=1600&bih=1200&isw=300&ish=600&ifk=2683811075&scr_x=0&scr_y=0&eid=31063751%2C44753740&oid=2&pvsid=4022265781398971&pem=146&tmod=1306111432&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3lm0hel3u1y4&fsb=1&dtd=761
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:46:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 18:46:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 07A9 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=600&slotname=4818556260&adk=4118982070&adf=366370288&pi=t.ma~as.4818556260&w=300&psa=0&format=300x600&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050056919&bpp=3&bdt=1890&idt=422&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=2&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=1791259828&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1196&ady=432&biw=1600&bih=1200&isw=300&ish=600&ifk=2683811075&scr_x=0&scr_y=0&eid=31063751%2C44753740&oid=2&pvsid=4022265781398971&pem=146&tmod=1306111432&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3lm0hel3u1y4&fsb=1&dtd=761
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 07A9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=600&slotname=4818556260&adk=4118982070&adf=366370288&pi=t.ma~as.4818556260&w=300&psa=0&format=300x600&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050056919&bpp=3&bdt=1890&idt=422&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=2&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=1791259828&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1196&ady=432&biw=1600&bih=1200&isw=300&ish=600&ifk=2683811075&scr_x=0&scr_y=0&eid=31063751%2C44753740&oid=2&pvsid=4022265781398971&pem=146&tmod=1306111432&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3lm0hel3u1y4&fsb=1&dtd=761
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 18:47:08 GMT
l
www.google.com/ads/measurement/ Frame 07A9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRU9g3sQnZuLTGX5dY6C2X80FYXWJOHMmf7aED4RgFxBfq63hMtqcjBOhLljJmxx5RiT5bfluSQfYfv_JnXrrsJtQxs8w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=600&slotname=4818556260&adk=4118982070&adf=366370288&pi=t.ma~as.4818556260&w=300&psa=0&format=300x600&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050056919&bpp=3&bdt=1890&idt=422&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=2&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=1791259828&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1196&ady=432&biw=1600&bih=1200&isw=300&ish=600&ifk=2683811075&scr_x=0&scr_y=0&eid=31063751%2C44753740&oid=2&pvsid=4022265781398971&pem=146&tmod=1306111432&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3lm0hel3u1y4&fsb=1&dtd=761
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 07A9 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=600&slotname=4818556260&adk=4118982070&adf=366370288&pi=t.ma~as.4818556260&w=300&psa=0&format=300x600&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050056919&bpp=3&bdt=1890&idt=422&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=2&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=1791259828&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1196&ady=432&biw=1600&bih=1200&isw=300&ish=600&ifk=2683811075&scr_x=0&scr_y=0&eid=31063751%2C44753740&oid=2&pvsid=4022265781398971&pem=146&tmod=1306111432&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3lm0hel3u1y4&fsb=1&dtd=761
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea6883243d3b8bc4d5890f404e6aacd73e92f75ff9e5d1031ba35d355877dfa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 00:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66397
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11395
x-xss-protection
0
server
cafe
etag
13428216562775282503
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 00:21:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 873F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AqG4gw6mxj8cv80owF8-7iiis9U_9WVZ6hvXzkokuVY0NUsSUEAP1d1f2wIQhljFecihMiQgvfIwUAgXwTW5dmKoUXbccNhqm-iIikFHzos6w5BEg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 873F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:46:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 18:46:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 873F 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 873F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 18:47:08 GMT
l
www.google.com/ads/measurement/ Frame 873F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUr7MuYjLi7jc1m7XctejP4RvmNui7S68G2Z6j_7ZThz0tdKL0lU3oYh2-G6HMql6EiodOYTA3KrWs8NPbZGbnzhwBgg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 064F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AYqs-Y8joFH4Pj_r6JmE-e3I2qCLP9RGN9PJJefX7wioepD5uVLq2V3EVCHaXPUOeG_eW5NvtIbR2_-wBShVVUCtvwvi0gL7EF7LVS620Axhf-YzI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 064F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:46:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 18:46:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 064F 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 064F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 18:47:08 GMT
l
www.google.com/ads/measurement/ Frame 064F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTqP-sCdSPUjTWbZLINAMHF9R4ddy_Brr7dWxQE4EWphtH6CfAaG6OPzqkBtndNgJH-9SR18sbWtYkrezxCKN5E075ZuA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame 07A9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CvOpGSfTuYbWRK66U9u8PtZ2r0AKIj9b9Z5i3xpOAD7Chsu-DAhABIIjktx9glQKgAYeDv_cDyAECqAMByAPJBKoE3gJP0OIfzE6NPFae6UjqyKSq6EaX9rvVgME-8yTBa8Vakns0B6q0EsO5P7y6WOOg8CkHBBjzpuk5fYBxp6TVUuIkZGCM_rjH2QRtws9sflBDQxPrB_zUkJA9R3ldJzs3NvU3RE5TPioKwN0a_DEZcMp6uOsyz21Qaw0m_N2yk-dRNYMq2sMaiaNkJqPVcAeNFtNFx84_F5xX-qRGBeO4BcvqmyrACAWr4kcAVhns4xSjbvLqP120xdGGZdc236hyy5UaE2qJAilzGGJ0ccF_M-Q0eD7-QCs3zp8ORF6Wk0zBQLhDJj2WVVSqEJ4sonrm6G30dRXQWn76GywxDOCxabiboaOsInKgfZW8NcfpzLm3hIhQ-30jinAoeUlmq7v8wc79Rw8MiX2P0TilST2uUozBwmC81cSSLiBfjnqZyVquRwcsORRoEKE5AhezYAPiwhxfKtPZRkopBXybOhiMqMAElLTy_O8DkgUECAQYAZIFBAgFGASgBgKAB9XMx4gBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQnsYH0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTg5NTMwNDE0OTI2NDgzNDAYAA&sigh=s8a3eplbuaY&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=600&slotname=4818556260&adk=4118982070&adf=366370288&pi=t.ma~as.4818556260&w=300&psa=0&format=300x600&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050056919&bpp=3&bdt=1890&idt=422&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=2&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=1791259828&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1196&ady=432&biw=1600&bih=1200&isw=300&ish=600&ifk=2683811075&scr_x=0&scr_y=0&eid=31063751%2C44753740&oid=2&pvsid=4022265781398971&pem=146&tmod=1306111432&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3lm0hel3u1y4&fsb=1&dtd=761
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=600&slotname=4818556260&adk=4118982070&adf=366370288&pi=t.ma~as.4818556260&w=300&psa=0&format=300x600&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050056919&bpp=3&bdt=1890&idt=422&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=2&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=1791259828&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1196&ady=432&biw=1600&bih=1200&isw=300&ish=600&ifk=2683811075&scr_x=0&scr_y=0&eid=31063751%2C44753740&oid=2&pvsid=4022265781398971&pem=146&tmod=1306111432&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3lm0hel3u1y4&fsb=1&dtd=761
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 24 Jan 2022 18:47:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 90CD 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGLaksb0BMAE&v=APEucNXDNnEha5Pn_swM9Poo0yCAHPP573FxV-99cDQwsgt3vNU9c8xLNv7cMC76pfOyxiG0lcyQtDHb_xgScaBs_cLUs0TC5QUptx-BtDQmUwhPYhzIV-Odx0b1IR4cgL0jUSVtrqiuzbipyGHElCCY58Q26yLn9AATTmr2DrYGWUnSdZjFBTI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 24 Jan 2022 18:47:38 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 873F 		74 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AysnEAN4zkNk4LlMsFLCNA5FLV2scrfDx4i_1UQMS7Mk2i4I_4WO9gK9oO7vElMO2eFfi6RJOzQV0hbVb9Kx97uy5Cv5C3MvHaOUkJPuFOwIET_kWF4sHaWRTfSg03SZlYdlBb6eGcu5DkNbYY694JY7LZmA&dbm_d=AKAmf-CvVIRzFEHJeBB8ln8NlZSl8gM2VNR2WCuFnIyGEsqz0R-IWqUmvlBD6x-S36w1FjfTgGkU7G0yyq36Ya4IXjxVpYxuRL567zKUtI04zNZ6UUnfjKvK4SfiQcwzp6L0HSGJc3DEyU1sXpWoIo0WzW9CpasB0qjz5esT3y--0GJPP9Qp9elw4zXJC4Dz41MLqMNJTZBI8kE8FaqlLPlp4nWvcVfADEiBEF5pNklz--e9EetiDE42WC05PfDzoPuvURQ7y7XRt_zizv66ERjIjOXxlOKYVRvNOKqhSnjfWMfGbqONrpGSFYen34V9tuFbgUNME68us9759EwkL798q8AY3AI0Lki6ORHWvLDLonZ2r-SiCfJpt5scz-bZLE4HB6V-ryK8xZ7RMyiw05EFeqpYUyKl8bx-GIaQ_8dr0Gx_qxrEXGbPbEwWVt88iDbDWkihn8e321EjKfNx0EOrVA2V6yPPNFaUTWBHnj3o4xlAJvxABVnBrVjTyOvxpV15gVfqb8LsU3s-OiKp_DbGbDp3Ib-PRrc7xk9P9jC7d6iuxgj_sFp1iKrl0T3duTl5Co4HXmLFaTqDpkWbztppe3AKokFS-DYEXZKaHHtgzIzsgsPaqYxd395WyMZEUDfmq6A49XlQWMwaoSz1RoEAVOoR1X1GtfO70eJbngJu5Qz170m0vPzSm8LnbTPCYd_MYE9iNllfl9NjGnC-g_Kr_TCTTXlPVbo9fSytNC049vcVR8zaqygQgo_vVqXajfaUNBKZ4pjHXo_7ELqYwvAyUIaxixMmKMULrPxifsRMbgIqQgseByDffQLHU026x8lmKgJmoyEhtM69zhU27wvh0ujUEh3jhxFhLt7jHBU2-3_CRJfXfG9_a5jGdXIzBm5kE3OU5_GJcgp7W01ig3nSM5cmw8rzLmHNMMmQcsMzv60oyNSDIk6TJgk_6bK8elghTvwFyYE4FU8o6EfisGRW9Q-4HL8XIJAXFX76lEhzjUglBB05-vAcFj7Irv8ErPB7QkCi5XP8DmDYN7McypILKezySFRr0Nxq12HVz18vVgMiBP4NyIDvnuToTGo27-gfN-qfRoyqUyz4uUfMzWbxkvhqCsmDt5dWM9RAlT9E32ZcBx0lx4E0AvTlLF1knrQ3xXR7H2tbQ_Hyn0YhKqAyxlrE-Xi_Gww4OWqkAvrkAt7clr2LDeukajpxR6h8Pdx5ts1UFaN1i8Fic8wYeSE6Jteu8lffZkhS-hFtagK3ZKN2D8MJ63TLO_-gwcFWv-BwozF7uVR6NzMlno_unZVeapmDguTz0eWcza-z2cnlVpxzWBLZHoBObwPOm9JaF2cbiPfpQncjHKZtAdyRJyZMSZcXn1p89lDAUGd295gMUFOyKCz7SJd2E1FRmdUSXW9Rhre64UWU8jj9OCysnvaOqw2e47ibunREWM8L69ZRDw3-hnAIcJUlYK6Rv3ZmVTUaHkjWRPg8ezuflBZTJjL4Yp1FXH_lyBZcwiooD8908nksg2BOZi1q1KFRyOYkQ3ZBZZvvN_yTwAuVnJoprxEDogKRswHmQyQ5EuE7PhcTH5L72AYx50MvETJAGYaRKqzUXhT5tZMMA4P_XSmYxWKwfsJ4CEznru83GQ1VuKWNBIXjdGgWfJ7PTMrIpTkLNvP1FrOIWVsOH5yyfosxCOqPYHqy3z8rAlQYx53Sn1_TuGOWZAZ-RpN3BzWyEZt4usJ35iOgzcIoXu0C3VNWsI9YODf3jgaaZe9VfMyucjIlmErK_YNP9ztnOrKmdcqoNHWs_FO2djw-6IsCMvaa8T6LWNr2UUlOwvqYITsuvmNTUe2o45giIyDSsD2TOcAYK765cerkN4-t8rH7IIJBznx14njRV7whX4s1Bj56qlt1Kfz2kTbnMjJISyax05WwVYo4S814-nLAxyOyb_ikYSYzyj6RLdY41BPOSeGhspZfDoQB4idDQ2hy_I9aqN_eMWI2tbmkI3Ss-vr99Jo1rFElcAHK9zcbuH878m-4vLD6g743PVcvk43X53JUnQRdY7PJQ0iVSN2lePqCwdZOTpYHap0u1WhkUvzsHP4rNlMCUCu3qVkl3WjKsvwHFXdL0yLZUreafBFFQAOl6ZNGAaMHYc12MKvfYr5tqvkGsBc0NDrtdn3olWQsen3T5aAN3ZXaQ3eucrLAubst6VTtbhXNvpcyW5bt_mGYH-nbnSSRL8C5Kp0Kbygp1oNiNw0FLDwxyebI0WaMVw8IVy1xlH_vzLhzjhlJSaSvrRc10enKiICnvZG4SuWJu4vRLvIrs9pvJZXluPhZSId_I1R7-ob7nBtknkBkb5Q0fOD2Jj-zFbGeLmqfknMN4Hc__x51iLiby1idB8X01Ee-iRrowu-NCZlVXLVaLgiSOwAjks4zvEKozqDiWLylU_1VDJ51alGzNb71ExCWqe2jEnr8CQjaBYlbODKTWiK3k6F9Bw_u9bkRHueHlt4rfMTl2Bg_5oDcyD6b9JPR0Al5Vz-1l6pAfDxVo2TT-KSrijeJ7uQ97PW8WoC5i7kVbCe1I3a5dlpcd_kWPbw_TInz9S_iwNniTyWQ-IdJgre6mmVdlwrD7ZH--a5LwF9In_-rsQ0Nj35rjx21_jkV_NufM32KiaJcBuX_60AW_xSAerx1G5vQYpPfikM8o_mnTsEdAcXePt51xWYORzkJf_pGrHbKf-NxOAkIaTx0_KKXtpEQfHGDMEsCvGbjcuirMEdKL7VWfRcGNW6D9PHPC8Q9Z6iZtGFHMei4AoEFdG55J2N-jXqMuzGUlvv_VMk5HbhV-M0Qw801CgSQCdSGqD0drnkslHjU7cKW1ao7cS9bYO4Uu1hTdk6s0MomW0u9ZlZtGkZo9myTu3HEzNLNTDOLyCRPlatojrseH58_3WmshaukKRvvoSeWUU2me_eRp_QF3hQ7COV4sNtEBPXoIURpXM9bTgp5erC079cerpBwpRg2BiwmDG2rdtSot-9aiZVR_iP9xq7EiSgUJdU7jwnluq9MJJL8dFaZm8MBc4-8YqyiKS8AEHeRLpqL8gJN_QRU3zEjAAlLdEeTRBF6fh8e-7fmCDf2BhtvIPOoXB7SDU1r6WfmsxZRdggj_mtpZ8aLm-e9JDKPottt7GcVnt8rNQdON32SIzqMwy3DWbHf4_rS7sr7ookB5rd6adOdVdV0SXQNKGYKn_7VPhcHKQf2-Kglfhfor2aec1RWflfbab94Egp1IXc8P38OhILJlfa7vzD2nS55UYjRs5EQ4mJBRdx8ZlLQ9Ae2CV-n_leIcPG5MVCmoMVhpZ8VNkI-gKrnLDhaumW_8bc4DgB9fFTthaUTaKAThATvG9CWrw&cid=CAASEuRo4DVX3bUJK0exNR8apqobow&rfl=2%2Chttps%253A%252F%252Fdailyvoice.com%242%2Chttps%253A%252F%252Fdailyvoice.com%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da5035453125b0f4503e87f5740cc86b2e303b5637b83a772538eae03b5d7d70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame CA73 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGMyXsb0BMAE&v=APEucNUcDrTdE7TkBln7omVzEo1MCSBV5fifKaIQafOuKGm7p0DnhY_h-DuW3AQMt4qihAGLcc9ZltRYksNBND179ZSUR5peD8y_lmrAldGzfXJ5eULRoh63p2v5BuGuqQntztQHjCzfFVdNxmfZOG5wQGOkcfiDsPcGGPgWK_U663BJ20xmW2M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 24 Jan 2022 18:47:38 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 064F 		74 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQqSAgLJ_AXQjfM_epChucebk8brYTaA6MPm57zMRG9ql5gACVc4wFAR84L62DeOY86XlfX5xRGWRsJqTH5_wvmNbQcYw172fwBAEgGm7lEgV9_T8lohZMa1-EYeEFZINwxZV9ey8f_TWgGPPqXIvXkNPmFA&dbm_d=AKAmf-Cm_2O8pD61YGpFU5sD9qzJFHnFlEIQDfnHNTlVenS4xMOXAxwZaUSpCWBUmVu_Ffk2z0j43_vrjUBB5fsalruZGNkUqKScZMBMGI2e1FCKxDfpqtHN0e4n4zNWt8kkQVM6AU5ZEAvDzaL4MvVSRYL_3kwKQFkMlWlbZCeT4fvyeEk9EaGm6iIoCRDBYcjVLZ_0WXf93-QQkKVrB0gnXxCi23veoi19WVJwv4qPNL2yy63axuqlj_IU8k-CrEgIb-rUHXb3BxPdNpMqB2lVkBQdOFAzsoezGt2VKB6ChmVGivCFdapTtX2s2nTBWLWMyNInk8wQ4StOlDb36q5ioTy6crV37TWK3Dv8Z9WbRG2Bd_fgtmXxBWnE3DVGoqvq7G4iLfiyX21alCN1-eealgMEnqzHWzVC4VCCZLqhnk4sSa0xO0RvkP-TAPbGagvtb6cyhXi133zR5K9H4uk8HwmdtF-BRGGpcUmhoiIp24Qa5FPacv546sFDjqku_IWl9tQFVwyUTrni6YOe2C18r6vC1iow6SUS-mMZzo1YupOlP2DnISJzHAFDMK2vaagFsGnQX0lF36hBHo3DIUQWsf5liA873Qf1FBDOLL-7wA7aCeGVMwpbGI4-lZ2fHF1miTilxRgykDQnALuI3d5SR15akLvTzBQgJ9vSbdQJLz6E2N7p3aJ3V_-bE2-lBS9Pzs-ySaA9XHuWJX_O3Rj8WQqWVglV3XEXvmEvOarBLObUo3uU-P7IgEZwvn3YXEpYawC0rkSnjPo5qMj1Y2Of39PjT5_t9Rpg5BkAMyMPNBqfjkWs3DbdiuLGBIvCnGoGMWOJg8WBkHlDQbSTU_TBFiqL3AIez7Biw3TLJV_shkC3953KsTfrTsR-kyZFKs_ovvNfYV6ZwHwbMDigHFo-F4b3-9C-kWVXZ6jNcMwJz98zpKOnw-PSzhOGLGgeuy52mFvpCfUo-BTbgSeXpzS7w56ezWetckXHhw_f4-dkHqwL_mihJ48qjW8ki6Z1JlgmmjTpAJffBHhSi_aNIKaQgYk5nE1RqjebAUODsC-ASk1a-JE7X2N45rVMB-vuFQ7-3i-gnR_-tmJt3LtYHNgW35m_YExwIjl3O8mVh-zJyr5hl3mOzk464lUsdH_Wm5hEtbzys92BCSh7V6qBbBK3Jgp_SzMQGc8i201JTRk8scEtSwSVyHW4hyTRSwJYyqJTsuo4X8WXZcul6c7ImZyU_FchF19lpYUv0Y1uSrwsXP6UzMBpLtPhpD0-rGxLARBfoh4iX3wzbqSDA7okp-SMBibXtFtQgVR3rtDKwR-j7q4QOJgW1IZ0eUPsXuQeCNQk8wP1gYSmyCVz229V3vZJC_o1ihNRIsWqKS-h3TPh3DSTc4e3NgL6HlErrTeFPLRbxEdejFvDfgu9uAQAvUsu79ZNZTYYCSndBrQCgEw1WJIJwc48Q1nW9tElztIBQN0EMI8fIKyz5F-S0okCiRBJfBdEM6LKrsRQNTEpWwQmq4imokuZWrPaePSV3IEk_xBvK1GTqnca0E7vw-K-f9cf6KpsUjUG_HA04JTwU_TJcBkC5xRTkFcD7W_JSvXHUttEGdjGUuSS8tLOaXvSDVBw_LqMzmgPHQlAG5WYhBIUfRw_-DIhMkylaDbwvWDrQsw5nF3MxriKLyimuxov7psVYRLqYTU4oqMcU6CnfUpokLnTEBvF0LYHDHYTo5vtnB36jvpB3axovVwvcEtrNA8s3HLVzQ8gIpUWJ6XJNIP6gCEazfFmFF76UI4I54fc7EMYbLSZWs6jvluBrvI9YIvUNHpludomK82q9_F24-hfTtgDlXqpmgGqPBL9DvPkw-ISmyfW9Ef7JtZB12mwfVK0OIeSuKG2my6IlY4Z5xEOtchDgNieXUH1Cg9w_HYPOW33jzFIFLcyMmBbDMZuxrz8OlszSBEmzhDCdsjp5NnPwEVED3AvpdmhzsMxN3h7rTduessje4S2Eof7PUl1hvmMafYA5uHBVlUI8UUf0gWHJKgKmuqN3C70Dk0TVQ5oP-AeftEnzkfH2Bn72Sp1IDh0qGXpXx_4Pk13jqdz8AEuN1ymFYdjrGyy-NzJQB7yUB-jt_o23hMcI5Y16eZVIgdekWWFO0zT3dXJN2pq9cBVLzbEnzTbs0vH6WPoCGbc7mrd9xYmGV4p5KW9EkcMWHc8FHRgXUVwbnqFiYB2Y5tx4acxnhEtijv9JcQc--h3V-di7eCAfAbUxEp6pavamkNT5NA-MYymadQvBzIMnUVTvq16aa_Mrriv5vaShCUvbjcWqhxXh4lJVNGvd-Aw6FyoygiagXzQDeuG-elNVvZLQTYAlSMQNOIVUyABHthIQBdd4k8oTC0ZlGw_o0azGuutCPiKnldlMR9I541H2DPOsQj50NX931-8ECviaHlDAr9oeKWUKdeROROQTcCzIabMEaDaClrgGuy3R8bD7ULvuX4ZMyrz0Pjj8tgd6wPLpyB_2Oiz_67neN09bMRUiqN1m1ZmZgsRYeXXK4nHJLV2XfoMwuuwRGiSxbG0to5YBfLydCjZxzuXwpcBILEM0_vP_pjVzbR-tSoe4pnKRBhVh-i97jjXnWC3to5nJXTOiW0vnOHaaaT_LAsU9MJYiQZ-8JkSeauxkdijqIv97qYT1MFu3SwwZQq37gHpttZRGmJyNeFP-XbShLMcvE_Es5MHeqQpRxACNbjS4tou7SrIDVCkwcsNR4ICz05BYk1h3xjci5WZkfhPjZG5QZb6y1zpeEpExzx7F2gJp8xfalbfmP5Dkm1v64H7LSQ2A8jfu4RCaVmcPPiD4SlqnTQm03OM0BOwzKf2wqAwDWtHYiRHpU7Tul9-snpdlf19Mro-FCo3r9CLZComC3RODIQlQNI1SV5VYR99-Up8Ut16Mh6cYwVsq55tmCQduDfhQunEzGaqMKIzUmdp3m_h1AArLKbdIU86Hs3iFc-h6i6qA1UASZtVtE19KnKeGetx_0uY9n0ZrleEsjV5h71BBOCXkWldsEyNv1zVxPgJ4A0xd9ox03ZUOSRHD1Mp3MOmYXJXOq5c-7M90Gx0-72z2nk5pcJJv3LaOYkIziSq4FjAD-ioZHgKncKuKG5TQes6Mr7LBJyXdDiw-t5DjhldZp_-YZsARVr3I99CQbaCToiKDsMIj9r-b2ENdkBqQ0krYqT2rGAdVXiQ19cCN8CdrAjXo1Bd1NzanTMd-YCNeCTW9WSpgMfFR5d8VIDETaILdPZ0Yflb28zfrOHJsQYMPMbxPO52AeEfwZ4S0C44qz0ki0DRsRZ1NIpakBisq9W3xXNI5WW2P7KVIn4R_r0-0cLARH47ZvHv1nzbOg&cid=CAASEuRoj-8kUPFxqN6V5ULU6IPp2g&rfl=2%2Chttps%253A%252F%252Fdailyvoice.com%242%2Chttps%253A%252F%252Fdailyvoice.com%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7abc5baec38b9c571ddd5a8760e315c239b90bc2cf0c492f3c562113ea6d8213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31995
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
17177235262227185398
tpc.googlesyndication.com/daca_images/simgad/ Frame 16F6 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/17177235262227185398
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cf7a2f0cea0aa064b6f4a29423e0a4f25ff2da874f29b44bf381a0009e898a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 20:13:07 GMT
x-content-type-options
nosniff
age
426871
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28882
x-xss-protection
0
last-modified
Sat, 15 May 2021 06:42:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 19 Jan 2023 20:13:07 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 16F6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 20:15:16 GMT
x-content-type-options
nosniff
server
cafe
age
81142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 24 Jan 2022 20:15:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 16F6 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
47044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 25 Jan 2022 05:43:34 GMT
img
ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/ Frame D652
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=8f3de30e8e4b93df1b8f23f66cc5d3eb0354458c2bba478408b5c6551fa00517&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F965e2bc6793644c0ab38cf...
  • https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/img?tpid=42&gdpr=0&tpuid=6472559499329098849
49 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/img?tpid=42&gdpr=0&tpuid=6472559499329098849
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
nginx
location
https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/img?tpid=42&gdpr=0&tpuid=6472559499329098849
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
track.adform.net/adfserve/ Frame 0990 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=52612369;click=https%3A%2F%2Fhal90009.redintelligence.net%2Fc%2Fpxlyzh1ievmsxx8%3Ftprde%3D;js=1;adfxid=1x;9194;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fdailyvoice.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ecd1433351d9647552201958903338ac6217699d8e141bcb4d78d4366c7b3725
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2043
expires
-1
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C18D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=600&slotname=4818556260&adk=4118982070&adf=366370288&pi=t.ma~as.4818556260&w=300&psa=0&format=300x600&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050056919&bpp=3&bdt=1890&idt=422&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=2&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=1791259828&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1196&ady=432&biw=1600&bih=1200&isw=300&ish=600&ifk=2683811075&scr_x=0&scr_y=0&eid=31063751%2C44753740&oid=2&pvsid=4022265781398971&pem=146&tmod=1306111432&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3lm0hel3u1y4&fsb=1&dtd=761
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 24 Jan 2022 13:26:12 GMT
expires
Tue, 25 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
19286
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
common.js
maps.googleapis.com/maps-api-v3/api/js/47/6/intl/de_ALL/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/47/6/intl/de_ALL/common.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb4d9efe6581c1eaa8e47ef3040565679cafa05bb4dcdc77c5f722534f13a54e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:56:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
420670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28641
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 19:41:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 21:56:28 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/47/6/intl/de_ALL/ 		297 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/47/6/intl/de_ALL/util.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1e52df26e73aa91fd670f57a4f3d92f4cf3496121f6b124fd0378ff467e6db9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:56:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
420670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92751
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 19:41:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 21:56:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7E3A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGQw8JBbZlVX4JRqrWf4WddYxndCBd1gzh2ncP16OgLtEfBNuX2ClBVcACiZyxsmbndKbgW7Src39ZF19_uiEDcc8fAnU0inWXtawJU33XEDMVEtSbQBBvKrClgxPGW6ccsymSZ5KJUUtwgv5vPkpCLy2WrbeAsyAr0Un3nxGGJEl2cQB3Yu5aJn1Qm5DWLZamgHUMetHsKthb4w8XruCdK6W2lCVjwZvcTlh72by1mkEoVgF-viSJjqAJ3auKugN3a-JfNreHlJHZSjwsMMUM6M-DV9U6oYY6Fay2XAhdJcbiHHilxxmmylKy6ITB&sai=AMfl-YS70E5nWv9FvEO1E9i5TMb6yzEymnTQmw6aYQs0eL4GNFzZeD-pcUWU1nf2T-5xQFE41y2P6y3Xrtvczsg6muPw1KAi7FRAtvxKcXC3HyZjSfS1hQJXJJRpHq6rtk0&sig=Cg0ArKJSzL9KysPyGLkLEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 24 Jan 2022 18:47:38 GMT
usync.js
eus.rubiconproject.com/ Frame DB83 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f46cc92a45e5d2f9007c9aff6ea24d395c901a5878f441733bb5d08682f4765a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17647
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Mon, 24 Jan 2022 23:41:45 GMT
truncated
/ Frame 07A9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58b09f121dec5d5455d3c2689b5941cbf96e2fd0e120457668d9904642295c67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 82AB 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f46cc92a45e5d2f9007c9aff6ea24d395c901a5878f441733bb5d08682f4765a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17647
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Mon, 24 Jan 2022 23:41:45 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 8661 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60772176&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 20A3 		377 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D32345F32307D7B7331363237333138347D7B4335377D7B535A47467062486C3262326C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B4C31303934347DFEFE&userIpAddr=84.19.175.184&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C864%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61eef44680d18&debugInfo=16273184_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16273184&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed28c9nkrqiplw&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10944&flowMode=both&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=dailyvoice.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e58bc10b3948106bc0f0d27a5d4951bc2c96aeab02674bbdb7a1c7a8637842d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127290
x-xss-protection
0
expires
Mon, 24 Jan 2022 18:47:38 GMT
truncated
/ Frame 0990 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 0990 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1b618bee5daf4e8a14ef5aefa5c7e80ea96451fcd48884e8a615e4250a9d4ba8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 09:30:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 25 Jan 2022 22:26:21 GMT
rum
dsum-sec.casalemedia.com/ Frame 90CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGLaksb0BMAE&v=APEucNXDNnEha5Pn_swM9Poo0yCAHPP573FxV-99cDQwsgt3vNU9c8xLNv7cMC76pfOyxiG0lcyQtDHb_xgScaBs_cLUs0TC5QUptx-BtDQmUwhPYhzIV-Odx0b1IR4cgL0jUSVtrqiuzbipyGHElCCY58Q26yLn9AATTmr2DrYGWUnSdZjFBTI
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:38 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 90CD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ye70RiWLROK0s22WR3QvzgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGLaksb0BMAE&v=APEucNXDNnEha5Pn_swM9Poo0yCAHPP573FxV-99cDQwsgt3vNU9c8xLNv7cMC76pfOyxiG0lcyQtDHb_xgScaBs_cLUs0TC5QUptx-BtDQmUwhPYhzIV-Odx0b1IR4cgL0jUSVtrqiuzbipyGHElCCY58Q26yLn9AATTmr2DrYGWUnSdZjFBTI
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:38 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHH4R-Qv0vwLuu_BKCfzKOk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 90CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGyGhhC_qCvj7fM6dS9Aw68&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGyGhhC_qCvj7fM6dS9Aw68&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGLaksb0BMAE&v=APEucNXDNnEha5Pn_swM9Poo0yCAHPP573FxV-99cDQwsgt3vNU9c8xLNv7cMC76pfOyxiG0lcyQtDHb_xgScaBs_cLUs0TC5QUptx-BtDQmUwhPYhzIV-Odx0b1IR4cgL0jUSVtrqiuzbipyGHElCCY58Q26yLn9AATTmr2DrYGWUnSdZjFBTI
Protocol
HTTP/1.1
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
eb411f89-d360-4e73-855b-a3ec28d7351c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGyGhhC_qCvj7fM6dS9Aw68&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 90CD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc2NjcxMjM2MDI1OTU2OTc2Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc2NjcxMjM2MDI1OTU2OTc2Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGLaksb0BMAE&v=APEucNXDNnEha5Pn_swM9Poo0yCAHPP573FxV-99cDQwsgt3vNU9c8xLNv7cMC76pfOyxiG0lcyQtDHb_xgScaBs_cLUs0TC5QUptx-BtDQmUwhPYhzIV-Odx0b1IR4cgL0jUSVtrqiuzbipyGHElCCY58Q26yLn9AATTmr2DrYGWUnSdZjFBTI
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
448d60d8-0559-4c95-9307-8791bcf571f6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc2NjcxMjM2MDI1OTU2OTc2Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 873F 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 11:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jan 2022 11:59:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/ Frame 873F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AysnEAN4zkNk4LlMsFLCNA5FLV2scrfDx4i_1UQMS7Mk2i4I_4WO9gK9oO7vElMO2eFfi6RJOzQV0hbVb9Kx97uy5Cv5C3MvHaOUkJPuFOwIET_kWF4sHaWRTfSg03SZlYdlBb6eGcu5DkNbYY694JY7LZmA&dbm_d=AKAmf-CvVIRzFEHJeBB8ln8NlZSl8gM2VNR2WCuFnIyGEsqz0R-IWqUmvlBD6x-S36w1FjfTgGkU7G0yyq36Ya4IXjxVpYxuRL567zKUtI04zNZ6UUnfjKvK4SfiQcwzp6L0HSGJc3DEyU1sXpWoIo0WzW9CpasB0qjz5esT3y--0GJPP9Qp9elw4zXJC4Dz41MLqMNJTZBI8kE8FaqlLPlp4nWvcVfADEiBEF5pNklz--e9EetiDE42WC05PfDzoPuvURQ7y7XRt_zizv66ERjIjOXxlOKYVRvNOKqhSnjfWMfGbqONrpGSFYen34V9tuFbgUNME68us9759EwkL798q8AY3AI0Lki6ORHWvLDLonZ2r-SiCfJpt5scz-bZLE4HB6V-ryK8xZ7RMyiw05EFeqpYUyKl8bx-GIaQ_8dr0Gx_qxrEXGbPbEwWVt88iDbDWkihn8e321EjKfNx0EOrVA2V6yPPNFaUTWBHnj3o4xlAJvxABVnBrVjTyOvxpV15gVfqb8LsU3s-OiKp_DbGbDp3Ib-PRrc7xk9P9jC7d6iuxgj_sFp1iKrl0T3duTl5Co4HXmLFaTqDpkWbztppe3AKokFS-DYEXZKaHHtgzIzsgsPaqYxd395WyMZEUDfmq6A49XlQWMwaoSz1RoEAVOoR1X1GtfO70eJbngJu5Qz170m0vPzSm8LnbTPCYd_MYE9iNllfl9NjGnC-g_Kr_TCTTXlPVbo9fSytNC049vcVR8zaqygQgo_vVqXajfaUNBKZ4pjHXo_7ELqYwvAyUIaxixMmKMULrPxifsRMbgIqQgseByDffQLHU026x8lmKgJmoyEhtM69zhU27wvh0ujUEh3jhxFhLt7jHBU2-3_CRJfXfG9_a5jGdXIzBm5kE3OU5_GJcgp7W01ig3nSM5cmw8rzLmHNMMmQcsMzv60oyNSDIk6TJgk_6bK8elghTvwFyYE4FU8o6EfisGRW9Q-4HL8XIJAXFX76lEhzjUglBB05-vAcFj7Irv8ErPB7QkCi5XP8DmDYN7McypILKezySFRr0Nxq12HVz18vVgMiBP4NyIDvnuToTGo27-gfN-qfRoyqUyz4uUfMzWbxkvhqCsmDt5dWM9RAlT9E32ZcBx0lx4E0AvTlLF1knrQ3xXR7H2tbQ_Hyn0YhKqAyxlrE-Xi_Gww4OWqkAvrkAt7clr2LDeukajpxR6h8Pdx5ts1UFaN1i8Fic8wYeSE6Jteu8lffZkhS-hFtagK3ZKN2D8MJ63TLO_-gwcFWv-BwozF7uVR6NzMlno_unZVeapmDguTz0eWcza-z2cnlVpxzWBLZHoBObwPOm9JaF2cbiPfpQncjHKZtAdyRJyZMSZcXn1p89lDAUGd295gMUFOyKCz7SJd2E1FRmdUSXW9Rhre64UWU8jj9OCysnvaOqw2e47ibunREWM8L69ZRDw3-hnAIcJUlYK6Rv3ZmVTUaHkjWRPg8ezuflBZTJjL4Yp1FXH_lyBZcwiooD8908nksg2BOZi1q1KFRyOYkQ3ZBZZvvN_yTwAuVnJoprxEDogKRswHmQyQ5EuE7PhcTH5L72AYx50MvETJAGYaRKqzUXhT5tZMMA4P_XSmYxWKwfsJ4CEznru83GQ1VuKWNBIXjdGgWfJ7PTMrIpTkLNvP1FrOIWVsOH5yyfosxCOqPYHqy3z8rAlQYx53Sn1_TuGOWZAZ-RpN3BzWyEZt4usJ35iOgzcIoXu0C3VNWsI9YODf3jgaaZe9VfMyucjIlmErK_YNP9ztnOrKmdcqoNHWs_FO2djw-6IsCMvaa8T6LWNr2UUlOwvqYITsuvmNTUe2o45giIyDSsD2TOcAYK765cerkN4-t8rH7IIJBznx14njRV7whX4s1Bj56qlt1Kfz2kTbnMjJISyax05WwVYo4S814-nLAxyOyb_ikYSYzyj6RLdY41BPOSeGhspZfDoQB4idDQ2hy_I9aqN_eMWI2tbmkI3Ss-vr99Jo1rFElcAHK9zcbuH878m-4vLD6g743PVcvk43X53JUnQRdY7PJQ0iVSN2lePqCwdZOTpYHap0u1WhkUvzsHP4rNlMCUCu3qVkl3WjKsvwHFXdL0yLZUreafBFFQAOl6ZNGAaMHYc12MKvfYr5tqvkGsBc0NDrtdn3olWQsen3T5aAN3ZXaQ3eucrLAubst6VTtbhXNvpcyW5bt_mGYH-nbnSSRL8C5Kp0Kbygp1oNiNw0FLDwxyebI0WaMVw8IVy1xlH_vzLhzjhlJSaSvrRc10enKiICnvZG4SuWJu4vRLvIrs9pvJZXluPhZSId_I1R7-ob7nBtknkBkb5Q0fOD2Jj-zFbGeLmqfknMN4Hc__x51iLiby1idB8X01Ee-iRrowu-NCZlVXLVaLgiSOwAjks4zvEKozqDiWLylU_1VDJ51alGzNb71ExCWqe2jEnr8CQjaBYlbODKTWiK3k6F9Bw_u9bkRHueHlt4rfMTl2Bg_5oDcyD6b9JPR0Al5Vz-1l6pAfDxVo2TT-KSrijeJ7uQ97PW8WoC5i7kVbCe1I3a5dlpcd_kWPbw_TInz9S_iwNniTyWQ-IdJgre6mmVdlwrD7ZH--a5LwF9In_-rsQ0Nj35rjx21_jkV_NufM32KiaJcBuX_60AW_xSAerx1G5vQYpPfikM8o_mnTsEdAcXePt51xWYORzkJf_pGrHbKf-NxOAkIaTx0_KKXtpEQfHGDMEsCvGbjcuirMEdKL7VWfRcGNW6D9PHPC8Q9Z6iZtGFHMei4AoEFdG55J2N-jXqMuzGUlvv_VMk5HbhV-M0Qw801CgSQCdSGqD0drnkslHjU7cKW1ao7cS9bYO4Uu1hTdk6s0MomW0u9ZlZtGkZo9myTu3HEzNLNTDOLyCRPlatojrseH58_3WmshaukKRvvoSeWUU2me_eRp_QF3hQ7COV4sNtEBPXoIURpXM9bTgp5erC079cerpBwpRg2BiwmDG2rdtSot-9aiZVR_iP9xq7EiSgUJdU7jwnluq9MJJL8dFaZm8MBc4-8YqyiKS8AEHeRLpqL8gJN_QRU3zEjAAlLdEeTRBF6fh8e-7fmCDf2BhtvIPOoXB7SDU1r6WfmsxZRdggj_mtpZ8aLm-e9JDKPottt7GcVnt8rNQdON32SIzqMwy3DWbHf4_rS7sr7ookB5rd6adOdVdV0SXQNKGYKn_7VPhcHKQf2-Kglfhfor2aec1RWflfbab94Egp1IXc8P38OhILJlfa7vzD2nS55UYjRs5EQ4mJBRdx8ZlLQ9Ae2CV-n_leIcPG5MVCmoMVhpZ8VNkI-gKrnLDhaumW_8bc4DgB9fFTthaUTaKAThATvG9CWrw&cid=CAASEuRo4DVX3bUJK0exNR8apqobow&rfl=2%2Chttps%253A%252F%252Fdailyvoice.com%242%2Chttps%253A%252F%252Fdailyvoice.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:40:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 18:40:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/ Frame 873F 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AysnEAN4zkNk4LlMsFLCNA5FLV2scrfDx4i_1UQMS7Mk2i4I_4WO9gK9oO7vElMO2eFfi6RJOzQV0hbVb9Kx97uy5Cv5C3MvHaOUkJPuFOwIET_kWF4sHaWRTfSg03SZlYdlBb6eGcu5DkNbYY694JY7LZmA&dbm_d=AKAmf-CvVIRzFEHJeBB8ln8NlZSl8gM2VNR2WCuFnIyGEsqz0R-IWqUmvlBD6x-S36w1FjfTgGkU7G0yyq36Ya4IXjxVpYxuRL567zKUtI04zNZ6UUnfjKvK4SfiQcwzp6L0HSGJc3DEyU1sXpWoIo0WzW9CpasB0qjz5esT3y--0GJPP9Qp9elw4zXJC4Dz41MLqMNJTZBI8kE8FaqlLPlp4nWvcVfADEiBEF5pNklz--e9EetiDE42WC05PfDzoPuvURQ7y7XRt_zizv66ERjIjOXxlOKYVRvNOKqhSnjfWMfGbqONrpGSFYen34V9tuFbgUNME68us9759EwkL798q8AY3AI0Lki6ORHWvLDLonZ2r-SiCfJpt5scz-bZLE4HB6V-ryK8xZ7RMyiw05EFeqpYUyKl8bx-GIaQ_8dr0Gx_qxrEXGbPbEwWVt88iDbDWkihn8e321EjKfNx0EOrVA2V6yPPNFaUTWBHnj3o4xlAJvxABVnBrVjTyOvxpV15gVfqb8LsU3s-OiKp_DbGbDp3Ib-PRrc7xk9P9jC7d6iuxgj_sFp1iKrl0T3duTl5Co4HXmLFaTqDpkWbztppe3AKokFS-DYEXZKaHHtgzIzsgsPaqYxd395WyMZEUDfmq6A49XlQWMwaoSz1RoEAVOoR1X1GtfO70eJbngJu5Qz170m0vPzSm8LnbTPCYd_MYE9iNllfl9NjGnC-g_Kr_TCTTXlPVbo9fSytNC049vcVR8zaqygQgo_vVqXajfaUNBKZ4pjHXo_7ELqYwvAyUIaxixMmKMULrPxifsRMbgIqQgseByDffQLHU026x8lmKgJmoyEhtM69zhU27wvh0ujUEh3jhxFhLt7jHBU2-3_CRJfXfG9_a5jGdXIzBm5kE3OU5_GJcgp7W01ig3nSM5cmw8rzLmHNMMmQcsMzv60oyNSDIk6TJgk_6bK8elghTvwFyYE4FU8o6EfisGRW9Q-4HL8XIJAXFX76lEhzjUglBB05-vAcFj7Irv8ErPB7QkCi5XP8DmDYN7McypILKezySFRr0Nxq12HVz18vVgMiBP4NyIDvnuToTGo27-gfN-qfRoyqUyz4uUfMzWbxkvhqCsmDt5dWM9RAlT9E32ZcBx0lx4E0AvTlLF1knrQ3xXR7H2tbQ_Hyn0YhKqAyxlrE-Xi_Gww4OWqkAvrkAt7clr2LDeukajpxR6h8Pdx5ts1UFaN1i8Fic8wYeSE6Jteu8lffZkhS-hFtagK3ZKN2D8MJ63TLO_-gwcFWv-BwozF7uVR6NzMlno_unZVeapmDguTz0eWcza-z2cnlVpxzWBLZHoBObwPOm9JaF2cbiPfpQncjHKZtAdyRJyZMSZcXn1p89lDAUGd295gMUFOyKCz7SJd2E1FRmdUSXW9Rhre64UWU8jj9OCysnvaOqw2e47ibunREWM8L69ZRDw3-hnAIcJUlYK6Rv3ZmVTUaHkjWRPg8ezuflBZTJjL4Yp1FXH_lyBZcwiooD8908nksg2BOZi1q1KFRyOYkQ3ZBZZvvN_yTwAuVnJoprxEDogKRswHmQyQ5EuE7PhcTH5L72AYx50MvETJAGYaRKqzUXhT5tZMMA4P_XSmYxWKwfsJ4CEznru83GQ1VuKWNBIXjdGgWfJ7PTMrIpTkLNvP1FrOIWVsOH5yyfosxCOqPYHqy3z8rAlQYx53Sn1_TuGOWZAZ-RpN3BzWyEZt4usJ35iOgzcIoXu0C3VNWsI9YODf3jgaaZe9VfMyucjIlmErK_YNP9ztnOrKmdcqoNHWs_FO2djw-6IsCMvaa8T6LWNr2UUlOwvqYITsuvmNTUe2o45giIyDSsD2TOcAYK765cerkN4-t8rH7IIJBznx14njRV7whX4s1Bj56qlt1Kfz2kTbnMjJISyax05WwVYo4S814-nLAxyOyb_ikYSYzyj6RLdY41BPOSeGhspZfDoQB4idDQ2hy_I9aqN_eMWI2tbmkI3Ss-vr99Jo1rFElcAHK9zcbuH878m-4vLD6g743PVcvk43X53JUnQRdY7PJQ0iVSN2lePqCwdZOTpYHap0u1WhkUvzsHP4rNlMCUCu3qVkl3WjKsvwHFXdL0yLZUreafBFFQAOl6ZNGAaMHYc12MKvfYr5tqvkGsBc0NDrtdn3olWQsen3T5aAN3ZXaQ3eucrLAubst6VTtbhXNvpcyW5bt_mGYH-nbnSSRL8C5Kp0Kbygp1oNiNw0FLDwxyebI0WaMVw8IVy1xlH_vzLhzjhlJSaSvrRc10enKiICnvZG4SuWJu4vRLvIrs9pvJZXluPhZSId_I1R7-ob7nBtknkBkb5Q0fOD2Jj-zFbGeLmqfknMN4Hc__x51iLiby1idB8X01Ee-iRrowu-NCZlVXLVaLgiSOwAjks4zvEKozqDiWLylU_1VDJ51alGzNb71ExCWqe2jEnr8CQjaBYlbODKTWiK3k6F9Bw_u9bkRHueHlt4rfMTl2Bg_5oDcyD6b9JPR0Al5Vz-1l6pAfDxVo2TT-KSrijeJ7uQ97PW8WoC5i7kVbCe1I3a5dlpcd_kWPbw_TInz9S_iwNniTyWQ-IdJgre6mmVdlwrD7ZH--a5LwF9In_-rsQ0Nj35rjx21_jkV_NufM32KiaJcBuX_60AW_xSAerx1G5vQYpPfikM8o_mnTsEdAcXePt51xWYORzkJf_pGrHbKf-NxOAkIaTx0_KKXtpEQfHGDMEsCvGbjcuirMEdKL7VWfRcGNW6D9PHPC8Q9Z6iZtGFHMei4AoEFdG55J2N-jXqMuzGUlvv_VMk5HbhV-M0Qw801CgSQCdSGqD0drnkslHjU7cKW1ao7cS9bYO4Uu1hTdk6s0MomW0u9ZlZtGkZo9myTu3HEzNLNTDOLyCRPlatojrseH58_3WmshaukKRvvoSeWUU2me_eRp_QF3hQ7COV4sNtEBPXoIURpXM9bTgp5erC079cerpBwpRg2BiwmDG2rdtSot-9aiZVR_iP9xq7EiSgUJdU7jwnluq9MJJL8dFaZm8MBc4-8YqyiKS8AEHeRLpqL8gJN_QRU3zEjAAlLdEeTRBF6fh8e-7fmCDf2BhtvIPOoXB7SDU1r6WfmsxZRdggj_mtpZ8aLm-e9JDKPottt7GcVnt8rNQdON32SIzqMwy3DWbHf4_rS7sr7ookB5rd6adOdVdV0SXQNKGYKn_7VPhcHKQf2-Kglfhfor2aec1RWflfbab94Egp1IXc8P38OhILJlfa7vzD2nS55UYjRs5EQ4mJBRdx8ZlLQ9Ae2CV-n_leIcPG5MVCmoMVhpZ8VNkI-gKrnLDhaumW_8bc4DgB9fFTthaUTaKAThATvG9CWrw&cid=CAASEuRo4DVX3bUJK0exNR8apqobow&rfl=2%2Chttps%253A%252F%252Fdailyvoice.com%242%2Chttps%253A%252F%252Fdailyvoice.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:46:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 18:46:38 GMT
sd
us-u.openx.net/w/1.0/ Frame CA73
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENZc_LqXqFRqDQdNMzbZS9M&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENZc_LqXqFRqDQdNMzbZS9M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGMyXsb0BMAE&v=APEucNUcDrTdE7TkBln7omVzEo1MCSBV5fifKaIQafOuKGm7p0DnhY_h-DuW3AQMt4qihAGLcc9ZltRYksNBND179ZSUR5peD8y_lmrAldGzfXJ5eULRoh63p2v5BuGuqQntztQHjCzfFVdNxmfZOG5wQGOkcfiDsPcGGPgWK_U663BJ20xmW2M
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENZc_LqXqFRqDQdNMzbZS9M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame CA73 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGMyXsb0BMAE&v=APEucNUcDrTdE7TkBln7omVzEo1MCSBV5fifKaIQafOuKGm7p0DnhY_h-DuW3AQMt4qihAGLcc9ZltRYksNBND179ZSUR5peD8y_lmrAldGzfXJ5eULRoh63p2v5BuGuqQntztQHjCzfFVdNxmfZOG5wQGOkcfiDsPcGGPgWK_U663BJ20xmW2M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame CA73
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESELCSWkUi8kB9k6XBcIZgx6I&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESELCSWkUi8kB9k6XBcIZgx6I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGMyXsb0BMAE&v=APEucNUcDrTdE7TkBln7omVzEo1MCSBV5fifKaIQafOuKGm7p0DnhY_h-DuW3AQMt4qihAGLcc9ZltRYksNBND179ZSUR5peD8y_lmrAldGzfXJ5eULRoh63p2v5BuGuqQntztQHjCzfFVdNxmfZOG5wQGOkcfiDsPcGGPgWK_U663BJ20xmW2M
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 24 Jan 2022 18:47:39 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESELCSWkUi8kB9k6XBcIZgx6I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame CA73 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGMyXsb0BMAE&v=APEucNUcDrTdE7TkBln7omVzEo1MCSBV5fifKaIQafOuKGm7p0DnhY_h-DuW3AQMt4qihAGLcc9ZltRYksNBND179ZSUR5peD8y_lmrAldGzfXJ5eULRoh63p2v5BuGuqQntztQHjCzfFVdNxmfZOG5wQGOkcfiDsPcGGPgWK_U663BJ20xmW2M
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 24 Jan 2022 18:47:39 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 064F 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 11:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jan 2022 11:59:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/ Frame 064F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQqSAgLJ_AXQjfM_epChucebk8brYTaA6MPm57zMRG9ql5gACVc4wFAR84L62DeOY86XlfX5xRGWRsJqTH5_wvmNbQcYw172fwBAEgGm7lEgV9_T8lohZMa1-EYeEFZINwxZV9ey8f_TWgGPPqXIvXkNPmFA&dbm_d=AKAmf-Cm_2O8pD61YGpFU5sD9qzJFHnFlEIQDfnHNTlVenS4xMOXAxwZaUSpCWBUmVu_Ffk2z0j43_vrjUBB5fsalruZGNkUqKScZMBMGI2e1FCKxDfpqtHN0e4n4zNWt8kkQVM6AU5ZEAvDzaL4MvVSRYL_3kwKQFkMlWlbZCeT4fvyeEk9EaGm6iIoCRDBYcjVLZ_0WXf93-QQkKVrB0gnXxCi23veoi19WVJwv4qPNL2yy63axuqlj_IU8k-CrEgIb-rUHXb3BxPdNpMqB2lVkBQdOFAzsoezGt2VKB6ChmVGivCFdapTtX2s2nTBWLWMyNInk8wQ4StOlDb36q5ioTy6crV37TWK3Dv8Z9WbRG2Bd_fgtmXxBWnE3DVGoqvq7G4iLfiyX21alCN1-eealgMEnqzHWzVC4VCCZLqhnk4sSa0xO0RvkP-TAPbGagvtb6cyhXi133zR5K9H4uk8HwmdtF-BRGGpcUmhoiIp24Qa5FPacv546sFDjqku_IWl9tQFVwyUTrni6YOe2C18r6vC1iow6SUS-mMZzo1YupOlP2DnISJzHAFDMK2vaagFsGnQX0lF36hBHo3DIUQWsf5liA873Qf1FBDOLL-7wA7aCeGVMwpbGI4-lZ2fHF1miTilxRgykDQnALuI3d5SR15akLvTzBQgJ9vSbdQJLz6E2N7p3aJ3V_-bE2-lBS9Pzs-ySaA9XHuWJX_O3Rj8WQqWVglV3XEXvmEvOarBLObUo3uU-P7IgEZwvn3YXEpYawC0rkSnjPo5qMj1Y2Of39PjT5_t9Rpg5BkAMyMPNBqfjkWs3DbdiuLGBIvCnGoGMWOJg8WBkHlDQbSTU_TBFiqL3AIez7Biw3TLJV_shkC3953KsTfrTsR-kyZFKs_ovvNfYV6ZwHwbMDigHFo-F4b3-9C-kWVXZ6jNcMwJz98zpKOnw-PSzhOGLGgeuy52mFvpCfUo-BTbgSeXpzS7w56ezWetckXHhw_f4-dkHqwL_mihJ48qjW8ki6Z1JlgmmjTpAJffBHhSi_aNIKaQgYk5nE1RqjebAUODsC-ASk1a-JE7X2N45rVMB-vuFQ7-3i-gnR_-tmJt3LtYHNgW35m_YExwIjl3O8mVh-zJyr5hl3mOzk464lUsdH_Wm5hEtbzys92BCSh7V6qBbBK3Jgp_SzMQGc8i201JTRk8scEtSwSVyHW4hyTRSwJYyqJTsuo4X8WXZcul6c7ImZyU_FchF19lpYUv0Y1uSrwsXP6UzMBpLtPhpD0-rGxLARBfoh4iX3wzbqSDA7okp-SMBibXtFtQgVR3rtDKwR-j7q4QOJgW1IZ0eUPsXuQeCNQk8wP1gYSmyCVz229V3vZJC_o1ihNRIsWqKS-h3TPh3DSTc4e3NgL6HlErrTeFPLRbxEdejFvDfgu9uAQAvUsu79ZNZTYYCSndBrQCgEw1WJIJwc48Q1nW9tElztIBQN0EMI8fIKyz5F-S0okCiRBJfBdEM6LKrsRQNTEpWwQmq4imokuZWrPaePSV3IEk_xBvK1GTqnca0E7vw-K-f9cf6KpsUjUG_HA04JTwU_TJcBkC5xRTkFcD7W_JSvXHUttEGdjGUuSS8tLOaXvSDVBw_LqMzmgPHQlAG5WYhBIUfRw_-DIhMkylaDbwvWDrQsw5nF3MxriKLyimuxov7psVYRLqYTU4oqMcU6CnfUpokLnTEBvF0LYHDHYTo5vtnB36jvpB3axovVwvcEtrNA8s3HLVzQ8gIpUWJ6XJNIP6gCEazfFmFF76UI4I54fc7EMYbLSZWs6jvluBrvI9YIvUNHpludomK82q9_F24-hfTtgDlXqpmgGqPBL9DvPkw-ISmyfW9Ef7JtZB12mwfVK0OIeSuKG2my6IlY4Z5xEOtchDgNieXUH1Cg9w_HYPOW33jzFIFLcyMmBbDMZuxrz8OlszSBEmzhDCdsjp5NnPwEVED3AvpdmhzsMxN3h7rTduessje4S2Eof7PUl1hvmMafYA5uHBVlUI8UUf0gWHJKgKmuqN3C70Dk0TVQ5oP-AeftEnzkfH2Bn72Sp1IDh0qGXpXx_4Pk13jqdz8AEuN1ymFYdjrGyy-NzJQB7yUB-jt_o23hMcI5Y16eZVIgdekWWFO0zT3dXJN2pq9cBVLzbEnzTbs0vH6WPoCGbc7mrd9xYmGV4p5KW9EkcMWHc8FHRgXUVwbnqFiYB2Y5tx4acxnhEtijv9JcQc--h3V-di7eCAfAbUxEp6pavamkNT5NA-MYymadQvBzIMnUVTvq16aa_Mrriv5vaShCUvbjcWqhxXh4lJVNGvd-Aw6FyoygiagXzQDeuG-elNVvZLQTYAlSMQNOIVUyABHthIQBdd4k8oTC0ZlGw_o0azGuutCPiKnldlMR9I541H2DPOsQj50NX931-8ECviaHlDAr9oeKWUKdeROROQTcCzIabMEaDaClrgGuy3R8bD7ULvuX4ZMyrz0Pjj8tgd6wPLpyB_2Oiz_67neN09bMRUiqN1m1ZmZgsRYeXXK4nHJLV2XfoMwuuwRGiSxbG0to5YBfLydCjZxzuXwpcBILEM0_vP_pjVzbR-tSoe4pnKRBhVh-i97jjXnWC3to5nJXTOiW0vnOHaaaT_LAsU9MJYiQZ-8JkSeauxkdijqIv97qYT1MFu3SwwZQq37gHpttZRGmJyNeFP-XbShLMcvE_Es5MHeqQpRxACNbjS4tou7SrIDVCkwcsNR4ICz05BYk1h3xjci5WZkfhPjZG5QZb6y1zpeEpExzx7F2gJp8xfalbfmP5Dkm1v64H7LSQ2A8jfu4RCaVmcPPiD4SlqnTQm03OM0BOwzKf2wqAwDWtHYiRHpU7Tul9-snpdlf19Mro-FCo3r9CLZComC3RODIQlQNI1SV5VYR99-Up8Ut16Mh6cYwVsq55tmCQduDfhQunEzGaqMKIzUmdp3m_h1AArLKbdIU86Hs3iFc-h6i6qA1UASZtVtE19KnKeGetx_0uY9n0ZrleEsjV5h71BBOCXkWldsEyNv1zVxPgJ4A0xd9ox03ZUOSRHD1Mp3MOmYXJXOq5c-7M90Gx0-72z2nk5pcJJv3LaOYkIziSq4FjAD-ioZHgKncKuKG5TQes6Mr7LBJyXdDiw-t5DjhldZp_-YZsARVr3I99CQbaCToiKDsMIj9r-b2ENdkBqQ0krYqT2rGAdVXiQ19cCN8CdrAjXo1Bd1NzanTMd-YCNeCTW9WSpgMfFR5d8VIDETaILdPZ0Yflb28zfrOHJsQYMPMbxPO52AeEfwZ4S0C44qz0ki0DRsRZ1NIpakBisq9W3xXNI5WW2P7KVIn4R_r0-0cLARH47ZvHv1nzbOg&cid=CAASEuRoj-8kUPFxqN6V5ULU6IPp2g&rfl=2%2Chttps%253A%252F%252Fdailyvoice.com%242%2Chttps%253A%252F%252Fdailyvoice.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:40:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 18:40:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/ Frame 064F 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220119/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQqSAgLJ_AXQjfM_epChucebk8brYTaA6MPm57zMRG9ql5gACVc4wFAR84L62DeOY86XlfX5xRGWRsJqTH5_wvmNbQcYw172fwBAEgGm7lEgV9_T8lohZMa1-EYeEFZINwxZV9ey8f_TWgGPPqXIvXkNPmFA&dbm_d=AKAmf-Cm_2O8pD61YGpFU5sD9qzJFHnFlEIQDfnHNTlVenS4xMOXAxwZaUSpCWBUmVu_Ffk2z0j43_vrjUBB5fsalruZGNkUqKScZMBMGI2e1FCKxDfpqtHN0e4n4zNWt8kkQVM6AU5ZEAvDzaL4MvVSRYL_3kwKQFkMlWlbZCeT4fvyeEk9EaGm6iIoCRDBYcjVLZ_0WXf93-QQkKVrB0gnXxCi23veoi19WVJwv4qPNL2yy63axuqlj_IU8k-CrEgIb-rUHXb3BxPdNpMqB2lVkBQdOFAzsoezGt2VKB6ChmVGivCFdapTtX2s2nTBWLWMyNInk8wQ4StOlDb36q5ioTy6crV37TWK3Dv8Z9WbRG2Bd_fgtmXxBWnE3DVGoqvq7G4iLfiyX21alCN1-eealgMEnqzHWzVC4VCCZLqhnk4sSa0xO0RvkP-TAPbGagvtb6cyhXi133zR5K9H4uk8HwmdtF-BRGGpcUmhoiIp24Qa5FPacv546sFDjqku_IWl9tQFVwyUTrni6YOe2C18r6vC1iow6SUS-mMZzo1YupOlP2DnISJzHAFDMK2vaagFsGnQX0lF36hBHo3DIUQWsf5liA873Qf1FBDOLL-7wA7aCeGVMwpbGI4-lZ2fHF1miTilxRgykDQnALuI3d5SR15akLvTzBQgJ9vSbdQJLz6E2N7p3aJ3V_-bE2-lBS9Pzs-ySaA9XHuWJX_O3Rj8WQqWVglV3XEXvmEvOarBLObUo3uU-P7IgEZwvn3YXEpYawC0rkSnjPo5qMj1Y2Of39PjT5_t9Rpg5BkAMyMPNBqfjkWs3DbdiuLGBIvCnGoGMWOJg8WBkHlDQbSTU_TBFiqL3AIez7Biw3TLJV_shkC3953KsTfrTsR-kyZFKs_ovvNfYV6ZwHwbMDigHFo-F4b3-9C-kWVXZ6jNcMwJz98zpKOnw-PSzhOGLGgeuy52mFvpCfUo-BTbgSeXpzS7w56ezWetckXHhw_f4-dkHqwL_mihJ48qjW8ki6Z1JlgmmjTpAJffBHhSi_aNIKaQgYk5nE1RqjebAUODsC-ASk1a-JE7X2N45rVMB-vuFQ7-3i-gnR_-tmJt3LtYHNgW35m_YExwIjl3O8mVh-zJyr5hl3mOzk464lUsdH_Wm5hEtbzys92BCSh7V6qBbBK3Jgp_SzMQGc8i201JTRk8scEtSwSVyHW4hyTRSwJYyqJTsuo4X8WXZcul6c7ImZyU_FchF19lpYUv0Y1uSrwsXP6UzMBpLtPhpD0-rGxLARBfoh4iX3wzbqSDA7okp-SMBibXtFtQgVR3rtDKwR-j7q4QOJgW1IZ0eUPsXuQeCNQk8wP1gYSmyCVz229V3vZJC_o1ihNRIsWqKS-h3TPh3DSTc4e3NgL6HlErrTeFPLRbxEdejFvDfgu9uAQAvUsu79ZNZTYYCSndBrQCgEw1WJIJwc48Q1nW9tElztIBQN0EMI8fIKyz5F-S0okCiRBJfBdEM6LKrsRQNTEpWwQmq4imokuZWrPaePSV3IEk_xBvK1GTqnca0E7vw-K-f9cf6KpsUjUG_HA04JTwU_TJcBkC5xRTkFcD7W_JSvXHUttEGdjGUuSS8tLOaXvSDVBw_LqMzmgPHQlAG5WYhBIUfRw_-DIhMkylaDbwvWDrQsw5nF3MxriKLyimuxov7psVYRLqYTU4oqMcU6CnfUpokLnTEBvF0LYHDHYTo5vtnB36jvpB3axovVwvcEtrNA8s3HLVzQ8gIpUWJ6XJNIP6gCEazfFmFF76UI4I54fc7EMYbLSZWs6jvluBrvI9YIvUNHpludomK82q9_F24-hfTtgDlXqpmgGqPBL9DvPkw-ISmyfW9Ef7JtZB12mwfVK0OIeSuKG2my6IlY4Z5xEOtchDgNieXUH1Cg9w_HYPOW33jzFIFLcyMmBbDMZuxrz8OlszSBEmzhDCdsjp5NnPwEVED3AvpdmhzsMxN3h7rTduessje4S2Eof7PUl1hvmMafYA5uHBVlUI8UUf0gWHJKgKmuqN3C70Dk0TVQ5oP-AeftEnzkfH2Bn72Sp1IDh0qGXpXx_4Pk13jqdz8AEuN1ymFYdjrGyy-NzJQB7yUB-jt_o23hMcI5Y16eZVIgdekWWFO0zT3dXJN2pq9cBVLzbEnzTbs0vH6WPoCGbc7mrd9xYmGV4p5KW9EkcMWHc8FHRgXUVwbnqFiYB2Y5tx4acxnhEtijv9JcQc--h3V-di7eCAfAbUxEp6pavamkNT5NA-MYymadQvBzIMnUVTvq16aa_Mrriv5vaShCUvbjcWqhxXh4lJVNGvd-Aw6FyoygiagXzQDeuG-elNVvZLQTYAlSMQNOIVUyABHthIQBdd4k8oTC0ZlGw_o0azGuutCPiKnldlMR9I541H2DPOsQj50NX931-8ECviaHlDAr9oeKWUKdeROROQTcCzIabMEaDaClrgGuy3R8bD7ULvuX4ZMyrz0Pjj8tgd6wPLpyB_2Oiz_67neN09bMRUiqN1m1ZmZgsRYeXXK4nHJLV2XfoMwuuwRGiSxbG0to5YBfLydCjZxzuXwpcBILEM0_vP_pjVzbR-tSoe4pnKRBhVh-i97jjXnWC3to5nJXTOiW0vnOHaaaT_LAsU9MJYiQZ-8JkSeauxkdijqIv97qYT1MFu3SwwZQq37gHpttZRGmJyNeFP-XbShLMcvE_Es5MHeqQpRxACNbjS4tou7SrIDVCkwcsNR4ICz05BYk1h3xjci5WZkfhPjZG5QZb6y1zpeEpExzx7F2gJp8xfalbfmP5Dkm1v64H7LSQ2A8jfu4RCaVmcPPiD4SlqnTQm03OM0BOwzKf2wqAwDWtHYiRHpU7Tul9-snpdlf19Mro-FCo3r9CLZComC3RODIQlQNI1SV5VYR99-Up8Ut16Mh6cYwVsq55tmCQduDfhQunEzGaqMKIzUmdp3m_h1AArLKbdIU86Hs3iFc-h6i6qA1UASZtVtE19KnKeGetx_0uY9n0ZrleEsjV5h71BBOCXkWldsEyNv1zVxPgJ4A0xd9ox03ZUOSRHD1Mp3MOmYXJXOq5c-7M90Gx0-72z2nk5pcJJv3LaOYkIziSq4FjAD-ioZHgKncKuKG5TQes6Mr7LBJyXdDiw-t5DjhldZp_-YZsARVr3I99CQbaCToiKDsMIj9r-b2ENdkBqQ0krYqT2rGAdVXiQ19cCN8CdrAjXo1Bd1NzanTMd-YCNeCTW9WSpgMfFR5d8VIDETaILdPZ0Yflb28zfrOHJsQYMPMbxPO52AeEfwZ4S0C44qz0ki0DRsRZ1NIpakBisq9W3xXNI5WW2P7KVIn4R_r0-0cLARH47ZvHv1nzbOg&cid=CAASEuRoj-8kUPFxqN6V5ULU6IPp2g&rfl=2%2Chttps%253A%252F%252Fdailyvoice.com%242%2Chttps%253A%252F%252Fdailyvoice.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:46:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 18:46:38 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame D652
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=4c98bad9-fe45-472f-9533-701b4dae78a3&gdpr=0
49 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=4c98bad9-fe45-472f-9533-701b4dae78a3&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=4c98bad9-fe45-472f-9533-701b4dae78a3&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1794287
content-length
0
expires
Mon, 24 Jan 2022 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C18D
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENpqldn23BUmNCsjXLl1WSo&google_cver=1&google_push=AYg5qPILjvv61MgI5T94cQ36tG8_D2oQXkBx3c5M_wyXokqKKm8G5MGHpI...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPILjvv61MgI5T94cQ36tG8_D2oQXkBx3c5M_wyXokqKKm8G5MGHpIGU3vCFH2Wnj3dfeudsrknEP15AEbS8JQ7gmVm0cAA&google_hm=HbQAUTp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPILjvv61MgI5T94cQ36tG8_D2oQXkBx3c5M_wyXokqKKm8G5MGHpIGU3vCFH2Wnj3dfeudsrknEP15AEbS8JQ7gmVm0cAA&google_hm=HbQAUTp5cMURnEY84Rsr8w
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPILjvv61MgI5T94cQ36tG8_D2oQXkBx3c5M_wyXokqKKm8G5MGHpIGU3vCFH2Wnj3dfeudsrknEP15AEbS8JQ7gmVm0cAA&google_hm=HbQAUTp5cMURnEY84Rsr8w
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C18D
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKid5WQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMjQxODQ3MzUwMDAxNzkwNTAzNjMzMQ%3D%3D&google_push=AYg5qPKid5WQeSZZm6w64Q6J6NR8YXMt_Z4d99If2ViZ22HrybQed_cIObZrgJBTKqW_Zp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMjQxODQ3MzUwMDAxNzkwNTAzNjMzMQ%3D%3D&google_push=AYg5qPKid5WQeSZZm6w64Q6J6NR8YXMt_Z4d99If2ViZ22HrybQed_cIObZrgJBTKqW_ZpUvLK3LnJSdTyH2ihthDqTy5V6OFM0
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMjQxODQ3MzUwMDAxNzkwNTAzNjMzMQ%3D%3D&google_push=AYg5qPKid5WQeSZZm6w64Q6J6NR8YXMt_Z4d99If2ViZ22HrybQed_cIObZrgJBTKqW_ZpUvLK3LnJSdTyH2ihthDqTy5V6OFM0
pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Mon, 24 Jan 2022 18:47:39 GMT
dds
rtb.openx.net/sync/ Frame C18D 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEPFWEL0oAS21aon6lx0I0eA&google_cver=1&google_push=AYg5qPJfOOKUSwGculB7UWygFG-KmwXYW59qPu1DKevo_aTKDJnLwax24qgSRl1hJKapZYLASwnGXbNUTI0p0h8xYCJ0BjtdmBQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=600&slotname=4818556260&adk=4118982070&adf=366370288&pi=t.ma~as.4818556260&w=300&psa=0&format=300x600&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050056919&bpp=3&bdt=1890&idt=422&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=2&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=1791259828&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1196&ady=432&biw=1600&bih=1200&isw=300&ish=600&ifk=2683811075&scr_x=0&scr_y=0&eid=31063751%2C44753740&oid=2&pvsid=4022265781398971&pem=146&tmod=1306111432&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3lm0hel3u1y4&fsb=1&dtd=761
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:37 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
haoicoe83h35g8sun43i1shqco9cmv8m
pixel
cm.g.doubleclick.net/ Frame C18D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CuHSlCsuQX-gEhUKMQxQ5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CuHSlCsuQX-gEhUKMQxQ5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK_DRev0cTR9paUTTcSaSq6P7jCpJh-II-An-JBXmzs_z2VdIXIoZBwiYloutw5VsBcS2db_ktvjckJCMS69SWkxz8lymU
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CuHSlCsuQX-gEhUKMQxQ5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK_DRev0cTR9paUTTcSaSq6P7jCpJh-II-An-JBXmzs_z2VdIXIoZBwiYloutw5VsBcS2db_ktvjckJCMS69SWkxz8lymU
date
Mon, 24 Jan 2022 18:47:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C18D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL0k9Fjf2yUy3HXhYT7lmh4&google_cver=1&google_push=AYg5qPITm0Jp_C9v4NoqCK0AuMCSJOoJgv9ZFhd4ylsSlSW6Gm3iQcotxbLHcFQuic8jbyNkKD5...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lUMUtWS0stNi1GVUow&google_push=AYg5qPITm0Jp_C9v4NoqCK0AuMCSJOoJgv9ZFhd4ylsSlSW6Gm3iQcotxbLHcFQuic8jbyNkKD5-IlK9wzrNx1EcDrOveiXOds4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lUMUtWS0stNi1GVUow&google_push=AYg5qPITm0Jp_C9v4NoqCK0AuMCSJOoJgv9ZFhd4ylsSlSW6Gm3iQcotxbLHcFQuic8jbyNkKD5-IlK9wzrNx1EcDrOveiXOds4
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lUMUtWS0stNi1GVUow&google_push=AYg5qPITm0Jp_C9v4NoqCK0AuMCSJOoJgv9ZFhd4ylsSlSW6Gm3iQcotxbLHcFQuic8jbyNkKD5-IlK9wzrNx1EcDrOveiXOds4
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
5e3ed5b16ff95387d0b9d1c5e78ff6a2
Expires
0
pixel
cm.g.doubleclick.net/ Frame C18D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-...
0
0
pixel
cm.g.doubleclick.net/ Frame C18D
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDysRdyc9a-eESzFU_Sze68&google_cver=1&google_push=AYg5qPJSxhTTb5bs0YiZLIOm...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJSxhTTb5bs0YiZLIOmJUZKFCahSHtIn5ejQKNk90SvNST5wjfmjuTW3qd1RGXy0wzr7M8q0beVgw4IdQ8u-bNWYyWrfOLZ&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJSxhTTb5bs0YiZLIOmJUZKFCahSHtIn5ejQKNk90SvNST5wjfmjuTW3qd1RGXy0wzr7M8q0beVgw4IdQ8u-bNWYyWrfOLZ&google_hm=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJSxhTTb5bs0YiZLIOmJUZKFCahSHtIn5ejQKNk90SvNST5wjfmjuTW3qd1RGXy0wzr7M8q0beVgw4IdQ8u-bNWYyWrfOLZ&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Sun, 23 Jan 2022 18:47:38 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C18D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J3Q1ziha5dKfrjYnVZy8N72uk0hagy9L-XhzVyLzvk6ePYZSk57aLKQeDDzsCX9xFUOBIwgw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=600&slotname=4818556260&adk=4118982070&adf=366370288&pi=t.ma~as.4818556260&w=300&psa=0&format=300x600&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050056919&bpp=3&bdt=1890&idt=422&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=2&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=1791259828&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1196&ady=432&biw=1600&bih=1200&isw=300&ish=600&ifk=2683811075&scr_x=0&scr_y=0&eid=31063751%2C44753740&oid=2&pvsid=4022265781398971&pem=146&tmod=1306111432&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3lm0hel3u1y4&fsb=1&dtd=761
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame 0A00 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQEIRb9mOaAxrtHJaYN2lLvNFC9BSpVOdi7DHJy_VRU4ilwa613EUu5OC7073hP7fLdG1WW2xX-iR00LNlLPiCVdd4RafIJtO5wSz_EjzaOh_LN3EEcAKBu3j3YEXuaenS6xfzFAW9AZojK-OUBmNq5_lRW7tG6lVg2_lDcCWVTkCNzhoOZL9CZDJU6O2Fr2YEpOgNlzYFPV-n8KhD0J6XpCvWNMg9-PXXnWzJDgPRkc2BwpCQY47xynvULFqnextkDfM11tEi9nrhC91eD_m00a40y9FbCxlMg0eQqOzaZfWI-uopcTa7__lDOFPt&sai=AMfl-YTeLW8TPcAkM_E37nvRxa92rjamKfsq1eLuKiq7Hxts84cujGf7YroOI6TujE50NNMPLUHXfehQN3dpBVYm0jwMt4bFTJtv-NfWzB5I6cFH08wuspLDOcS2DurPz_k&sig=Cg0ArKJSzBO305PQFNeKEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 24 Jan 2022 18:47:38 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0A00 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220119&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8953041492648340&plah=dailyvoice.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a86a432bad49d7b506b4887e3e636f3fa54f1c931bbba5934c12a0bb0eefd7e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8975
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C72F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7oMsy7kqCrJ83-lnMh7QeP68_9Aa6_KcZWUD4jdfEUci5sIBUdYJ0KfAzLuqybU6AK7gSORDnw8qaRjZjcM_EAiKfv0d-ht0HI24OkKlPnz9ltkL_&sig=Cg0ArKJSzFheQp5EWFM-EAE&id=lidar2&mcvt=1057&p=221,506,311,1234&mtos=1057,1057,1057,1057,1057&tos=1057,0,0,0,0&v=20220119&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=501843007&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643050054997&rpt=2770&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/csimpr/ Frame 0990 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=52612369&csi=3eHuPCeTxuz6wj6jrB8s5OXTxuw17kbl5PtqAqkqImEJDwKV3Zer3AnINvRKK083Z5D61oYuhKj2xvIWJpl6ON6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90009.redintelligence.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hal90009.redintelligence.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 137F 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=df89f83c-2d3a-438a-bc2f-ab75cafcba0c&expiration=1650826058
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:38 GMT
i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
pagead2.googlesyndication.com/bg/ Frame 796D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=600&slotname=4818556260&adk=4118982070&adf=366370288&pi=t.ma~as.4818556260&w=300&psa=0&format=300x600&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050056919&bpp=3&bdt=1890&idt=422&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=2&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=1791259828&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1196&ady=432&biw=1600&bih=1200&isw=300&ish=600&ifk=2683811075&scr_x=0&scr_y=0&eid=31063751%2C44753740&oid=2&pvsid=4022265781398971&pem=146&tmod=1306111432&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3lm0hel3u1y4&fsb=1&dtd=761
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 11:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
24903
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 11:52:35 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame D652
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=b4f01ebda7eb2be7223010ef...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
49 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 24 Jan 2022 18:47:38 GMT
Server
MT3 4133 baa842e master cdg-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 24 Jan 2022 18:47:37 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0A00 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BFFC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxaSvIERgukQzGWBrCufd0t2Oiy_YXS12wmjiIDLGyaVCTVt5IFGxOX44Mwo-PsXXoh_AIoCUY2OgxOuw9B-gfhvs5sRKZDJu92pLMcScJ397SSxyokxJw5f_P_fB6mvS1b01vgH7qyrcQpM5GvaEFe_ecKoe6-X4lTsQZhTRoIEzTSeaeWaJw1rygi-iv5ytj5uKupDM6h-zn0YDl6XLMhU6qVIY17Mjiu8mBTWINiKvDJ1EDieaJkNEpfQLy_id_dJRSYxHJvMo4Za476MXuhSit9megE-LHAobdLKKIOniS-OQFQFWopyY&sai=AMfl-YTTBGGk4NqApY1WzRcWSWEKjUaXiZYZT4FtH02OWVGOOIkpVbVk8HJPVg7hmKgAGurMTtXFu2XtVYzNCukFlbndqW5f0dzh5lS0DReBpBDqD6IVjIW7Xb6Gkm9JacE&sig=Cg0ArKJSzFlzKMoBvjgzEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 24 Jan 2022 18:47:38 GMT
10785504.js
s1.adform.net/Banners/Elements/Files/169192/10785504/ Frame 744F 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/10785504/10785504.js?ADFassetID=10785504&bv=514
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
89f76ae03f66a1bedfc47192fabc3edd22478b0ba026e644efb91fd9f15e8ac4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:38 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 14:52:02 GMT
server
nginx
etag
W/"61e6d412-1a7b"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 873F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 14:57:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13803
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Jan 2023 14:57:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 486D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 24 Jan 2022 13:26:12 GMT
expires
Tue, 25 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
19286
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 873F 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
149d49fa9c559a6b0def7e9892dc9f07d79ab8ee0a41537b79db13cb74406997

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 064F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 14:57:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13803
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Jan 2023 14:57:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 151B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 24 Jan 2022 13:26:12 GMT
expires
Tue, 25 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
19286
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 064F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64f9ef2d93334d89ffcde227c0d6028edb397752937f37f191f65141322f6a43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
300x250.html
s0.2mdn.net/sadbundle/5355067994831585280/ Frame 8B6A 		27 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5355067994831585280/300x250.html?e=69&leftOffset=0&topOffset=0&c=TasZz345rm&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f35461db2c17aa2f5e97ded737d1a4003d0ce7445777967353401ae081953b33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:39 GMT
expires
Tue, 24 Jan 2023 18:47:39 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 08 Dec 2021 14:50:36 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 873F 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBGsMOVWfzW1jutiVRdYMMpMxAxxKP7MZKFATecQ-nnonlQ-QAGuTJUVXPJUj3GVFhJaLeiJHR1gALzP7-Wj128f4D6a0VJWA4PH7I0VbzQ7wyIIAMnCVTfJADVTmfo_HRfSLBlf95IzRsAkL8vgZott-wvOwW8FMhsUvGIrx4T6IyfMDXryyYohF3kZYlVHc8fyI4LJbT96_B0uW2Ae_IvJbK3TaN_raJLg-X_Rvy1Ql3M6OZ6IhxKYDBOahlEBEuBksLYn0z49-g58ildpQkdtG0dOUXeUJkpMdMu6octGWGrUdjtiqaIIDaAW5WjMTIPkn_c1J8fLcvBmJfu-R103BmMfMhL2WXUJLuaZcpXV2XbxKhurvmDFBdPKeHTHv6bV-lquWtnWZ9PurOUivF5BhWwLUu9eD56SMpN-WDbvkvT15UbYL9FGowM8fbiMwHOSwvjFjO-60m-zyvkiFZyKMoJsI5trpodP4hk9kIo1GhDSI0ANwIQE-te3z-fR2sQgET926aVhjSU4DAJGFvvdJsIJ2VkGxJ8f5ku5kOfiERqCnOXCuFtQHsKaWfx96Zp1P77k0ev30aRNYa9RgpW6vMOH3HV2V4OmhLMmCUZ1oidK5Nte-MdblsuiN1UvxsGudcWsZtlZzYyLfCGCNadyV8DFI2pnRethkJHCiS-EDSEqQmQ6_XMExlX5HdylATp6W8QQ4vicb3ZZcehITZ9QDtjQhYyyyHDCa5XEMZZqNx8-STLk-a6KOh-vHYL-TGy8yTZ1ZkM0tlSpXCjvxyMI-Azxr7wFEbJCU3o-63SCoBuil7NCQYVipJQRfBaOjtTsjv1FDiqi-MIFSO3FQh_vHDMgqBT_GpusuPqbREL6aueiww0kgm14g-3xmA6y6kSDgASREnTlUxw9ieuJGFIXGDuf-OwHDEvWPYcZIhPDpRTL2aV4ZC341dvXl27ej-QWqEPn4zL2GA3cJY_1B2MWKWQh6h2yltVlirxn9d24DoWEkk_sUGRBtUlhcydE23_cCpSgA4T1T0UMGSfl1fUnkQoilZF54bVW9Ab31OF-a-HFWcDwHmQBphJclXDOgbRVgVuXubi29KxmiCUZZoShOb_q18es-yePiQSbw5WdabybkbdmDLnY132zmotqTnY9YbXhiN0e3kx7cK3wo61YFXrDkMDr_Mo2ofAJqKuHJnmy2pHUancyrrFJBQ3oj54NzlwTw7AKuPXDtlxsDM_E7LNea1xpz-MhZe&sai=AMfl-YQG36eSuNV6lQg1TGRR87NrJTWZN4J_TtOUljuHpboy-pM3X_UAq2X4cVaVYf69-VieoZ9psJIdNLcfJukDNMssjQEO3Ha3CL95l9e4di4-aNXy1si51jaeSEgD17g4NQh7TXB7ueOoAd-10jjBZS3ZrczQig&sig=Cg0ArKJSzHruuC0A3l0kEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=238&cbvp=1&cstd=233&cisv=r20220119.47435&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 24 Jan 2022 18:47:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
728x90.html
s0.2mdn.net/sadbundle/12685700891219591168/ Frame 4B5E 		27 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12685700891219591168/728x90.html?e=69&leftOffset=0&topOffset=0&c=4ve390OZcJ&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2830ac99b8ad892b0a427e65db7776edcf563f89af516a3c9a9dd2d613fe4f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:39 GMT
expires
Tue, 24 Jan 2023 18:47:39 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 08 Dec 2021 14:50:35 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 064F 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOJUXJrYhrRSVMkZLihwojyuf79NsReuC-nvom6lMuQEnosZIjJggdjyo97y5oA4DdIye-me2D_A9kAzJtP9qR9di1yVf6AU8MukMVQGbOWzPvOSNezHdq7hEGgSZeqTh3QIVKwhMF8WBl6ElXsF0xYc--FS_hnT-EgzlVAU3GdAnulDavfZ-S1nCBfSQZunao4Mhu8S5iB11hA4RQK6HwI0XcQQdszfrwwzDW3XLN849dZqrRKLJtqk8egGWB7Twu8J_tHfge6kgf0zaDqT1BCHWt_EBmQnGuPTzno15MO81cVZMforidZgbDOKfUT26XDhQlAf1Ecah-Tj5fynTOasylicA5aycTw1fUtFtNU8jl465BcKC7v4Nmo_6CnBwHc71Lpg0O8qUnF45vxpTv31N65sMIsYkuV09IHwIiEFJC4SlgHZy0HezRasEeEOxzErhYrWWXoF5ILgfvop3Eo_BdMnQTD4vaZLrlyftPTEiQAJ2y3MZD3Mv8cn0UmNKSvRi0yuUhqJrld6x93T1EYjDBm1kVdHlmrYjazbeNy3DcsJw7gaWrcS6qjQIJvLGd8ETQKeG7Z6iEgTGJVbXi8MYUtVEF78-c0e3lh1MAkiIPIWmnKLIF3UlL1DGG_tOB8JbyQCa6H-T6JYqaQg5r8ewDeFgcezMXU6u7722UFD6BG1Z2XFtMyVfJSRsYVP8IizD5WcNVoOY4XROatsxEQYoQXHTQPd4L6Vc6Y68e4kyYT2IN0HSBJckKx1ami_wOqSdv_Pg5hiBS3kSGk_xSJt6zRhK0ViCKjGOjmB1_RQh8ZUfVXeIYA2s8v6jysacHNMw6YJminmfDOiLWtZexgHO8LEmq22L2bu0Re9_aOPRYLtqOIrDoSCpkyvKgQk-WlUsxb_6mP0Z085v5uTES36dXRIerGST_7UWY9BTf3M8iXA5-fyXPKrsMKlnjbXJ3S1802zZd-xbKJty7BUVB1VBuzdKXMiOn_XswRBGcjxnihIOAaU_GEolgtOsJTb-xcpUsrmEMwrzdGNsFBznHp84MBsp1_WNib2V4VfK9I17cy2r3K_pql42qjLy1Jef9-9RNaHkiTii9SbVLjy1vp-x1WR1lZmAt04laAuFHMy_l4aLiIKkdEBpgFWsj3c2NCVAKMRdKkSqXmFM3WeSQRsyaOzpDcmmfHTkOjRgpZ6azSptHzyR2jf_EMkCvOK-FbTotdgk0fPQKjtBfIFj4kbgW96OEnuXR&sai=AMfl-YTmA6KdphkhRaJip1rq5OP23JYR6cem2huTbUH9NftE3zE7rsnPDE32ApZvOv0Vziw2SsVx5ordSoC6JUPPmQCq9pVx4VWrcbGwTli1qctBjKSukvNR0KzAOPG17vg9uR8TFLLY0o4foeR78wXGA6s20-QnQw&sig=Cg0ArKJSzHmglayvnbRgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=229&cbvp=1&cstd=226&cisv=r20220119.83849&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 24 Jan 2022 18:47:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame 24FC 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 23 Jan 2022 22:48:42 GMT
expires
Mon, 23 Jan 2023 22:48:42 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
71937
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 20A3 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Jan 2022 18:47:39 GMT
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 744F 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 12:35:29 GMT
server
nginx
etag
W/"609e6e91-76d9"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
logo1_linie.png
s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/ Frame 744F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/logo1_linie.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9a27a91735c20cede858792e56fd102b737121e9bcf3f8828a474bd29b04a4b3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
last-modified
Tue, 18 Jan 2022 14:52:02 GMT
server
nginx
etag
"61e6d412-b0d"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
2829
logo1.png
s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/ Frame 744F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/logo1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8a728b85fa0266dd77fa39b1d54e70ddbf8df97af43a9526cd642e728293a0bf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
last-modified
Tue, 18 Jan 2022 14:52:02 GMT
server
nginx
etag
"61e6d412-1bd1"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
7121
bg.jpg
s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/ Frame 744F 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/bg.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
61fa877a2eb08848fc18f3934188a0d1d25dfd4fe1ce4465566a40d0a761c391
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
last-modified
Tue, 18 Jan 2022 14:52:02 GMT
server
nginx
etag
"61e6d412-e068"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
57448
seite.png
s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/ Frame 744F 		146 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/seite.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3b1ed2523bbc2f9a6104ebfa1bc52bb036b8c29c4eba0bfc773bbfd374a07204
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
last-modified
Tue, 18 Jan 2022 14:52:02 GMT
server
nginx
etag
"61e6d412-92"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
146
motiv.png
s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/ Frame 744F 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/motiv.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
88e1c87aa59866b55eba6998e6c504a290c416d513789b4fe1ec41b0309759c4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
last-modified
Tue, 18 Jan 2022 14:52:02 GMT
server
nginx
etag
"61e6d412-fcdc"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
64732
txt1.png
s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/ Frame 744F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/txt1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4299de902361fbe5021214a37e3478ca3a87d41429ba86dae64a0611be10bb0a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
last-modified
Tue, 18 Jan 2022 14:52:02 GMT
server
nginx
etag
"61e6d412-7a3"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
1955
sto.png
s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/ Frame 744F 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/sto.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6c8f9e5018186e979457e0284b0a52c7a3840f8516c653946aa0c532a217ea8d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
last-modified
Tue, 18 Jan 2022 14:52:02 GMT
server
nginx
etag
"61e6d412-1566"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
5478
legal.png
s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/ Frame 744F 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/legal.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
783e94e9ca1a677ce7676bd1f5fd232450198ed478fd8cf61cc5e22808268d5b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
last-modified
Tue, 18 Jan 2022 14:52:02 GMT
server
nginx
etag
"61e6d412-ecb"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
3787
logo2.png
s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/ Frame 744F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/logo2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a349c41ab949b2ec3028f59bf28f4ff0098d99546bfe2941fc28e2992a87c279
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
last-modified
Tue, 18 Jan 2022 14:52:02 GMT
server
nginx
etag
"61e6d412-421"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
1057
cta.png
s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/ Frame 744F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/10785504/bvpath_514/images/cta.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06ef2a107f1ac93112d43685d67961d9cc311d0144d64c99caa67d7b58394d3b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
last-modified
Tue, 18 Jan 2022 14:52:02 GMT
server
nginx
etag
"61e6d412-bae"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
2990
w_480_00003.ts
video.primis.tech/uploads/cn19/video/users/hls/27808/video_5e6e03dfb5313399300332/vid61eb77a94190a236910800.mp4/ 		315 KB
316 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn19/video/users/hls/27808/video_5e6e03dfb5313399300332/vid61eb77a94190a236910800.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
9077945f299e3c85700a9cf2ca08c49af69875115a81be6486692c523dd96ace

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
322420
last-modified
Sat, 22 Jan 2022 03:27:53 GMT
server
Tengine
etag
"4357f6e785e9f454fc0f0f56733e544a"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
Y1ZqJriqWR-9kxUBN-vuMZAjGD2ioKpxtfGscfWgokLQHfQbhX2xEA==
expires
Mon, 07 Feb 2022 18:47:39 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D9A0 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 24 Jan 2022 19:08:15 GMT
integrator.js
adservice.google.com/adsid/ Frame 20A3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A73C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 14:57:35 GMT
expires
Tue, 24 Jan 2023 14:57:35 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
13804
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5DB0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 14:57:35 GMT
expires
Tue, 24 Jan 2023 14:57:35 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
13804
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pd
u.openx.net/w/1.0/ Frame 0D9C 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
date
Mon, 24 Jan 2022 18:47:39 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EA8B 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=53789
expires
Tue, 25 Jan 2022 09:44:08 GMT
date
Mon, 24 Jan 2022 18:47:39 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame B9E6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 24 Jan 2022 18:47:39 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5F92 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=53789
expires
Tue, 25 Jan 2022 09:44:08 GMT
date
Mon, 24 Jan 2022 18:47:39 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4993 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jan 2022 18:47:39 GMT
Connection
keep-alive
Vary
Accept-Encoding
user-registering
ads.stickyadstv.com/ Frame 20A3
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=eff99a1de6427afe5dcea78756b7ff9&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=e5f57_7056846256211501085
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZWZmOTlhMWRlNjQyN2FmZTVkY2VhNzg3NTZiN2ZmOQ==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEAXMWghxRM_s3R1ek1xzYN8&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=45b3f819-9c1d-422e-b008-efa913aeeeb1
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/eff99a1de6427afe5dcea78756b7ff9?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-xW.pcK9E2oO1f7WmU3cntx3PQBgvF8hSEBOG4CeY~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=8766712360259569763
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=d94061ee-f447-4000-9c05-557f1997fead&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=IlPSOnrm1Nc4np5&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_co...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Ye70SAABBy83WABH&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6472559499329098849
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAJKL07D3ekAAEDLX71mMQ&gdpr=0
0
0
m7y5t93k
sync-tm.everesttech.net/upi/pid/ Frame 20A3 		85 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1643050059.211598,VS0,VE89
x-served-by
cache-hhn4076-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
sync
ups.analytics.yahoo.com/ups/57304/ Frame 20A3
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP1ad0b175-7d46-11ec-87f3-021df0b59d2a
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAxYWQwYjE3NS03ZDQ2LTExZWMtODdmMy0wMjFkZjBiNTlkMmE%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEN51s6Ia2YoPwUks-4NFIaU&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEN51s6Ia2YoPwUks-4NFIaU&google_cver=1&apid=UP1ad0b175-7d46-11ec-87f3-021df0b59d2a
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEN51s6Ia2YoPwUks-4NFIaU&google_cver=1&apid=UP1ad0b175-7d46-11ec-87f3-021df0b59d2a
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEN51s6Ia2YoPwUks-4NFIaU&google_cver=1&apid=UP1ad0b175-7d46-11ec-87f3-021df0b59d2a
date
Mon, 24 Jan 2022 18:47:39 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/ Frame 20A3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=45b3f819-9c1d-422e-b008-efa913aeeeb1&_origin=1&gdpr=1&gdpr_consent=
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=45b3f819-9c1d-422e-b008-efa913aeeeb1&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=45b3f819-9c1d-422e-b008-efa913aeeeb1&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
img
ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/ Frame D652
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=9c91750d26645f40ff5cb155db81f75d8d13f41363ee2a28746a420310362e7a&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F965...
  • https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/img?uid=9c91750d26645f40ff5cb155db81f75d8d13f41363ee2a28746a420310362e7a&tpid=38&gdpr=0&tpuid=CAESEDLy4DIdeT5BYEfKU1lO5ZE...
49 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/img?uid=9c91750d26645f40ff5cb155db81f75d8d13f41363ee2a28746a420310362e7a&tpid=38&gdpr=0&tpuid=CAESEDLy4DIdeT5BYEfKU1lO5ZE&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/img?uid=9c91750d26645f40ff5cb155db81f75d8d13f41363ee2a28746a420310362e7a&tpid=38&gdpr=0&tpuid=CAESEDLy4DIdeT5BYEfKU1lO5ZE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 8B6A 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5355067994831585280/300x250.html?e=69&leftOffset=0&topOffset=0&c=TasZz345rm&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5355067994831585280/300x250.html?e=69&leftOffset=0&topOffset=0&c=TasZz345rm&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 12:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jan 2022 12:03:55 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8B6A 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5355067994831585280/300x250.html?e=69&leftOffset=0&topOffset=0&c=TasZz345rm&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5355067994831585280/300x250.html?e=69&leftOffset=0&topOffset=0&c=TasZz345rm&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Jan 2022 18:47:41 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 4B5E 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12685700891219591168/728x90.html?e=69&leftOffset=0&topOffset=0&c=4ve390OZcJ&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12685700891219591168/728x90.html?e=69&leftOffset=0&topOffset=0&c=4ve390OZcJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 12:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jan 2022 12:03:55 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4B5E 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12685700891219591168/728x90.html?e=69&leftOffset=0&topOffset=0&c=4ve390OZcJ&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12685700891219591168/728x90.html?e=69&leftOffset=0&topOffset=0&c=4ve390OZcJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Jan 2022 18:47:41 GMT
pixel
cm.g.doubleclick.net/ Frame 486D
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENpqldn23BUmNCsjXLl1WSo&google_cver=1&google_push=AYg5qPJvCzsPGdoxJQsSEGDIgEkglvALxWNm1EB9lY4tM9wbs4yDGNh-rd...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJvCzsPGdoxJQsSEGDIgEkglvALxWNm1EB9lY4tM9wbs4yDGNh-rdwWPIgOWgRLQE4XrnEiuHbO6FpnUn8tL0x9pRY7HzAH&google_hm=HbQAUT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJvCzsPGdoxJQsSEGDIgEkglvALxWNm1EB9lY4tM9wbs4yDGNh-rdwWPIgOWgRLQE4XrnEiuHbO6FpnUn8tL0x9pRY7HzAH&google_hm=HbQAUTp5cMURnEY84Rsr8w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJvCzsPGdoxJQsSEGDIgEkglvALxWNm1EB9lY4tM9wbs4yDGNh-rdwWPIgOWgRLQE4XrnEiuHbO6FpnUn8tL0x9pRY7HzAH&google_hm=HbQAUTp5cMURnEY84Rsr8w
pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 486D
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKEOt_QBg33GuRVQ5MTPeJP9vB7PmS3NfKoirJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWU3MFNBQUJCeTgzV0FCSA&google_push=AYg5qPKEOt_QBg33GuRVQ5MTPeJP9vB7PmS3NfKoirJwQ19LPtjEn7KfhgSIXGCpIXT5co4vas2vVaFTxAkNTiExpwsrXxmy4EQz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWU3MFNBQUJCeTgzV0FCSA&google_push=AYg5qPKEOt_QBg33GuRVQ5MTPeJP9vB7PmS3NfKoirJwQ19LPtjEn7KfhgSIXGCpIXT5co4vas2vVaFTxAkNTiExpwsrXxmy4EQz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWU3MFNBQUJCeTgzV0FCSA&google_push=AYg5qPKEOt_QBg33GuRVQ5MTPeJP9vB7PmS3NfKoirJwQ19LPtjEn7KfhgSIXGCpIXT5co4vas2vVaFTxAkNTiExpwsrXxmy4EQz
Date
Mon, 24 Jan 2022 18:47:39 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 486D
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJF5jNWTYz8rPp13FyhOMYTuHV5yp-JDUJCqGtSAnt3zUSmxvBoVvz_2WJcCYdnP0ZZ33vu2t8V4nc3Z_Sifq7KpAh_WI6_&google_gid=CAESEPv-m_5P_zP_m3eb5GGK2M8&goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTUtSS0lUeEQ2VzJKbHh4RlpDS2JXYXhuV21YLVpVSEhjUTJBSE9CTlBTdw==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTUtSS0lUeEQ2VzJKbHh4RlpDS2JXYXhuV21YLVpVSEhjUTJBSE9CTlBTdw==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 24 Jan 2022 18:47:39 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTUtSS0lUeEQ2VzJKbHh4RlpDS2JXYXhuV21YLVpVSEhjUTJBSE9CTlBTdw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
dds
rtb.openx.net/sync/ Frame 486D 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEPFWEL0oAS21aon6lx0I0eA&google_cver=1&google_push=AYg5qPJAdwxAtYPzzKcABURKSSoSZp5fLnGUCP8ARpDcy3Rl_Pp4gYy38BQSc-lKJaoJLrnk5_-W8mMk-JkH5sB2Z9T78l7imPU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
sdlrc4rac605i1g8ss9s6c72v9jcvomk
pixel
cm.g.doubleclick.net/ Frame 486D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CuHSlCsuQX-gEhUKMQxQ5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CuHSlCsuQX-gEhUKMQxQ5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPICZQIr1ys8uSv8B26feWWoCqSfiMcap1Fo1RbtKuOlRU1O7oW7NgUqWBj_6I5SvUz_jYstGuhmd8Z0j703p13u7CqlPUIy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CuHSlCsuQX-gEhUKMQxQ5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPICZQIr1ys8uSv8B26feWWoCqSfiMcap1Fo1RbtKuOlRU1O7oW7NgUqWBj_6I5SvUz_jYstGuhmd8Z0j703p13u7CqlPUIy
date
Mon, 24 Jan 2022 18:47:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 486D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL0k9Fjf2yUy3HXhYT7lmh4&google_cver=1&google_push=AYg5qPJBsiJfKQZybXSwI2pwHQ50epUWWHzoQ6qmMM206jfHYZcqMawtwq3F61dKAYQjH-Ym2CE...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lUMUtWS0stNi1GVUow&google_push=AYg5qPJBsiJfKQZybXSwI2pwHQ50epUWWHzoQ6qmMM206jfHYZcqMawtwq3F61dKAYQjH-Ym2CEXcZz9L5ssR2EzJiHyetwRqcc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lUMUtWS0stNi1GVUow&google_push=AYg5qPJBsiJfKQZybXSwI2pwHQ50epUWWHzoQ6qmMM206jfHYZcqMawtwq3F61dKAYQjH-Ym2CEXcZz9L5ssR2EzJiHyetwRqcc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lUMUtWS0stNi1GVUow&google_push=AYg5qPJBsiJfKQZybXSwI2pwHQ50epUWWHzoQ6qmMM206jfHYZcqMawtwq3F61dKAYQjH-Ym2CEXcZz9L5ssR2EzJiHyetwRqcc
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
5e3ed5b16ff95387d0b9d1c5e78ff6a2
Expires
0
pixel
cm.g.doubleclick.net/ Frame 486D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgT...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 486D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L5h_MQioBH2nXCwURQqX22lO3yiZnukmsX4bil8y0aKiBHrovvNybrnoMXcqR6tEwMfh5s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 151B
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENpqldn23BUmNCsjXLl1WSo&google_cver=1&google_push=AYg5qPKrXqAM3QZb8piilLe3qUoOLaNm9foMtaioDfF1XV8OgbikgOij49...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKrXqAM3QZb8piilLe3qUoOLaNm9foMtaioDfF1XV8OgbikgOij49RQgCmrTekMXrcgxlA7akkeEXQ8IpkcwWApaWewPnQy&google_hm=HbQAUT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKrXqAM3QZb8piilLe3qUoOLaNm9foMtaioDfF1XV8OgbikgOij49RQgCmrTekMXrcgxlA7akkeEXQ8IpkcwWApaWewPnQy&google_hm=HbQAUTp5cMURnEY84Rsr8w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKrXqAM3QZb8piilLe3qUoOLaNm9foMtaioDfF1XV8OgbikgOij49RQgCmrTekMXrcgxlA7akkeEXQ8IpkcwWApaWewPnQy&google_hm=HbQAUTp5cMURnEY84Rsr8w
pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 151B 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEDwoa0A6VG_GZaipzytENmU&google_push=AYg5qPJo5ZzMZXqApsmkjjAN28QR0NOApFDnaqGaKt6lRoKjv0rKUtBqaSBOMjQj3CyqGy-GXRKqCmWrD6csk732rFzVwhCju5RR&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 151B 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEPFWEL0oAS21aon6lx0I0eA&google_cver=1&google_push=AYg5qPI6gk-VWQUkcYUbQDWDww2GQ9zi7F1scQzRYlUg0u7JortND9KcvxyFMUnUIdPBjAC0r5MN1jiGbPF4IywiS0tUmXOIAhbq
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
hqsepg5kagr7tf22ijqbn5u368ubfdmi
pixel
cm.g.doubleclick.net/ Frame 151B
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CuHSlCsuQX-gEhUKMQxQ5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CuHSlCsuQX-gEhUKMQxQ5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ1ZREqdjJy8o2RtZNBQOQ4LRUsbRMfmUGl7whiCFMmZ5vaOAOgvaO-w9Egij-sZI6lehltfJSvALNBB8n83yKzsA6z26gT
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CuHSlCsuQX-gEhUKMQxQ5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ1ZREqdjJy8o2RtZNBQOQ4LRUsbRMfmUGl7whiCFMmZ5vaOAOgvaO-w9Egij-sZI6lehltfJSvALNBB8n83yKzsA6z26gT
date
Mon, 24 Jan 2022 18:47:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 151B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL0k9Fjf2yUy3HXhYT7lmh4&google_cver=1&google_push=AYg5qPJgCzTTsCMRntZGF48h5KrphtbRecKLtKadcljTdCqB_byHzR3VVZQD4-vigXz6B0DBQSt...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lUMUtWS0stNi1GVUow&google_push=AYg5qPJgCzTTsCMRntZGF48h5KrphtbRecKLtKadcljTdCqB_byHzR3VVZQD4-vigXz6B0DBQSt7WHUkLT8NOO_IUIFvEkCTnI4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lUMUtWS0stNi1GVUow&google_push=AYg5qPJgCzTTsCMRntZGF48h5KrphtbRecKLtKadcljTdCqB_byHzR3VVZQD4-vigXz6B0DBQSt7WHUkLT8NOO_IUIFvEkCTnI4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lUMUtWS0stNi1GVUow&google_push=AYg5qPJgCzTTsCMRntZGF48h5KrphtbRecKLtKadcljTdCqB_byHzR3VVZQD4-vigXz6B0DBQSt7WHUkLT8NOO_IUIFvEkCTnI4
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
5e3ed5b16ff95387d0b9d1c5e78ff6a2
Expires
0
pixel
cm.g.doubleclick.net/ Frame 151B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID...
0
0
pixel
cm.g.doubleclick.net/ Frame 151B
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDysRdyc9a-eESzFU_Sze68&google_cver=1&google_push=AYg5qPIPMDt3kURMyEr__6M1...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIPMDt3kURMyEr__6M1B_k4aFEnnM5xqB7RnbPUVNct76RxHvDL0uIBC8XWG_gQhXsqfZ6SEBYlZpv_cGm_aL20qTax02dkQw&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIPMDt3kURMyEr__6M1B_k4aFEnnM5xqB7RnbPUVNct76RxHvDL0uIBC8XWG_gQhXsqfZ6SEBYlZpv_cGm_aL20qTax02dkQw&google_hm=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIPMDt3kURMyEr__6M1B_k4aFEnnM5xqB7RnbPUVNct76RxHvDL0uIBC8XWG_gQhXsqfZ6SEBYlZpv_cGm_aL20qTax02dkQw&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Sun, 23 Jan 2022 18:47:39 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 151B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kt8iGlMTUnoyHgwj8TtVzBBFpiMihWoHoSGl2GtMwdseH-6TlESotYi_hk5M_yXDq1wzvvVQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
usync.js
eus.rubiconproject.com/ Frame 4993 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f46cc92a45e5d2f9007c9aff6ea24d395c901a5878f441733bb5d08682f4765a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17646
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Mon, 24 Jan 2022 23:41:45 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 9B41 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8b18eec0228b4cd0118e2fd1b53b3d69b1aba4c5e11fcf5643d67ab9e263e049

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
130|65|111|64|123|13|47|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 24 Jan 2022 18:47:39 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:39 GMT
Content-Length
1483
Connection
keep-alive
img
ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/ Frame D652
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F965e2bc6793644c0ab38cff055c0b6b8%2F1643050057122%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/img?tpid=75&tpuid=8766712360259569763&gdpr=0
49 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/img?tpid=75&tpuid=8766712360259569763&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:39 GMT
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 884.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c03abb12-7e50-40f3-96d6-196e1c58300b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/img?tpid=75&tpuid=8766712360259569763&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
pagead2.googlesyndication.com/bg/ Frame A73C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 11:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
24904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 11:52:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8B6A 		6 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6857c0a267718a1c41dd8fc036b1b68b043c6efea94aa121cddf8b0f4215e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4884
x-xss-protection
0
i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
pagead2.googlesyndication.com/bg/ Frame 5DB0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 11:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
24904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 11:52:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4B5E 		6 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45746e9938150a5df1ca2555baabde94a50a05e86f911903923ebbda06d0328d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4845
x-xss-protection
0
ie
match.prod.bidr.io/cookie-sync/ Frame 9B41 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.13.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:39 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 9B41
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643136459&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643136459&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:39 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643136459&gdpr=1
pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
match
c1.adform.net/serving/cookie/ Frame 9B41 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 9B41
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1645642059
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1645642059
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:39 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:38 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1645642059
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
rum
dsum-sec.casalemedia.com/ Frame 9B41
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ZnU68Y-aTbh5Rnxlfbp241QTr7g
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ZnU68Y-aTbh5Rnxlfbp241QTr7g
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:39 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ZnU68Y-aTbh5Rnxlfbp241QTr7g
Date
Mon, 24 Jan 2022 18:47:39 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
indexexchange
sync.adotmob.com/cookie/ Frame 9B41 		0
0
crum
dsum-sec.casalemedia.com/ Frame 9B41
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=IlPSOnrm1Nc4np5&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=IlPSOnrm1Nc4np5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:39 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:39 GMT
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-007d40ea11cf721ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=IlPSOnrm1Nc4np5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge
cm.adgrx.com/ Frame 9B41 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:39 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-6
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 9B41 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Ye70RiWLROK0s22WR3QvzgAA%261108
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://dailyvoice.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-254-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:39 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1629
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 24 Jan 2022 19:14:48 GMT
w_480_00004.ts
video.primis.tech/uploads/cn19/video/users/hls/27808/video_5e6e03dfb5313399300332/vid61eb77a94190a236910800.mp4/ 		353 KB
354 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn19/video/users/hls/27808/video_5e6e03dfb5313399300332/vid61eb77a94190a236910800.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
36d86cf56116d71d7ffa922793f0dfaf527e1d20fe6bb678f9cd8503267a504e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
via
1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
361524
last-modified
Sat, 22 Jan 2022 03:27:53 GMT
server
Tengine
etag
"69201643de253ad9a68be2b6051061d1"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
f69_cS8lE6L1jjeoVIe6SZtHRLkSC1Q8CLBldcPCKPTylDZ460RZ6w==
expires
Mon, 07 Feb 2022 18:47:39 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 24FC 		156 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F15184186%2Ffreestar_primis_adx_video_preroll_desktop&description_url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&env=vp&correlator=2689092277855688&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&cust_params=prmsig%3Dspeczp&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=928884576&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=C2BBBEFA-29F2-4D2E-B41B-E6A59EB176E7&nel=1&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&dt=1643050059595&cookie=ID%3D67a016e634d44819%3AT%3D1643050054%3AS%3DALNI_MYUjAFxaJ7tcRc-VAG1C7JvZZ_IGw&scor=246050509188261&ged=ve4_td5_tt1_pd5_la5000_er758.-1810.911.-1510_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/ Frame D652
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=da361e87b62ec71d2a5ef969006a32dca58cd40318dc985c7a2810115e606e14&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F965e2bc6793644...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=da361e87b62ec71d2a5ef969006a32dca58cd40318dc985c7a2810115e606e14&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F965e2bc6793644...
  • https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/js?tpid=48&tpuid=5237b11baa219adb71f4761b09da6af6
44 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/js?tpid=48&tpuid=5237b11baa219adb71f4761b09da6af6
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5b48009d1a7e2cd9f9ef91db264448702f403bea4881f09e78fd99a8b1e55247

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Mon, 24 Jan 2022 18:47:39 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/965e2bc6793644c0ab38cff055c0b6b8/1643050057122/0/js?tpid=48&tpuid=5237b11baa219adb71f4761b09da6af6
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
w_480_00005.ts
video.primis.tech/uploads/cn19/video/users/hls/27808/video_5e6e03dfb5313399300332/vid61eb77a94190a236910800.mp4/ 		381 KB
382 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn19/video/users/hls/27808/video_5e6e03dfb5313399300332/vid61eb77a94190a236910800.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
e07f63e1e0f319988b42292430dc5183adf8e3d9ed17b2ec8a32b2d564d9ab31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
via
1.1 7397dc13d196e27b3019bfb89d105ec4.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
content-length
390100
last-modified
Sat, 22 Jan 2022 03:27:53 GMT
server
Tengine
etag
"5fbc365dea3b831ae40911dfd814e514"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
e_wMZlySiXxb_q5iGFv_8-ID5rVtE5CdkeEHIlFnx6a2v0zM_A4tLQ==
expires
Mon, 07 Feb 2022 18:47:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A73C 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7rrlSvTuYcGUI7bX7_UPnZOKcAAAAAA4AeAEAg&bg=!6-il6KzNAAZ_DxPPfw87ACkAdvg8WhSD2AAr-G_BYM2Tb2reqrGR1yP3x_X3DE1_NLMGtCsxzJx1UQIAAADaUgAAAAJoAQcKAD4-Iqccp7ggzAugy8DINTaCNGopkIMfIDCusjvXJgU5CGbKZqjfIdpGbTAwzCiiH6cnLnoMmpDg_cxPyFavbpkC_T_guResd3I60ul_eFSRilU2H_3Ue5F2DSdMuddnmfvJxWpzBd7mMh05XQNJYeSY-i5NJ6MkQTyMRYgkBWPBSBLn4wFXjC-2cbCm7T7_Er7cYkQzRFyrrPOzUYaD9TpWljQdsvcx5m79V4UwM9VFsr9pkr3IJZzFxOcxm4OM5qQTh5qG8JQo-qf1Q82maz5ogvEePzx8zEobrpJhAfHPmflkMrYrsr5nXzdirar1ff59Z4NGgHx3rgnZoXIs8MpDBQFKDCfOqqSAFwRaDbUpUh9xAEoybCGtv2KBtfzZKa9AeA0Vl6FJqpjpj8pMkUUpWMXkgkBrgWgLbMti29wJdKAIhhnqLlpwVRxJu4NIiQo3eoNO1OYNZTId50JRi-SUGeaLCTU15AcyzoMwjbCpJEdDvlRIk5KdbdKjewiBpQ5cNXdXdVSXsce7DhC-enZTkMT_Rp7ir_iVGRLeVYdTGOUw1iH6UoPwXRtSJBUFjCxSMOYErP24Tku5f_OYYbxzgY72zsplm2hq6qKBrdnqJRQzY4SrT_NU-lEqyd-emjCKWiFQkEFIZb5CmZjVTZMWEg6QVvh3Esgz2YitF0waBpTx6eszGAAhiXJX-TEeXmSn62qzcB-qxXmr1ijzscoBWYOqvvmUZCQBZTCwII870UFmboWV813ZgMnhkt3AJkN4liI2Ec-NjeaAbtWhjegjCQ8BzLgYFaJJ3kARSwnuKyYx9KgLR7gcJWPhOo59y37KEJzqjPGNNOQ9ywLgttJKLIEo6gA13eA3eh6neUYqJXFVNR5KHAOCYKedpIY3-SXac4nwoibxGc6iQuK7_Zk-pDUItpRjPOc4vBXUvqFQQh2KZggkoBuA_j_8gBKWecfzIU8-pKtiXnfRJUEr63E7CmxJ-PI0BlFZjf2HKszxOT3dpT43vHeUGLju3CjNzRU4vJHKh1_3ZTqJqWpLhyo8FJRyOiYtJxvRFR-QHQash0rbVjh_Syq_F1CZ1HdWJJXNtya4I0XBGrQcj042mA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=250&slotname=5109603838&adk=3838649947&adf=3416507686&pi=t.ma~as.5109603838&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057064&bpp=3&bdt=2063&idt=551&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=993130433&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1346&biw=1600&bih=1200&isw=300&ish=250&ifk=1060825709&scr_x=0&scr_y=0&eid=31063752%2C44753740%2C31064125&oid=2&pvsid=3142645142452341&pem=146&tmod=135528127&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xdee5uicclme&btvi=1&fsb=1&dtd=771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 07A9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLrsk48LaEvN331-if7vU82-yTw0lETUniwL4lrRop1ke-Gdv-yo20MekKDlKHmNg2l1TPAXJCd_bJELOtVrLwM9KSp4UkvKcGAYB-2wzBazgM-ZoBQQ&sai=AMfl-YRVB1CE7ObtCttekHMM8kPm5QraXHvTPJqf4srY_cMbUTEmaHmN6osm3auNaDFfF0rF6iC-j1y67zpNm3VS_vH4NenTvVpEqhAvdRkH0wlUE1J3YJIdDGV4bw4&sig=Cg0ArKJSzPYe57vghVbJEAE&cid=CAASF-Rogr-dvY3fIoiUQ_EwjAahL0h63hQ2&id=lidar2&mcvt=1003&p=0,0,600,300&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220119&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4118982070&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643050057682&rpt=994&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5DB0 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BImakSvTuYe3aI6Ll7_UPot8LAAAAADgB4AQC&bg=!b2ylbCjNAAZ_DxPPfw87ACkAdvg8WnsuMyiv2RoSz-N4znfUiFKhx-rzcHooZwh3cESgShYGEiU1wgIAAACcUgAAAAJoAQeZAxN0uvoFrbMKbRk8mxkjW8xhnlt5bZbRcRxsr5ze4uqEc-ZJjuyO2CYbF363p2b72w0_1Mws9RG-IYGF0IVu7Wspo5sGd-HG-txJbGDQUS00ZMTBAbHT57nb6ytrpSctBuhVp4cHts7ioD7RBqgJISw58BqHWSuGMnZPdGhy9hCy2ngbzUsQm7ZnYEhQzEyND18sk0hbNxMPOuWW0JLNVpgPT7V4wLvershPuqWFArwp-OwXieUgS-qKp1HIdfDq5jEPM2o_KO8BGiuWZTLQBp8nhQ__zAJ1T1LM732NjAqs2QNr28MotY1zdNkgs62cHFzwN04wReUJsbkeZAr3oHyghty2aEv7vkKxHCNhTs_pChI3DNK2c4PbwGdalMTg7ND-4Tvbwii6KTAonreM5ptoTCOt1_FWc8-fZBguOl3B0mau2QhewwU1w6fR6L1f0FqO0zGOb99YAdmfCqxo5CkYT_9MHMFmyUQOo2xzspPDG5NaXueFz99LrEdbu2RPefROaefpmzcdqGZjY4cbkA7BlceAeSqa7pA5wpag8HNFG0ov3zCGn0mFoKYfVsp4IptNjORLKbGLTjF2NrnWxdapeI-ut8lYkX1DXFpJWsFtotPiZogmakJJe3YFBD2Tu_lPh3uQs9t_Bot8lCA0eYy7aEfMZzLeOXuFnk8rNWG2ipWilnQgu1fJ2i9ddS1OvRDW23GoD26q6cwdsTSCbUNAD8uuo1bNe3_jQsvbGKsGzBAgJDEcCQc5bq1CErXmYR-6OrpEsfRFQhyte6Uh46O47qNpiF2F2Jb7zfBeD34vKTb56J23xosrnquv0F7JIFmXpMU7YndsDaYgSLuHeMUGvkyU0NJ08JHi4xJs8b684ZRxEEtrGEcTTPA1gY9pLjgMwxCDthOh95B3XCGJe-dBVdPuo8yrmiz-V9QO5U4GA9iVNHMXY9ExLeQiOBCV278FO-u6JQHedRBurQmVzTZwsHUOoAXLGLzaE-5iYFp2Jr04oZF1l6lbQuzd7bSFb5LAIGTZ4TSWtAgzOcg0ZY4M3roX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8953041492648340&output=html&h=90&slotname=9819601503&adk=3430881294&adf=261812977&pi=t.ma~as.9819601503&w=728&psa=0&format=728x90&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643050057049&bpp=2&bdt=2052&idt=461&shv=r20220119&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D67a016e634d44819-228663eb29cd0091%3AT%3D1643050054%3AS%3DALNI_MYqaH1W0ZtEi7CWkAW01QSaJuoWpg&correlator=4710548092043&frm=23&ife=4&pv=1&ga_vid=1472240163.1643050054&ga_sid=1643050058&ga_hid=867758179&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=506&ady=221&biw=1600&bih=1200&isw=728&ish=90&ifk=147522887&scr_x=0&scr_y=0&eid=44753740%2C31064071&oid=2&pvsid=3269941735281418&pem=146&tmod=370750095&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ik0po0lc9eh2&fsb=1&dtd=758
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveMatching.php
live.primis.tech/live/ Frame 20A3 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveMatching.php
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30312D32345F32307D7B7331363237333138347D7B4335377D7B535A47467062486C3262326C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B4C31303934347DFEFE&userIpAddr=84.19.175.184&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C864%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61eef44680d18&debugInfo=16273184_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16273184&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed28c9nkrqiplw&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10944&flowMode=both&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=dailyvoice.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
content-encoding
gzip
server
nginx
age
0
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store
activeview
pagead2.googlesyndication.com/pcs/ Frame 16F6 		42 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuLkWk39Rqu_O2emiaPfKqukUWUZ9r1aC9iQ5-e6lko1F7Y9RdDt5Jxx0wREzKPWliMUoQ86zm8uMV-XOOTiAFbR4dw6R61yRCp9GcWnKrbjZv2m9ddQ&sai=AMfl-YQolU--u-E4ErfgcGGNy7IFWZyjzCnUk1nte2G9fqfQHTVyXkWFjeGUEffTe6Gl3v1LRfFQ8v9pye9rbbKZf1h32EQhqLIFXX495RIRJKIaVpbmsm6DSvGC1Y0&sig=Cg0ArKJSzCmBXQ0nO3BjEAE&cid=CAASPeRohXKtYAyxDLJ5-qn14Tx_hqE5uw7WkQy8uOTuusYoFPkgJ0yVlMMfLnPogUWVtNDLexmHRzLFORdqLXA&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=678&tls=1679&g=100&h=100&tt=1679&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1452319888
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0A00 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsta3Ez-gJ9_WZYOUzW1lIm4B15_ZodNib8AiEQmBmWXIheqdBDloqHMxRjj_IiRcFCLlpmGo6_FgIVl5QESEP9MqspN6kHmrOEoN2UKc4UX6POgNw2c&sig=Cg0ArKJSzDV4UpOZxjZTEAE&id=lidar2&mcvt=1000&p=432,1196,1032,1496&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220119&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1929677364&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643050055028&rpt=3861&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=345438774/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/ Frame 142F 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=345438774/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5960646341f6f6be7d2b19cae6a65b7f88d84645e43bb913cb029cdf3f2d623c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 24 Jan 2022 18:47:39 GMT
content-type
text/html;charset=utf-8
content-length
1292
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.27.44
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)
activeview
pagead2.googlesyndication.com/pcs/ Frame BFFC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_topGBz6LWzsmTLLdToC87Ci0PtQwke03vKSaw54fBJeOvL0RxzbpYXXX1VPLJThJRVJnXXtSfXD6hlI2xHpwfnwqHnDn_89vxLL-N4yoYXmU0JI4&sig=Cg0ArKJSzCCZSFBmb1KFEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220119&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2210575059&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643050055114&rpt=3835&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sium
ih.adscale.de/ Frame D652 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.38.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-38-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Mon, 24 Jan 2022 18:47:39 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
usermatch.gif
beacon.krxd.net/ Frame 142F 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=7b5e473e169153a7619e0ce7c3ab424c
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=345438774/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:40 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1643050060
x-served-by
beacon-n018-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
qmap
sync.crwdcntrl.net/ Frame 142F
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=d94061ee-f447-4000-9c05-557f1997fead
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=d94061ee-f447-4000-9c05-557f1997fead
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=345438774/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Server
52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:40 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.18.154
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Mon, 24 Jan 2022 18:47:40 GMT
Server
MT3 4133 baa842e master cdg-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=d94061ee-f447-4000-9c05-557f1997fead
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 24 Jan 2022 18:47:39 GMT
tpid=db80bd73-be08-4d09-94cf-74a8fe877873
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 142F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=7b5e473e169153a7619e0ce7c3ab424c&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=db80bd73-be08-4d09-94cf-74a8fe877873
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=db80bd73-be08-4d09-94cf-74a8fe877873
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=345438774/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Server
52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:40 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.0.54
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=db80bd73-be08-4d09-94cf-74a8fe877873
date
Mon, 24 Jan 2022 18:47:40 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pixel
cm.g.doubleclick.net/ Frame 142F 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=N2I1ZTQ3M2UxNjkxNTNhNzYxOWUwY2U3YzNhYjQyNGM
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=345438774/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
pixel-sync.sitescout.com/connectors/lotame/ Frame 142F 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=345438774/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
tpid=7745894741315734165
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 142F
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/7b5e473e169153a7619e0ce7c3ab424c/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7745894741315734165
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7745894741315734165
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=345438774/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Server
52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:40 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.31.4
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7745894741315734165
pragma
no-cache
date
Mon, 24 Jan 2022 18:47:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
activeview
pagead2.googlesyndication.com/pcs/ Frame 064F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbIUglahfi9-YIn0AQx3AUJvUCj2KtrBY9rgrMWwIwY-hF5rgNJaRUznD1Zb1OjatCDQleACDnwvEGJtglbUvX45rWg-wZIiC5hT8KEMd9fIa5FZaZ5A&sai=AMfl-YQG0mCZItLwDexIyQATHEVInSq84Nd5PhMQBQZ7TN3-1sB0xlqbIXE4iHlarxVuxZYSYESOQ8XNoS48H8_rQM3oAYKGO1T1Wt2e5-ULXHY-wHZ47RwNiIZIDQ4&sig=Cg0ArKJSzPm7UMQA6ynDEAE&cid=CAASEuRoj-8kUPFxqN6V5ULU6IPp2g&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220119&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3430881294&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643050057809&rpt=1339&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1FD8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 18:44:02 GMT
expires
Tue, 24 Jan 2023 18:44:02 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
218
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 5A11 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3d06577b0d7b88ab9683b3677d1436d31927658d0c75fa09844b01bf3585632b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QRsmdn1/jeDuEcLO27k0OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 24 Jan 2022 18:47:40 GMT
date
Mon, 24 Jan 2022 18:47:40 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-QRsmdn1/jeDuEcLO27k0OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2BFC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 18:44:02 GMT
expires
Tue, 24 Jan 2023 18:44:02 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
218
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B0D1 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
143c4855aed247302a3ae1b65fda486e67efa3b66418b6ccb2c0d2a85d2ab676
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-V3LATd0uft+MC3AadhzMGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 24 Jan 2022 18:47:40 GMT
date
Mon, 24 Jan 2022 18:47:40 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-V3LATd0uft+MC3AadhzMGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0658 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 18:44:02 GMT
expires
Tue, 24 Jan 2023 18:44:02 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
218
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8B03 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
670c73de60001a48f76b9ac4be9cf44f8a43b22f2026a235a84126ef37d59c0f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vvCW4jWP6zLT1FF2lWgzog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 24 Jan 2022 18:47:40 GMT
date
Mon, 24 Jan 2022 18:47:40 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-vvCW4jWP6zLT1FF2lWgzog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9166 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 18:44:02 GMT
expires
Tue, 24 Jan 2023 18:44:02 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
218
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3AED 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1df02c22f8b34177c0d7e805fe3ee48bf1dc394d4e2f05172fc3aa6ac37d1d4b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-n8HMchyOaFEXkLxnlRUlKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 24 Jan 2022 18:47:40 GMT
date
Mon, 24 Jan 2022 18:47:40 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-n8HMchyOaFEXkLxnlRUlKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0479 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 18:44:02 GMT
expires
Tue, 24 Jan 2023 18:44:02 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
218
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C032 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
797febacd5d5fc92dc206cb25153ef066dbbd8e4c112ae1ab79f63704d3f354b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rrIaMay1A3R9mG2T891+8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 24 Jan 2022 18:47:40 GMT
date
Mon, 24 Jan 2022 18:47:40 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-rrIaMay1A3R9mG2T891+8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7E70 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 18:44:02 GMT
expires
Tue, 24 Jan 2023 18:44:02 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
218
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 451A 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/da26078b-d3cf-4550-a9ce-c4de7c009cbc/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6b707c80ceba8c694402994f9f55dc99ef7eea96dfbaa161b3039b6564ad3183
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vIaqIZCbj2QrNN3J27GP8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 24 Jan 2022 18:47:40 GMT
date
Mon, 24 Jan 2022 18:47:40 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-vIaqIZCbj2QrNN3J27GP8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 5A11 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011410&jk=650256725040585&rc=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame B0D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011410&jk=3007220524383775&rc=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 8B03 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220119&jk=3142645142452341&rc=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3AED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220119&jk=3269941735281418&rc=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
pagead2.googlesyndication.com/bg/ Frame 1FD8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 11:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
24905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 11:52:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C032 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220119&jk=4022265781398971&rc=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 451A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011410&jk=2791918878648380&rc=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
pagead2.googlesyndication.com/bg/ Frame 2BFC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 11:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
24905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 11:52:35 GMT
i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
pagead2.googlesyndication.com/bg/ Frame 0658 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 11:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
24905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 11:52:35 GMT
i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
pagead2.googlesyndication.com/bg/ Frame 9166 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 11:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
24905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 11:52:35 GMT
i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
pagead2.googlesyndication.com/bg/ Frame 0479 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 11:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
24905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 11:52:35 GMT
i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
pagead2.googlesyndication.com/bg/ Frame 7E70 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 11:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
24905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 11:52:35 GMT
generate_204
tpc.googlesyndication.com/ Frame 1FD8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nytJwQ
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 2BFC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?mrmB6A
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 9166 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?uRweIQ
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 0658 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ICdpKA
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 0479 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kTPQ_A
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 7E70 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3UsA9w
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4853 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011410&jk=650256725040585&bg=!l5SllNDNAAZ_DxPPfw87ACkAdvg8WtWPZ_9_-NefkaraAfzH9n3hcJ_UJQ4xkZnUDS25BTZj4B8fUQIAAAFBUgAAAAJoAQeZAt4BVo3uC_atn-xENNWeHTaUuisZ6nA-WCmAqNc2xuvxXp96XVFpwib7z1_7zMqkKkKH3RnvvNr0qo2LgNa3mWRh6pWNp4JsKDXU_pK9T5RQ6QYWIJZPo6z-k-y14Ma1mBYhF2Q4h1jk7D1CZ6Qw-XigIoVQjT_-c4QEi6sN5FKOTFhoLwJ32c3ETY26VspOaYULit34VAYSQ1GDLwkBfFDK012bK4KZogkvxRjCZ2KT-Za63-TryHFJ0KyBOTWldJDc_fIkGADVqbo1D4mWO3Kaaxk6RZdM8o37oiiM5bhLXvQnAwLik2I9uW86G-vMUKiQM-qqQ1szVy53XMPw_R_9f1_ZGeCwUkpJXW8JDOwZsFktMAOSB6RaMRUAN2-gI_-43-Y2gLQj1B_eQU9qsm7f5dgDM66fnaW2ITTVJ7IStOtDNqOE-qCmo32HtWdjL6gh_8rYQ7KVy_wGU6KlcM6SPtZJ8mEhS52K3i9eQx4ZS4A9kLc4DpErN_rPIBcFfWOBLmDokeC9X6V_US3LH-rLY9jX3uH2by3Cg8LEhe_iAR_utp5elc7Ypcg8yLc2lDysk9HiL0nRLG10OTSbS6DuWLFRY1E8MmTkDSzmxKWDgHPbZCWZTYg99bxvNUfu-RCjJs_mWrsW54LT4LKEEd4JhdudWyafov3ImPNyslbeqUMBlmJWGKAM2dftLoEiImpijxVpSJB1wD575RSwYjfvCbbpxvdZYYxQfOvYTJYCD8JT4H2EjjX6_VLEeqoEP-dVuid7xG9P1VxjV0GA6V2vP_KIA-UUaz58KzokLEfreWyOOudbKWeRuym6bRu32EaTvFMTaARcOgyQVrHXoiLaTPTdhvzjLSqlDcRuu2_iamL-bXRXtbwBcw1cz2sew-zx_GjYmuupw3sIixBjNentS0j8Su8ogBNlWkohGjzLwY-Wh4SMAWyoXaGVpMQalKa595-XAnRt-g3mb3vTVA
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 792D 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011410&jk=3007220524383775&bg=!WFulWx_NAAZ_DxPPfw87ACkAdvg8WvgIXWxvJtZfFheDzSOrV5lvnXChforaqIPTls5ahK1IzMlxlQIAAAF0UgAAAAJoAQeZAvIo-l8DxG2FDizcN4L7f_qdzBTg_lLDyHd_1frpqubGj60GKCx51NNtZcQBwZ7j9SQE0uONOTZXPuvsSJ_io_UHNNo9P2y6VZknNBMi1xUO-gIBfc-ncn7v_8YiHoDMO4hdtQ8IQxh3QgWeNGHVd1XPFcNrDYa3KuJ6AwYe0GJ90HRGYvIk6qeujJ4QJLa0cnaztvBhPDMCCgKqCro2lUXDmt6MKyFfGOUGNZfZ1pEYYf9_PHM-6EvTGeWEgkIuZxJBDRCsAk8MNKSlPwGbnpAma6vkZjT5sfpI3B09NC3lA-pnxNtj0lF7fn_duOb2HuYvyflNT1k3XukuKoWGa9gpVBqP0HKkYf2bN-zHzIJ7ZqoDZFHEk5lby-NWZLuf1bKx_3_cHfviJVVgcQCBjR-TMc2f456lOXVT8nzu0reJcYbpQf7KE6zYbKc5GSqd0IuajWjnUQP76uFOsr78_ha7DuZVbQYBBdf5XDHBOFzGFx_Y1hHL-zNn9qL-8ax96n1LUm-eAQ9c5HH46fg6L3sD4Y5ZvnMaYGeMez8XLoKl9412se5LR7w3N6fmTLu-rmxRkeXFxoo7DZ9wVNw4_8iJGvatZvIQkXoEGVixBpRiLeuQXzpmVYTH2EEW-wrkudNO1jEqehyxt1x0nKoMz8mF8XJQ73ILSQaG-M9I2Q0Q0GwK_PdRJkGHhcU5kOy6P5fXNiPnZY1cD1jyQCJjlU7yQl9XVizGj782LsRM_gBbvdm09kZkL8r7NnB7T637iQRWPsV0mEc_ziZAwXxYQQnCxSgelCRnn-HE2L3LnEIacKsfAiz7EDdQuW-41pSCkjrs0ekB1NMWcQ62bZ7C7ey5QSccY1ZOV-nsqOvbk8BcnVrD1sBcZJP8W64yOmW9J57_PPkIRiEK0Q6PddThHZNWWhfrQL2DDR8zVkhO9c3qbPAj3zJijfKt1-QLwE3WEf7xB4m_yUCzPlA_Th0shLC4SM-5AHWhvCAWi1wVLHzrKvA6
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C72F 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220119&jk=3269941735281418&bg=!IiGlIWXNAAZ_DxPPfw87ACkAdvg8WmMUWHVZlLx06zzRwXGFfFqBalhNHNzwRC2G7KsSuWlWFgV57AIAAAFpUgAAAAJoAQcKAK4rp9QbsfppnG2r2EvqlySKfpSGj-Ha73Wf9FK1xTh46Z-SwFgrcBpF5MYpe6786m5qYc-HFW_-BXoLLwLy1b4C4gwIOAFTCy24BkGEBR2qeMdX7PMmcxKycOBjsyr9tOxzSFARQhyQP6z-SZDUOMxIidieflHKyKO6rQZt9qefUmGV_u6dvYvjG_3RdsvcP_gi6VbFF_kdonDOqDgJVkwQWNICY65ZLot_9wx00rmZAse1X291W31qKZPh1xDdZD8cLZwcO5hYLbYJwy5hIUWbixgw8OT_t3hsdvQueGXzkHLx_8wYFA0ycZTV7qCx8dzA8qx6vHKDMq2AZ4MukXLepoZmZXHs0b4C9u1XS23NoMw1lsQoycFwOcYaWRTnth1hbseSImDP6P6sA-16hI0AbkrwjOeRVE_i_NvHeUn2V3Fq1j7cip1fzyYkIDytDqRzOgSA_ksyiVybIafBANphapps3TJyQbHVy6Ht8b-t20s1A8t4i785lIjF5sIHfZoOi4gR_7cjscUiLY5cBwR0ieVOnNz_ioVCA0zDVFgNhEgs386wmDRAJQ1jXNKcT26dqgUA03556hMSpUAsDmYTq1VFoQ5ZddSgDCOj92LMUE3Jg8n1erINuoteRGTRyLDN8eDfYET1TMGUkkOqUFDv1SqIwawQ490JbiGJafbLIa6Y_yQ4GZ_T7d4omoIHw54Uj7-eX2aw1oMrXyUb8TaAnhKlehRQGYidl6dc_rHqLG6J7IYpdL78P1cZlqvO48RMasfDomj8NCdsSlCkLKXuZ5l8VmfZyA05eo9BvS2vi4kh-TD5NupuKMtCwC8TeiymnmTQfE6eMojAdwhuLOsRdqs5uP_vgmNW48To36fBGQfrqtcp6iwcsuUXfOW7_RUqMKAD5zKC6Zo57uvT8MuoaUIzYOtH9_lVQflxkxGnRl_4aPCvQjbAU-MYVx8c1A8Mvxxpa1xXop9ZRuayPelm4tmMduIpegakYAXyAtP5qLwdWeuXGgCIKjRHzDR8WwHY0SnD44ZU87B3phNUNw_149eyPmGZDTm_lnG6vz87k9EBbYUNKsE41udesDp_rncbON3f1Iz734iB9Um6Fmjx5RBGAWauelSzljA5C-izPWS8Qdl_R0iloJx2ce9PuDmvLPiw6EEtirRAEDI6M5S5RKacNDzpSaY
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D6C6 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220119&jk=3142645142452341&bg=!tbaltvLNAAZ_DxPPfw87ACkAdvg8WkOz2r3EDISvW0fsxM2CXVdsVZ_yRY0PQP1f2LmXSKejcc2cwgIAAAFcUgAAAAJoAQeZAt02roYEGsHJCj8hYRsoLh8f6Xa26zOlSMDHSaEHkrmBro0JdxSp_hi7Ki-EtT18htUgz4xKtONELa_gSncMI3f2rhVHGP50a0wye__nzkQaoBPZCYZLRW76G_3fRUMWpZGSURzIvzLZoS12G5scg6fmukqi2z_uO_8eDiZkJM107_0Rv7P6TnRJoN9Cbp45zFtQLtejXt9KwqQq9oQqggwH-vqJp0EbxHHdHaTpyAzK1rpBignJhpKiCoLwBnF9Uf75u-awodMB5CMPqHpOZ7hYAimfMoiIpk324iUv_Rs49Mo15fC1WRtEhQ1lwGvK4qMSNaDDyurbsmxF3bb8jll1pHGEVWNf0QF4Iks58u0dZ78TrVqBXPqu2FKwRlCS_SPXuLai2Kh1Cim10yYp-Gb048mZBOT6cZmUEHOwhPTzSlDbTf98daOII1k8Ract7KU3j5gOZbRivcv3iRv-Jjvwb1Sbidavqba1e5CzXm_16QUVvouwnQxAA8KVYOFsoZtbz-FhjH06stEdpR97Jon9E20S2wfonuGCSaao8geg_cyETB55Kt4FoE57vQ2b-mhiraqjzXa9nl_xldQzYWAvDMngwHr9oHx5Ux040LmqIGMgq3bkb8mWDdbbPoROrUJk3XQNHCrLG2YU2N_8kBl9-T1XEg8rF1vk6CqjnWX7U0x8-v5tpcKHgI2VKDRr_d4WKFzXOGW_zelz9JAwsPTX3RFnWTcec362LjV8CO4GPTXlj_21EChpp75MWQGtDQf0OS4aZR-n-B3ibc_ziRpEc5Yo6i064EG9gkQGDEF0otupu5QpSorGCZVMJm1grMTvvpXsGTxDOMGcdtz18Q8pTG6dNVtRwfBdU-nxnCNELOWaw4m2CYWaBaZDfnw_YOj8ThTgCtJujqsi4KY8w3sdDqmcmmfYX5cqheJXeOqdHx-d3TlWhPEr43kG9jeStP5jLj_L6AYeBEipzmAy
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A00 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220119&jk=4022265781398971&bg=!FhWlFVHNAAZ_DxPPfw87ACkAdvg8WkoPZvKp0luWyZt1-LjhrOekumopumRLHSO3EHwk6O7VcLrp9gIAAAFQUgAAAAJoAQcKAC4mD15bfqddocj4jafd9Fasfw5ea8x2b2jmqW0f2OpyesAnHyPxWXGGd82uO3nMmQK_vLDy5RXP8OMaiQWc_VH0r0yFDxhq0CXw4fArn2LuVM7G4jyNdribJAwC5DtZUDmqXsRI4vN1jLtoK2qBlct_jtooK7bzvBSB7Y-chQ5iJAXfwwKu_d5I9CrPpSEpT0gWyzH9XaGf1pBbMXo8FmGIObU650BHzDIw8IRiGY0Asx8Ec_tBaSATm7kk41tV1nYLCy7qMt0ITqX8YZZsLb58KfCdr43I257I0XRYBykateren4SmDeiuVLG-fz1zkhYuYIff3T2tN02RfmkPb9bTB9yQBwMOHq6sm0lEO5SyoaIRegcIf_tXm5CX9TSopp8Pq_UzCESUpcaRF505BNTeQFuuMXPPwSZHmYQ4KQQ4GpNokP-w_k2UL1eKD4_EvExrmFeyckYD2dXhDYxKVbUOgAK4fzPAgXrm2eAj3wKYoZCw9HOYBeLAll91qFYA5z-H9zX8pdZ_Pirqw9Q4ZM6cD61VwkMxriRd1LlzKrVSHVDmu9XjSu8wLAD03B-uiQgL5Yx4ZahEQWYyUxfBBOrPrk076mdSMGfws7sGIkbyHucaOCWlxWLxyvtP1RCO4K8AbP-k0etmSdHkHde5MoWMJYDYi6lNewh6yH043wpTyZMQcEm5JEEHcj9yJrspg99KOkf60HPNJS-ROgqFNo_B9pMk0nvI_ydDQ8yopJDTZhdwfb6EcXCc_Ti0h8lMppFHN2ZE0ZEUTod-Dr62puIwBDVwXDlz4cuHs8tf6xAsKop0ML8QbGmR_jv1QiTKrdX4rnmfUK1ODbLVsS7atevlpmAzzrTJYs63v4OD-4sFo-JioeflONC5f8rRLuiPlcxwTGWTqbG9lMnM7R36Bvwzx967o_0gnLORCbpKw46BzxPKRCD7_wKjnb8-ODZNhY2W9zE0LTDEr8sXxvBe5v-00MVJNUYQtBIw24bRFZj3xA
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DBCC 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011410&jk=2791918878648380&bg=!QEOlQwfNAAZ_DxPPfw87ACkAdvg8Wsx3IQy6YkqHGaEcvjlYul0bCtCA6W6Tbhll4hVWjuzI0rhRCgIAAAFCUgAAAANoAQcKADtfFPH1nhTBiY3WSzAOrTtE9Ip1ymhyZlbdnAmbl8uxCHJRAyUeobMfW8H8g4zFHNzd9xvSHob3uoDwG5kC2BFGDm0_NoCGaqic6Xmr82Dunw8au516ZVbXRYAZrZr6rx8mOfzqJ9doiD0qo6d4JHDT4aCW3hdIbNTEdJ58M1E-KqpBGHlKiAIDHwNiVdz9r-xte48hm42DOq4poDpXsY4hRgLWrLx9uRiQ59g3Ucezqlz9YoToeSemIO-SdtUYR-_eeZQ-uAsu4Fnnmdsto_R7Mn35TRvewjKlFgSIfyIA9P2gumVkZIBoUE6Pl9nU5OhAASoshhdmdQNIdg0m9HaeK4CzZLDUOCSroSenDFi6KNmDnZrUmTVh-WiZ5rk4V9OWYQhn4tBraxeSrd7mYtEB80EucIeB0LROVJQ17lMWQTjXmx5YerGOgVXsoIixh4yCRyfa0eYLy8aTVlznq04eVHEQM3L1n4yF9_jGKKrOMJF80na4ZTy_dFe161yQDCpZrWaklKNLvbL468El6aXTGyaNSx0WwbkpYeLYT8XQ0b_ljdcibN0ZkT8BFw6zU8SDNa1aYbRNF09XIvh-D6aWwEiAkYnOaugyhfzvYK_3ccZXY27Y-oV8WFbOpyFjg6Z1TVJBnIBJh-8q4OHlWRz5DzstIlgNjyzQLBzPMWP2Ir8uyCgVr3eY4bfSU0QTouMM_gqvQjQOYP26jETF4Trxc1B9dsZQwOL0s0SjgK_wR_WRSrTe8a3tEEpxuZjWNu2D0YdWN_gbSlAYFaQtv_xDDSwfpjJximZZLyDLXYabPfMhuw2VzkGCBDxYWlaynsbH3fLl0QtOfpEhOYlzj0Kk3jbz5LDXrk1AfJI6K3vz96c1lJDlpZa7xR0Ov6dssUqPLLpO3t0grNrVHw2ICqSudU681RATrU8tvt3oIoLBeDHcIoLeIh5hsY6dJFUGwLByKGZo17L1QxSEPGY55yVZtVYNZHOWwGrsZDVq7CPmL6QQgZwsQiJjykhgl2SuuEBLk8cLnAtr2FMPeT6ZSuvW3wsZ5ckN
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8B6A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 873F 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBGsMOVWfzW1jutiVRdYMMpMxAxxKP7MZKFATecQ-nnonlQ-QAGuTJUVXPJUj3GVFhJaLeiJHR1gALzP7-Wj128f4D6a0VJWA4PH7I0VbzQ7wyIIAMnCVTfJADVTmfo_HRfSLBlf95IzRsAkL8vgZott-wvOwW8FMhsUvGIrx4T6IyfMDXryyYohF3kZYlVHc8fyI4LJbT96_B0uW2Ae_IvJbK3TaN_raJLg-X_Rvy1Ql3M6OZ6IhxKYDBOahlEBEuBksLYn0z49-g58ildpQkdtG0dOUXeUJkpMdMu6octGWGrUdjtiqaIIDaAW5WjMTIPkn_c1J8fLcvBmJfu-R103BmMfMhL2WXUJLuaZcpXV2XbxKhurvmDFBdPKeHTHv6bV-lquWtnWZ9PurOUivF5BhWwLUu9eD56SMpN-WDbvkvT15UbYL9FGowM8fbiMwHOSwvjFjO-60m-zyvkiFZyKMoJsI5trpodP4hk9kIo1GhDSI0ANwIQE-te3z-fR2sQgET926aVhjSU4DAJGFvvdJsIJ2VkGxJ8f5ku5kOfiERqCnOXCuFtQHsKaWfx96Zp1P77k0ev30aRNYa9RgpW6vMOH3HV2V4OmhLMmCUZ1oidK5Nte-MdblsuiN1UvxsGudcWsZtlZzYyLfCGCNadyV8DFI2pnRethkJHCiS-EDSEqQmQ6_XMExlX5HdylATp6W8QQ4vicb3ZZcehITZ9QDtjQhYyyyHDCa5XEMZZqNx8-STLk-a6KOh-vHYL-TGy8yTZ1ZkM0tlSpXCjvxyMI-Azxr7wFEbJCU3o-63SCoBuil7NCQYVipJQRfBaOjtTsjv1FDiqi-MIFSO3FQh_vHDMgqBT_GpusuPqbREL6aueiww0kgm14g-3xmA6y6kSDgASREnTlUxw9ieuJGFIXGDuf-OwHDEvWPYcZIhPDpRTL2aV4ZC341dvXl27ej-QWqEPn4zL2GA3cJY_1B2MWKWQh6h2yltVlirxn9d24DoWEkk_sUGRBtUlhcydE23_cCpSgA4T1T0UMGSfl1fUnkQoilZF54bVW9Ab31OF-a-HFWcDwHmQBphJclXDOgbRVgVuXubi29KxmiCUZZoShOb_q18es-yePiQSbw5WdabybkbdmDLnY132zmotqTnY9YbXhiN0e3kx7cK3wo61YFXrDkMDr_Mo2ofAJqKuHJnmy2pHUancyrrFJBQ3oj54NzlwTw7AKuPXDtlxsDM_E7LNea1xpz-MhZe&sai=AMfl-YQG36eSuNV6lQg1TGRR87NrJTWZN4J_TtOUljuHpboy-pM3X_UAq2X4cVaVYf69-VieoZ9psJIdNLcfJukDNMssjQEO3Ha3CL95l9e4di4-aNXy1si51jaeSEgD17g4NQh7TXB7ueOoAd-10jjBZS3ZrczQig&sig=Cg0ArKJSzHruuC0A3l0kEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2613&vt=11&dtpt=2375&dett=3&cstd=233&cisv=r20220119.47435&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4B5E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jan 2022 18:47:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 064F 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOJUXJrYhrRSVMkZLihwojyuf79NsReuC-nvom6lMuQEnosZIjJggdjyo97y5oA4DdIye-me2D_A9kAzJtP9qR9di1yVf6AU8MukMVQGbOWzPvOSNezHdq7hEGgSZeqTh3QIVKwhMF8WBl6ElXsF0xYc--FS_hnT-EgzlVAU3GdAnulDavfZ-S1nCBfSQZunao4Mhu8S5iB11hA4RQK6HwI0XcQQdszfrwwzDW3XLN849dZqrRKLJtqk8egGWB7Twu8J_tHfge6kgf0zaDqT1BCHWt_EBmQnGuPTzno15MO81cVZMforidZgbDOKfUT26XDhQlAf1Ecah-Tj5fynTOasylicA5aycTw1fUtFtNU8jl465BcKC7v4Nmo_6CnBwHc71Lpg0O8qUnF45vxpTv31N65sMIsYkuV09IHwIiEFJC4SlgHZy0HezRasEeEOxzErhYrWWXoF5ILgfvop3Eo_BdMnQTD4vaZLrlyftPTEiQAJ2y3MZD3Mv8cn0UmNKSvRi0yuUhqJrld6x93T1EYjDBm1kVdHlmrYjazbeNy3DcsJw7gaWrcS6qjQIJvLGd8ETQKeG7Z6iEgTGJVbXi8MYUtVEF78-c0e3lh1MAkiIPIWmnKLIF3UlL1DGG_tOB8JbyQCa6H-T6JYqaQg5r8ewDeFgcezMXU6u7722UFD6BG1Z2XFtMyVfJSRsYVP8IizD5WcNVoOY4XROatsxEQYoQXHTQPd4L6Vc6Y68e4kyYT2IN0HSBJckKx1ami_wOqSdv_Pg5hiBS3kSGk_xSJt6zRhK0ViCKjGOjmB1_RQh8ZUfVXeIYA2s8v6jysacHNMw6YJminmfDOiLWtZexgHO8LEmq22L2bu0Re9_aOPRYLtqOIrDoSCpkyvKgQk-WlUsxb_6mP0Z085v5uTES36dXRIerGST_7UWY9BTf3M8iXA5-fyXPKrsMKlnjbXJ3S1802zZd-xbKJty7BUVB1VBuzdKXMiOn_XswRBGcjxnihIOAaU_GEolgtOsJTb-xcpUsrmEMwrzdGNsFBznHp84MBsp1_WNib2V4VfK9I17cy2r3K_pql42qjLy1Jef9-9RNaHkiTii9SbVLjy1vp-x1WR1lZmAt04laAuFHMy_l4aLiIKkdEBpgFWsj3c2NCVAKMRdKkSqXmFM3WeSQRsyaOzpDcmmfHTkOjRgpZ6azSptHzyR2jf_EMkCvOK-FbTotdgk0fPQKjtBfIFj4kbgW96OEnuXR&sai=AMfl-YTmA6KdphkhRaJip1rq5OP23JYR6cem2huTbUH9NftE3zE7rsnPDE32ApZvOv0Vziw2SsVx5ordSoC6JUPPmQCq9pVx4VWrcbGwTli1qctBjKSukvNR0KzAOPG17vg9uR8TFLLY0o4foeR78wXGA6s20-QnQw&sig=Cg0ArKJSzHmglayvnbRgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2606&vt=11&dtpt=2377&dett=3&cstd=226&cisv=r20220119.83849&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 8B6A 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5355067994831585280/300x250.html?e=69&leftOffset=0&topOffset=0&c=TasZz345rm&t=1&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:45:24 GMT
x-content-type-options
nosniff
age
137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Jan 2022 19:00:24 GMT
OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 8B6A 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5355067994831585280/300x250.html?e=69&leftOffset=0&topOffset=0&c=TasZz345rm&t=1&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:33:52 GMT
x-content-type-options
nosniff
age
829
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Jan 2022 18:48:52 GMT
60005582_20211209064816761_BG_Look02_300x250.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 8B6A 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211209064816761_BG_Look02_300x250.png
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d73812c5e6468371142d84ccf448c411fb54c6d58e791b850596143f7ca08c8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5355067994831585280/300x250.html?e=69&leftOffset=0&topOffset=0&c=TasZz345rm&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 07:00:30 GMT
x-content-type-options
nosniff
age
42431
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25006
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 14:48:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jan 2022 07:00:30 GMT
60005582_20211209064751035_BG_Look01_300x250.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 8B6A 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211209064751035_BG_Look01_300x250.png
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d73812c5e6468371142d84ccf448c411fb54c6d58e791b850596143f7ca08c8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5355067994831585280/300x250.html?e=69&leftOffset=0&topOffset=0&c=TasZz345rm&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 07:00:30 GMT
x-content-type-options
nosniff
age
42431
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25006
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 14:47:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jan 2022 07:00:30 GMT
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 4B5E 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12685700891219591168/728x90.html?e=69&leftOffset=0&topOffset=0&c=4ve390OZcJ&t=1&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:45:24 GMT
x-content-type-options
nosniff
age
137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Jan 2022 19:00:24 GMT
OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 4B5E 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12685700891219591168/728x90.html?e=69&leftOffset=0&topOffset=0&c=4ve390OZcJ&t=1&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:33:52 GMT
x-content-type-options
nosniff
age
829
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Jan 2022 18:48:52 GMT
60005582_20211209064831537_BG_Look02_728x090.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 4B5E 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211209064831537_BG_Look02_728x090.png
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daedc1f714eb1ee23ef916c5fc881f1acbf1cd85b053bc6751aab55f5059334e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12685700891219591168/728x90.html?e=69&leftOffset=0&topOffset=0&c=4ve390OZcJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 09:08:12 GMT
x-content-type-options
nosniff
age
34769
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14893
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 14:48:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jan 2022 09:08:12 GMT
60005582_20211209064805419_BG_Look01_728x090.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 4B5E 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211209064805419_BG_Look01_728x090.png
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0ba30b19b1d4bdca5c216a69596700dae44b9674a447f6ffe788bea57db9405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12685700891219591168/728x90.html?e=69&leftOffset=0&topOffset=0&c=4ve390OZcJ&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 07:01:46 GMT
x-content-type-options
nosniff
age
42355
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15259
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 14:48:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jan 2022 07:01:46 GMT
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 8B6A 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5355067994831585280/300x250.html?e=69&leftOffset=0&topOffset=0&c=TasZz345rm&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:45:02 GMT
x-content-type-options
nosniff
age
159
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Jan 2022 19:00:02 GMT
i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
pagead2.googlesyndication.com/bg/ Frame 983A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 11:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
24906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 11:52:35 GMT
i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
pagead2.googlesyndication.com/bg/ Frame 7425 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i8bj7ClzAoAUPYLrGgyCP56U_VUeYw5vpVcJR_BKyl0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 11:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
24906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Jan 2023 11:52:35 GMT
user
ads3.admatic.com.tr/ Frame 4559
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admatic&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=ZPSpWjdEDS0mqTPzefuWYNQn&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
188.132.147.236 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-236-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:41 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:41 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
user
ads3.admatic.com.tr/ Frame 4559
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=4557f183-3838-48df-bbf2-f73b9b10a9b1
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=bebc4781-1764-470c-af9a-81651deb1ec0&ssp=admatic&expires=30&user_group=5&bsw_param=4557f183-3838-48df-bbf2-f73b9b10a9b1
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
188.132.147.236 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-236-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:42 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:42 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTY0MmA1MDA1NCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA2OTtkJaN0YT0jJat9NmAjJax9NDp2JaZcZF9jYXNmRG9gYWyhPWRunWk5qz9cY2UhY29gJaN1YxyxPWRunWk5qz9cY2UhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw04NC4kOS4kNmUhMTt0JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwx3LwAhNDY5Mv43MSUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwFyZWY0NDY4MGQkOCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZxqXI9ODAjJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NDMjNTAjNwI3OTxzqWyxPVNyn2yhZG9TUGkurWVlNwFyZWY0NDY5M2EmMSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZxYWyfrXZinWNyLzNioSUlRz5yql15o3JeJTJGYzVxZz9lZCUlRz5yq3MyMxZgZXJlnWkfLWk5ozNbLWZcpzVmLWZunXJznWVfZC1wo3VhqHxgoWFhLWNbYXJaZWQgYWZ0ZXIgp21io3RbnWUgp2uipC10nXJuZGUgpzVjo3J0LXNurXMyMxY4MwQ1MTYyMxYzZzkiYXRTqGF0qXM9qHJ1ZSZynWRmpD1jpzVvnWQ=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:41 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQlJaNypaZypyRcoWU9MTY0MmA1MDA1NCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA2OTtkJaN0YT0jJat9NmAjJax9NDp2JaZcZF9jYXNmRG9gYWyhPWRunWk5qz9cY2UhY29gJaN1YxyxPWRunWk5qz9cY2UhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw04NC4kOS4kNmUhMTt0JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwx3LwAhNDY5Mv43MSUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwFyZWY0NDY4MGQkOCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZxqXI9ODAjJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NDMjNTAjNwMjMmpzqWyxPVNyn2yhZG9TUGkurWVlNwFyZWY0NDY5M2EmMSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZxYWyfrXZinWNyLzNioSUlRz5yql15o3JeJTJGYzVxZz9lZCUlRz5yq3MyMxZgZXJlnWkfLWk5ozNbLWZcpzVmLWZunXJznWVfZC1wo3VhqHxgoWFhLWNbYXJaZWQgYWZ0ZXIgp21io3RbnWUgp2uipC10nXJuZGUgpzVjo3J0LXNurXMyMxY4MwQ1MTYyMxYzZzkiYXRTqGF0qXM9qHJ1ZSZynWRmpD1jpzVvnWQ=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:42 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
/
track.adform.net/serving/unload/ Frame 0990 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6472559499329098849@@52612369,4102925320094096220,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|rq4Eo2JvsFfxBx_RTJEBJyxKr3--Sru-YxRCtdppIG4BylnmhwreJYm3nyX34Xgm0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90009.redintelligence.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:43 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hal90009.redintelligence.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://dailyvoice.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 24 Jan 2022 18:47:45 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://dailyvoice.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
pragma
no-cache
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 20A3 		173 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.173.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-173-189.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c88e2aa47b30bbfffe75bc24816cd4204dd816d57774c4d7b24c7e2766ba8d1c

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:45 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://dailyvoice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
196297
search.spotxchange.com/openrtb/2.3/dados/ Frame 20A3 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/196297?src_sys=prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 24 Jan 2022 18:47:45 GMT
X-SpotX-Timing-Transform
0.000628
X-SpotX-Timing-SpotMarket
0.006910
X-SpotX-Timing-Page-Mux
0.000399
X-SpotX-Timing-Page-Require
0.000516
X-fe
061
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000028
X-SpotX-Timing-Page
0.191163
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000707
Last-Modified
Mon, 24 Jan 2022 18:47:45 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006910
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://dailyvoice.com
X-SpotX-Timing-Page-Misc
0.181958
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000017
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 20A3 		67 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1643050065062&pKey=713451197&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fdailyvoice.com%2F&playerSize=400x225&schain=1.0%2C1!freestar.com%2C864%2C1%2C7b8454f1-e235-4b9d-81e5-3e84b4cbcd61%2C%2C!primis.tech%2C27975%2C1%2C%2C%2C
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 24 Jan 2022 18:47:45 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://dailyvoice.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1643050064979067-353
Expires
Mon, 24 Jan 2022 18:47:45 GMT
v1
prg.smartadserver.com/prebid/ Frame 20A3 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:44 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://dailyvoice.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
translator
hbopenbid.pubmatic.com/ Frame 20A3 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyvoice.com
date
Mon, 24 Jan 2022 18:47:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
primis-d.openx.net/v/1.0/ Frame 20A3 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c18affa5-1d65-4c04-a125-dea22fcd4db8&nocache=1643050065064&gdpr_consent=&gdpr=1&schain=1.0%2C1!freestar.com%2C864%2C1%2C7b8454f1-e235-4b9d-81e5-3e84b4cbcd61%2C%2C!primis.tech%2C27975%2C1%2C%2C%2C&skip=1&auid=540289187&vwd=400&vht=225&aucs=adUnit_12&aumfs=2600
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:45 GMT
via
1.1 google
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://dailyvoice.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 20A3 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=491831&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2240c140870cbe715%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2241ca028d34b7b25%22%2C%22ext%22%3A%7B%22siteID%22%3A%22491831%22%2C%22dfp_ad_unit_code%22%3A%22%2F106981%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22placement%22%3A1%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A2.6%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22864%22%2C%22hp%22%3A1%2C%22rid%22%3A%227b8454f1-e235-4b9d-81e5-3e84b4cbcd61%22%7D%2C%7B%22asi%22%3A%22primis.tech%22%2C%22sid%22%3A%2227975%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
da1ffe514f13fe03ed9b555555034726da5e7a6500ae9b6937f8dc1c918d5f12

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:45 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.184], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://dailyvoice.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Mon, 24 Jan 2022 18:47:45 GMT
openrtb
adx.adform.net/adx/ Frame 20A3 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_8.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:45 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://dailyvoice.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/21151f2e-6fc8-4e5d-881a-18a0f86778a8/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 24 Jan 2022 18:47:45 GMT
content-length
0
vary
Origin
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyvoice.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 24 Jan 2022 18:47:45 GMT
content-length
0
vary
Origin
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame 56DA 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 23 Jan 2022 22:48:42 GMT
expires
Mon, 23 Jan 2023 22:48:42 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
71943
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F736 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2370
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 24 Jan 2022 19:08:15 GMT
integrator.js
adservice.google.com/adsid/ Frame 20A3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dailyvoice.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 56DA 		156 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F15184186%2Ffreestar_primis_adx_video_preroll_desktop&description_url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&env=vp&correlator=369051773069141&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&cust_params=prmsig%3Dspeczp&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=928884576&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=C2BBBEFA-29F2-4D2E-B41B-E6A59EB176E7&nel=1&url=https%3A%2F%2Fdailyvoice.com%2Fnew-york%2Fbedford%2Fnews%2Fmerrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says%2F824516%2F&dt=1643050065421&cookie=ID%3D67a016e634d44819%3AT%3D1643050054%3AS%3DALNI_MYUjAFxaJ7tcRc-VAG1C7JvZZ_IGw&scor=606499826292599&ged=ve4_td10_tt6_pd10_la10000_er758.-1810.911.-1510_vi0.0.1200.1600_vp0_ts5_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTE2JaNypaZypyRcoWU9MTY0MmA1MDA1NCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MCZmqGE9MTYlNmMkODQzrD00MDAzrT0lMwUzqzyxX3Bup3NEo21unW49ZGFcoHy2o2ywZS5wo20zp3VvSWQ9ZGFcoHy2o2ywZS5wo20zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZ1p2VlSXBBZGRlPTt0LwE5LwE3NS4kODQzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGOTphMC40NwxlLwpkJTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MWVyZwQ0NwtjZDE4JzNioaRyoaRGnWkySWQ9MwA0ODt1NvZgZWRcYVBfYXyMnXN0SWQ9MTA0NDEzoWVxnWFMnXN0SWQ9NwImMvZwo250ZW50TWF0Y2uUrXByPSZcp0V4Y2k1ZGVGpz9gT3B0PTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY0MmA1MDA2NTY3MSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MWVyZwQ0NwxmYTMkJaB1YyVloD1bqHRjplUmQSUlRvUlRzRunWk5qz9cY2UhY29gJTJGozV3LXyipzfyMxZvZWRzo3JxJTJGozV3plUlRz1ypaJcoGjgoHyhY2tgZzylZXMgZzFcpzZcZWkxLWNiqW50rS1gYW4gY2uupzqyZC1uZaRypv1moW9iqGucZS1mnG9jLXRcpzFxZS1lZXBipaQgp2F5plUlRwtlNDUkNvUlRvZzoG9uqFN0YXR1pm10paVyJzVcZHNjPXBlZWJcZA==
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.56.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dailyvoice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 18:47:45 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
user
ads3.admatic.com.tr/ Frame 4559
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=a...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
188.132.147.236 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-236-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:46 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:46 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
img
sync.mathtag.com/misc/ Frame 2B06 		43 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by
Host: 0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
URL: https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master cdg-pixel-x24 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:47 GMT
Server
MT3 4133 baa842e master cdg-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:46 GMT
user
ads3.admatic.com.tr/ Frame 4559
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admatic
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6472559499329098849&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
Requested by
Host: dailyvoice.com
URL: https://dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516/
Protocol
H2
Server
188.132.147.236 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-236-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 18:47:47 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 18:47:47 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=4557f183-3838-48df-bbf2-f73b9b10a9b1&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
img
sync.mathtag.com/misc/ Frame 2FBA 		43 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=d94061ee-f447-4000-9c05-557f1997fead&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master cdg-pixel-x25 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.mathtag.com/sync/iframe?mt_uuid=d94061ee-f447-4000-9c05-557f1997fead&no_iframe=1&mt_lim=2&type=1,2&source=bidder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 18:47:47 GMT
Server
MT3 4133 baa842e master cdg-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 24 Jan 2022 18:47:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAJKL07D3ekAAEDLX71mMQ&gdpr=0
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 boolean| FBSDKLoaded object| sites_by_coords number| freestar_share_of_ads string| bucket_storage_key string| current_bucket string| search number| rand_num string| ad_refresh_system object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| freestar string| GoogleAnalyticsObject function| ga object| dataLayer function| fbq function| _fbq object| dv_data function| require object| addthis_share object| addthis_config object| _comscore object| _qevents function| kwa object| se object| fs object| atsScript object| grumi object| googletag object| pbjs function| jQuery function| mobileAndTabletcheck function| load_fb_sdk function| parse_params function| Waypoint object| cmp object| ccpaConfiguration object| node function| __ccpa function| __uspapi object| LI object| __li__evt_bus function| WatchPreference function| SetPreference function| SetStyle function| Preference function| ShareURL function| CreateNotificationPopup function| DisableNotificationSlider function| EnableNotificationSlider function| IsArticleDetailPage boolean| isMobile object| blacklist string| waypointContextKey object| user_location object| google_tag_manager function| udm_ object| ns_p object| COMSCORE object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ats object| ggeac object| google_js_reporting_queue function| pbjsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid function| _typeof2 function| __liSync object| liQ function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| wpJsonpLiverampCcpaCmp function| setImmediate function| clearImmediate object| core object| GlobalSnowplowNamespace function| snowplowKW function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus undefined| google_measure_js_timing object| google_reactive_ads_global_state object| fsdata object| fsprebid object| Snowplow object| __connect object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id string| slotElement boolean| __@@##MUH function| load_script function| Tapad function| fsprebidChunk object| apstag object| audSegDataResp string| kruxScriptId string| kruxIdScriptId string| kruxDataId string| kruxWhitelistSegments object| kruxScript function| checkMatchingSegments function| generateUUID function| getUserId function| getPageId function| getPageLog function| calculateDocumentType function| calculateReferer function| clientWindowHeight function| clientWindowWidth function| getBrowserSize function| firePageLog function| fireDataCall function| Krux function| ic_krux_getuserid string| IC_FS_PAGE_ID string| IC_FS_PAGE_REFERER boolean| apstagLOADED object| ampInaboxIframes object| ampInaboxPendingMessages boolean| creativeVendorLibraryLoaded object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent652 object| PublisherCommonId object| ID5 boolean| sekindoFlowingPlayerOn object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked string| sovrn_beacon_tid object| LJT_Ads object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| freewheelssp_cache object| closure_lm_758416

205 Cookies

Domain/Path Name / Value
dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516 Name: ntvSession
Value: {"id":866167,"placementID":1108768,"lastInteraction":1643050054431,"sessionStart":1643050054431,"sessionEndDate":1643068800000,"experiment":""}
dailyvoice.com/new-york/bedford/news/merrill-lynch-fires-fairfield-county-man-charged-after-smoothie-shop-tirade-report-says/824516 Name: _liChk
Value: 0.715125886397606
i.liadm.com/s Name: _li_ss
Value: MgUIBhC2ETIFCAoQthEyBQh-ELURMgYIiwEQthEyBQgLELYRMgUIDBC2ETIFCHkQtREyCQj_____BxC2EQ
dailyvoice.com/ Name: fsbotchecked
Value: true
.dailyvoice.com/ Name: _ga
Value: GA1.2.1472240163.1643050054
.dailyvoice.com/ Name: _gid
Value: GA1.2.1402017682.1643050054
.dailyvoice.com/ Name: _gat
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1B43206649f7f6f0536f8e51643050053
.dailyvoice.com/ Name: _li_dcdm_c
Value: .dailyvoice.com
.dailyvoice.com/ Name: _lc2_fpi
Value: 6feb88ade73d--01ft6pmc6ptxbhhm71c0xvg3q7
dailyvoice.com/ Name: _lr_geo_location
Value: DE
.dailyvoice.com/ Name: kw.session_ts
Value: 1643050053888
.dailyvoice.com/ Name: kw.pv_session
Value: 1
dailyvoice.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.dailyvoice.com/ Name: _sp_ses.8074
Value: *
.dailyvoice.com/ Name: _sp_id.8074
Value: 7cd438b5-080e-4863-9374-dc039856698a.1643050054.1.1643050054.1643050054.639f00ae-8af9-4ce0-ade9-b145fe351428
dailyvoice.com/ Name: geo-location
Value: {"country":"DE","region":""}
dailyvoice.com/ Name: usprivacy
Value: 1---
dailyvoice.com/ Name: ntv_as_us_privacy
Value: 1---
.rubiconproject.com/ Name: rsid
Value: 1|BtChNFAAr+7XdnWQ2t0CNhncoYRhePLF0nQ3IpbyMw0bpo2XNG6PTqqHZbuL5+nLKRys2mn9YQuneRSLAnarFwv0pGxR1x1SrC96OoGPFnIhzD/9S89fU6s=
.quantserve.com/ Name: mc
Value: 61eef446-1d39f-d04a3-6a929
.dailyvoice.com/ Name: _fbp
Value: fb.1.1643050054145.479505056
.dailyvoice.com/ Name: __qca
Value: P0-524623825-1643050054059
dailyvoice.com/ Name: _fssid
Value: b9c43812-e1d8-460b-b9a7-ccda4e87cd38
dailyvoice.com/ Name: serving_shown
Value: 1
.liadm.com/ Name: lidid
Value: 6745e7ae-17ae-41c9-b8a5-b29aca78b996
.rubiconproject.com/ Name: khaos
Value: KYT1KVKK-6-FUJ0
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB1fJGWA1/Yuc+bASkO6QPb7E03ikE5KqM2Ac5uHgCNHvif+hLMfQkPWt8aZ3xOlAZEiPnBiMlBpvzH4Wm0It/pKXS5yM++9uWA=
.postrelease.com/ Name: opt_out
Value: 1
.investingchannel.com/ Name: ic_uid
Value: 285e03cb-6100-4e4f-b9a8-912be2fa796a
dailyvoice.com/ Name: ccpa-dau
Value: true
.spotxchange.com/ Name: audience
Value: 182e719c-7d46-11ec-8199-1f0541440406
.3lift.com/ Name: tluid
Value: 794714265208637407289
.adnxs.com/ Name: uuid2
Value: 8766712360259569763
.casalemedia.com/ Name: CMID
Value: Ye70RiWLROK0s22WR3QvzgAA
.casalemedia.com/ Name: CMPS
Value: 3195
.krxd.net/ Name: _kuid_
Value: OnwtAraO
.casalemedia.com/ Name: CMPRO
Value: 1108
.doubleclick.net/ Name: IDE
Value: AHWqTUne7rNS9UqZho9MZQq7IdukeOM8A_yCrfL7i77PIXAverHtoIHw7ufVWaC3g-A
.bidswitch.net/ Name: c
Value: 1643050055
.bidswitch.net/ Name: tuuid_lu
Value: 1643050055
ads.us.e-planning.net/ Name: CT
Value: 1
.adsrvr.org/ Name: TDID
Value: 45b3f819-9c1d-422e-b008-efa913aeeeb1
.bidswitch.net/ Name: tuuid
Value: 4557f183-3838-48df-bbf2-f73b9b10a9b1
.creativecdn.com/ Name: u
Value: FRueQIBMNWQuSIDOkLqP
.creativecdn.com/ Name: ts
Value: 1643050055
.e-planning.net/ Name: E
Value: AEE1lNUTvSUIBN-n
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0AE1D294-2B2E-417F-A012-150A310C50E5
.mathtag.com/ Name: uuid
Value: d94061ee-f447-4000-9c05-557f1997fead
.eyeota.net/ Name: SERVERID
Value: 23286~DM
.demdex.net/ Name: demdex
Value: 33954602667591782293093344066085338567
.addthis.com/ Name: na_id
Value: 2022012418473500017905036331
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 61eef4472909227b
.addthis.com/ Name: ouid
Value: 61eef4470001a23269dbd0fc59b846c8ee86a68667e6d126dd4f
.pub.network/ Name: _fsuid
Value: 7fe8b9dc-5fbe-434b-a169-ed4dd045711e
.dpm.demdex.net/ Name: dpm
Value: 33954602667591782293093344066085338567
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxMjC0NDCxNDA3NxPiM9T1qigzN9ZN8wjMLU0CACx6sqMlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxMjC0NDCxNDA3NxPiM9T1qigzN9ZN8wjMLU2S4jU0MzE2MDUwMDU1NTcCAK8Ext80AAAA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adscale.de/ Name: uu
Value: 8bdee77727124e4e90d642231474edb2
.zeotap.com/ Name: zc
Value: e30e4e09-47d8-479c-5f99-c139f5f2a246
.zeotap.com/ Name: zsc
Value: %B0%27%0A%F2%E6%DD%B6F%FE%D6_Z%12%85d%F9%84%1BJ%96%9C%8C%EA%93%EF%AF%29%8A%87%A8%BFI_l%08E7%92%B3%A3%60%E0d+I%FA%7D%DF%EB%06%3C%2F%60%94%CC%FA%C0N%A0%FB%FCH9%18%9Dw%93JC%DA%C6%7B%82k%7D%B99%BD%E2.%11%E8%AE%FCL%F1s%19%F1s+%3E%02gN%F7%0DD%3FE%15pe%5C6%06%FF%E1%D6%0B%15%B7%C2W%C6%21%C2%81%B6%13%F6%B9I%C3e%89u%87PI%F3Jty%0C%D6%2F%EF%8C%DA%60%B1%1B%CBJF%D2iWg%AC%D1%EF+m%BD~%2BA%B6%84%D9%CD%5EV%B9%01
.servenobid.com/ Name: pid_324
Value: 5134455420190490776
.yahoo.com/ Name: A3
Value: d=AQABBEf07mECEOOVj4JFgQ_enUsjjukHp-sFEgEBAQFF8GH4YQAAAAAA_eMAAA&S=AQAAAqmyHISEp89raT81kV8NDdU
.ads3.admatic.com.tr/ Name: ARRAffinity
Value: 5cd954eb54859a62355d68180fae9f1a594237dad0b93ebb7a83a9787ee34388
.lijit.com/ Name: ljt_reader
Value: c13524b18ed67fd5a6e30906
.servenobid.com/ Name: pid_312
Value: 8766712360259569763
.richaudience.com/ Name: avcid-zeo-uid
Value: e30e4e09-47d8-479c-5f99-c139f5f2a246
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.dlx.addthis.com/ Name: na_sc_x
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1643050055837
.tapad.com/ Name: TapAd_DID
Value: db80bd73-be08-4d09-94cf-74a8fe877873
.weborama.fr/ Name: AFFICHE_W
Value: P-BiesQ4XmQ-14
.adfarm1.adition.com/ Name: UserID1
Value: 7056846251936512151
.servenobid.com/ Name: pid_337
Value: y-J3AaqpFE2uEh6nnf2lJpRC.ZDU9cVvB9HhvY2Rw-~A
.gumgum.com/ Name: vst
Value: e_65d4e4a6-1537-4086-9445-1adf888808b4
.servenobid.com/ Name: pid_333
Value: Ye70RiWLROK0s22WR3QvzgAABFQAAAIB
.servenobid.com/ Name: pid_310
Value: c13524b18ed67fd5a6e30906
.ctnsnet.com/ Name: cid_c67bc9d2e0464fac9e1708155619e66d
Value: 1
.lijit.com/ Name: ctag
Value:
.smartadserver.com/ Name: pid
Value: 4355392426661488491
.console.adtarget.com.tr/ Name: a544989
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a502624
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a306708
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a307080
Value: FRueQIBMNWQuSIDOkLqP
.a-mo.net/ Name: amuid2
Value: 6764a67a-1b7c-42d7-9023-5e262667614a
.theadex.com/ Name: axd
Value: 4283960534999405075
.theadex.com/ Name: tis_BAL
Value: BALeAugv
.console.adtarget.com.tr/ Name: vmuid
Value: 2bc553fa1dd5435a
.console.adtarget.com.tr/ Name: a307565
Value: 8bdee77727124e4e90d642231474edb2
.agkn.com/ Name: ab
Value: 0001%3Ap5suHShlYzpM40cyl7SRG%2BFCDrvXS1Ld
.tidaltv.com/ Name: tidal_ttid
Value: 6fc31644-06f7-43ce-b22e-b922eb2a0b75
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 224ad2c2632e050b
.turn.com/ Name: uid
Value: 7745894741315734165
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 7b5e473e169153a7619e0ce7c3ab424c
.fwmrm.net/ Name: _uid
Value: "e5f57_7056846256211501085"
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Ye70SAABBy83WABH
.console.adtarget.com.tr/ Name: a314221
Value: B9qXIiyXBDCVwa7te5xbJm3YKiKpOm4e5OukvW7wpbvE4zxjQ3PKvDicZlsHAWAkt_8NPnk2w06rNjJMUJVq6g
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjAwtzK0MAIA0ShuDgkAAAA="
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003%22%7D
dailyvoice.com/ Name: _lr_sampling_rate
Value: 100
.servenobid.com/ Name: pid_317
Value: 4355392426661488491
.servenobid.com/ Name: pid_321
Value: RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003
.openx.net/ Name: i
Value: bb1faf52-5451-44dc-994f-65815ab1a93b|1643050057
.servenobid.com/ Name: pid_309
Value: e_65d4e4a6-1537-4086-9445-1adf888808b4
.console.adtarget.com.tr/ Name: a307442
Value: AEE1lNUTvSUIBN-n
.360yield.com/ Name: tuuid_lu
Value: 1643050057
.360yield.com/ Name: tuuid
Value: 2f1005de-fdf5-4781-b982-43c87eb73eaf
.creative-serving.com/ Name: c
Value: 1643050057
.creative-serving.com/ Name: tuuid_lu
Value: 1643050057
.creative-serving.com/ Name: tuuid
Value: bebc4781-1764-470c-af9a-81651deb1ec0
.sportradarserving.com/ Name: zuuid
Value: ca12eaa9-f273-4fcf-af43-97cc855ad919
.sportradarserving.com/ Name: c
Value: 1643050057
.sportradarserving.com/ Name: zuuid_lu
Value: 1643050057
.bidr.io/ Name: bito
Value: AAJKL07D3ekAAEDLX71mMQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.scoota.co/ Name: tuuid
Value: 9d16bdb3-df4b-4ce5-8ca6-dc19409f1b4d
.scoota.co/ Name: c
Value: 1643050057
.scoota.co/ Name: tuuid_lu
Value: 1643050057
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.zemanta.com/ Name: zuid
Value: VrBUIL_JmK8zKB5nloeY
.outbrain.com/ Name: obuid
Value: 5a488c8d-8563-4b76-b9e5-bd0ede021ae2
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-66753af1-8f9a-4db8-7946-7c657dba76e3.oU3i8lx8kQrjeXRFxNltFzTMtDDBv%2BTNvo6UXXDDOfw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-66753af1-8f9a-4db8-7946-7c657dba76e3%24ip%2484.19.175.184.ACcrorrYEOSqsmLZ%2BtAde90LjMtluqWbe0UM2dFWwLo
.ipredictive.com/ Name: cu
Value: 19c2eb5f-7d46-11ec-aad8-9f94043e2d80|1643050057503
dailyvoice.com/ Name: _lr_retry_request
Value: true
dailyvoice.com/ Name: _lr_env_src_ats
Value: false
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1643050057
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 3351a81793c0b5d4
.trafficroots.com/ Name: PARTNER_ID_3379
Value: 7f6b392868
.technoratimedia.com/ Name: tads_uid
Value: GDPR
event.clientgear.com/ Name: mkuuid
Value: mkd8c95bad-6abf-456c-853b-382365fa1b84
.amazon-adsystem.com/ Name: ad-id
Value: A4MP0ycwIEPZk-e6FBu_YYU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.mathtag.com/ Name: mt_mop
Value: 9:1643050057
.adform.net/ Name: C
Value: 1
.dailyvoice.com/ Name: __gads
Value: ID=67a016e634d44819:T=1643050054:S=ALNI_MYUjAFxaJ7tcRc-VAG1C7JvZZ_IGw
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 7fbe4ca5-e716-5318-b0bf-0fc2d151fb8b
.betweendigital.com/ Name: ss
Value: 1
.ads4.admatic.com.tr/ Name: ARRAffinity
Value: 6d5f484226af83dfdde56afc72d45dddd2d42137481faa4e016eb129cc21a476
.ibillboard.com/ Name: ibbid
Value: BBID-01-03177640579542809-16507512
.smadex.com/ Name: smxtrack
Value: d17886cc-6113-4c61-b707-33b7efbeab99
.lijit.com/ Name: ljtrtb
Value: eJyrVjIyNzYzNVeygjFqASoHBDc%3D
.betweendigital.com/ Name: ut
Value: Ye70SgABY3ijg2HnSF46uFpRfsqXAAriC2piPg==
.dailyvoice.com/ Name: __li_idex_cache
Value: {}
dailyvoice.com/ Name: pbjs_li_nonid
Value: %7B%7D
.servenobid.com/ Name: pid_327
Value: 6764a67a-1b7c-42d7-9023-5e262667614a
.adform.net/ Name: uid
Value: 6472559499329098849
.dyntrk.com/ Name: dyn_u
Value: 03030001_61eef44a55c11
.owneriq.net/ Name: p2
Value: cc
.owneriq.net/ Name: si
Value: Q6963364581423386183
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmJsYGpgYGphYmy6igXBNzU1NzoljiRvYGQGAAOk32owAAAA
ads.stickyadstv.com/ Name: UID
Value: eff99a1de6427afe5dcea78756b7ff9
.criteo.com/ Name: uid
Value: 4c98bad9-fe45-472f-9533-701b4dae78a3
.adform.net/ Name: TPC
Value: 1643050058607
.smartadserver.com/ Name: csync
Value: 25:d94061ee-f447-4000-9c05-557f1997fead|76:CAESEHnGdYpb5iKkSxjJSiqRqq4|79:4c98bad9-fe45-472f-9533-701b4dae78a3|86:8766712360259569763|92:9KYIKNP7qj5n|116:VrBUIL_JmK8zKB5nloeY|127:AAJKL07D3ekAAEDLX71mMQ|134:OB_OK|135:TAM_OK|137:7f6b392868
.eqads.com/ Name: EQUser
Value: UID=df89f83c-2d3a-438a-bc2f-ab75cafcba0c
beacon.lynx.cognitivlabs.com/ Name: UID
Value: b85e455b-edd0-4a82-836c-b3822ec13f6f
beacon.lynx.cognitivlabs.com/ Name: ss
Value: tFebUAPpWqT3H0Bf7nTDE%2BnNqOhbkke23LQrLS1jCB1xy83jNyWO21ZMiZqK1tqrD95uUhxEFlaLTV1xChQiZg%3D%3D
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%wnvMca!]tbPl1M>e)ZlrFUfJ+tGXxoiZ3g`iJ-x`(AiJC'^CAO'Z1:)*Oyx_*bHP</*bpRz*qF1`*b`%q*2^(6
.outbrain.com/ Name: zmnta
Value: VrBUIL_JmK8zKB5nloeY
.quantserve.com/ Name: d
Value: EHkBFgGjJYEK_fsQz7sQ
.audrte.com/ Name: arcki2
Value: f73ZBw6bgXbSXuzOl1phEr2EQ!20210804!1643050058983
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220124
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
ads.stickyadstv.com/ Name: sessionId
Value: 76361cd916506893d939ef5bb438ad6
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-935c60d0-aa29-4a4a-b0a5-7d2ce8e47555-003%22%2C%22nxtrdr%22%3Afalse%7D
.advertising.com/ Name: APID
Value: UP1ad0b175-7d46-11ec-87f3-021df0b59d2a
.rlcdn.com/ Name: rlas3
Value: jKqKvT8T5rySJ6tHga6Mxkr8rJRas5KmZibpti8Bzww=
.rlcdn.com/ Name: pxrc
Value: CMvou48GEgYI6d0qEAA=
.casalemedia.com/ Name: CMST
Value: Ye70R2Hu9EsA
.analytics.yahoo.com/ Name: IDSYNC
Value: "196n~22ui:187s~22ui"
.yahoo.com/ Name: APID
Value: UP1ad0b175-7d46-11ec-87f3-021df0b59d2a
.yahoo.com/ Name: APIDTS
Value: 1643050059
.adscale.de/ Name: cct
Value: 1643050059549
.w55c.net/ Name: wfivefivec
Value: IlPSOnrm1Nc4np5
.w55c.net/ Name: matchcasale
Value: 5
.casalemedia.com/ Name: CMRUM3
Value: 2861eef44a2760df89f83c-2d3a-438a-bc2f-ab75cafcba0c&8261eef44ba8c0&7b61eef44b05a0&2e61eef44a05a0&4161eef44b05a0&2961eef44b05a0&1f61eef44a05a00&5861eef44a05a0&6961eef44705a0&5161eef4482760lQ5oacULOTqODmk_mlkgaJMLbD-OCWw1kQZ1jGGk&4961eef44a05a0&3961eef44a27605134455420190490776&2d61eef4492760CAESEHH4R-Qv0vwLuu_BKCfzKOk&c361eef44a2760av-1c9118a5-c7cb-4203-96da-b240346a9c05&ce61eef44705a0&6d61eef4482760c67bc9d2e0464fac9e1708155619e66d&0d61eef44b05a0&6f61eef44b05a0&9861eef44927601b75aba9-08a7-4fe8-b3e4-47f88545190f&0361eef4482760d94061ee-f447-4000-9c05-557f1997fead&dd61eef44a2760&da61eef4472760&2761eef4470b40&e661eef4472760&4061eef44b2760no-consent&0461eef44a05a0&f161eef44705a0&2f61eef44b2760IlPSOnrm1Nc4np5
.m6r.eu/ Name: test
Value: true
.m6r.eu/ Name: cct
Value: 1643050059929
.m6r.eu/ Name: id
Value: 5237b11baa219adb71f4761b09da6af6
.ih.adscale.de/ Name: tu
Value: 4#3384227719#48~5237b11baa219adb71f4761b09da6af6~456402~0~0#101~BBID-01-03177640579542809-16507512~456402~0~0#38~CAESEDLy4DIdeT5BYEfKU1lO5ZE~456402~0~0#39~d94061ee-f447-4000-9c05-557f1997fead~456402~0~0#40~4c98bad9-fe45-472f-9533-701b4dae78a3~456402~0~0#42~6472559499329098849~456402~0~0#75~8766712360259569763~456402~0~0#63~Ye70RiWLROK0s22WR3QvzgAA&1108~456402~0~0
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQME8yTTUxN041NLM0NDVONDcztEw1SE41TzZOTDIxMklmAILEd1%2B8%2F%2F7%2F%2F58fxIEAALjhD0k%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIfPfFG0hBAQAgHwKP"
ads.stickyadstv.com/ Name: uid-bp-36033
Value: e5f57_7056846256211501085
ads.stickyadstv.com/ Name: MRM_UID
Value: e5f57_7056846256211501085
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEAXMWghxRM_s3R1ek1xzYN8
.adsrvr.org/ Name: TDCPM
Value: CAESEwoEa3J1eBILCKK7j9CA3a86EAUYASABKAIyCwjY2L6yl92vOhAFOAFaCXN0aWNreWFkc2AC
ads.stickyadstv.com/ Name: uid-bp-892
Value: 45b3f819-9c1d-422e-b008-efa913aeeeb1
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-xW.pcK9E2oO1f7WmU3cntx3PQBgvF8hSEBOG4CeY~A
ads.stickyadstv.com/ Name: uid-bp-951
Value: 8766712360259569763
ads.stickyadstv.com/ Name: uid-bp-529
Value: d94061ee-f447-4000-9c05-557f1997fead
.w55c.net/ Name: matchfreewheel
Value: 5
ads.stickyadstv.com/ Name: uid-bp-23329
Value: IlPSOnrm1Nc4np5
ads.stickyadstv.com/ Name: uid-bp-45
Value: Ye70SAABBy83WABH
ads.stickyadstv.com/ Name: uid-bp-617
Value: 6472559499329098849
ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAJKL07D3ekAAEDLX71mMQ
.erne.co/ Name: u
Value: ZPSpWjdEDS0mqTPzefuWYNQn

17 Console Messages

Source Level URL
Text
network error URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=794714265208637407289
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://idsync.rlcdn.com/398696.gif?partner_uid=1035705701749506153
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tags.bluekai.com/site/87734?id=e30e4e09-47d8-479c-5f99-c139f5f2a246&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e30e4e09-47d8-479c-5f99-c139f5f2a246&reqId=49a2089d-f7c6-42bb-7d76-a444e37bd709&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1434
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
other warning URL: https://cdn.ampproject.org/rtv/022111152338000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/022111152338000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_cver=1&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_push=AYg5qPK_K-CtTVtEzODSNmC59RFp0Ns3P5yU-GNcdknULiyufpefjbuXBztIU4L2g-GWEFFT9QmmPqtCW8ioprjWUoDzrW5KBA
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_push=AYg5qPL9OzDqT221ZuBtF4ofzoTo1qIAkFIibuXqIMrdLEjjR7ZRYpKQKDGeiVL1NB1lfjOqgTpRMnN2qGQRC5XZgTmD0k2VV1ok&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye70RiWLROK0s22WR3QvzgAABFQAAAIB&google_gid=CAESECSprCJlDpLUZzDMBh_UnBs&google_cver=1&google_push=AYg5qPIUic2euU3gFeYFMTfqnCzy7j7oopYID8EGb7hcr2Vyg9AOjZPInacFK5YolwFC8KG-CnaiIMvFmt6u4W2vbtK_jfhB06fp
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAJKL07D3ekAAEDLX71mMQ&gdpr=0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; default-src data: blob: https: gap: gap-iab: 'unsafe-inline' 'unsafe-eval'; form-action https:
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0bfa3a58294f1fde7bedf7ca567530d5.safeframe.googlesyndication.com
54ca66065a33f4bdf10b105b1e102c44.safeframe.googlesyndication.com
a.audrte.com
a.pub.network
a.sportradarserving.com
a.teads.tv
aa.agkn.com
aax-eu.amazon-adsystem.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.adaptv.advertising.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.us.e-planning.net
ads.yahoo.com
ads3.admatic.com.tr
ads4.admatic.com.tr
adscale-emea.adnxs.com
adservice.google.com
adservice.google.de
adservice.google.se
adx.adform.net
ajax.googleapis.com
ap.lijit.com
api.btloader.com
api.floors.dev
api.rlcdn.com
ats.rlcdn.com
b-code.liadm.com
b1sync.zemanta.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon-fra2.rubiconproject.com
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bn01.er.bemail.it
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
c1.adform.net
c2shb.pubgw.yahoo.com
casale-match.dotomi.com
ccpa-wrapper.privacymanager.io
ccpa.privacymanager.io
cdn.admatic.com.tr
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.keywee.co
cdn.krxd.net
ce.lijit.com
check.analytics.rlcdn.com
cm.adform.net
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cm.smadex.com
cms.analytics.yahoo.com
cms.quantserve.com
connect-metrics-collector.s-onetag.com
connect.facebook.net
consumer.krxd.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
csync.loopme.me
d.adroll.com
d.pub.network
d.turn.com
daily-voice-res.cloudinary.com
dailyvoice.com
dau-prod.launch.liveramp.com
demand.trafficroots.com
dggaenaawxe8z.cloudfront.net
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.dlx.addthis.com
e5b1ca0460fdc8de5eaacafc33edcf4c.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
event.clientgear.com
f48e19840c19f686d03efee28777f675.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
g2.gumgum.com
geo.privacymanager.io
get.s-onetag.com
global.ib-ibi.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
green.erne.co
gslbeacon.lijit.com
gu.dyntrk.com
gw.geoedge.be
hal9000.redintelligence.net
hal90009.redintelligence.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.e-planning.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
idx.liadm.com
ih.adscale.de
image6.pubmatic.com
imasdk.googleapis.com
jadserve.postrelease.com
js-sec.indexww.com
js.adscale.de
js.cookieless-data.com
live.primis.tech
loadeu.exelator.com
maps.googleapis.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mwzeom.zeotap.com
nep.advangelists.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-geo.s-onetag.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pba.aws.lijit.com
pghub.io
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.33across.com
pixel.advertising.com
pixel.everesttech.net
pixel.keywee.co
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.s-onetag.com
prg.smartadserver.com
primis-d.openx.net
ps.eyeota.net
public.servenobid.com
px.owneriq.net
pxdrop.lijit.com
r.scoota.co
res.cloudinary.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
rumcdn.geoedge.be
s.ad.smaato.net
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.ntv.io
s0.2mdn.net
s1.adform.net
s7.addthis.com
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync.tidaltv.com
tagan.adlightning.com
tags.bluekai.com
tags.crwdcntrl.net
tags.mathtag.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
u.openx.net
uat5-a.investingchannel.com
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
vap1ams1.lijit.com
video.primis.tech
web.hb.ad.cpe.dotomi.com
ws.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.dlx.addthis.com
z.moatads.com
ads.stickyadstv.com
cm.g.doubleclick.net
hbopenbid.pubmatic.com
sync.adotmob.com
104.102.28.254
104.102.29.148
104.102.30.13
104.111.215.191
104.111.219.144
104.111.233.227
104.111.242.245
104.111.242.53
104.76.200.210
104.89.30.126
104.92.74.8
108.156.255.177
108.157.4.109
124.146.215.50
13.227.219.97
130.211.23.194
138.201.63.149
142.250.184.226
142.250.185.130
142.250.185.166
142.250.185.98
143.204.215.108
143.204.215.113
144.76.104.53
147.75.38.124
151.1.205.165
151.101.130.133
151.101.2.133
151.101.2.49
162.254.186.187
162.55.236.224
169.197.150.7
178.162.133.149
178.250.2.151
18.135.35.213
18.156.0.31
18.156.195.47
18.184.176.155
18.184.249.62
18.193.173.189
18.195.155.181
18.195.244.174
18.196.172.172
18.210.218.247
18.233.233.139
18.234.22.74
18.66.248.43
18.66.248.77
18.66.248.90
184.30.24.121
185.184.8.65
185.29.132.246
185.29.134.248
185.33.220.219
185.33.221.11
185.33.221.13
185.64.189.112
185.86.138.114
185.86.139.103
185.86.139.96
185.94.180.124
185.94.180.125
188.132.147.236
193.0.160.128
193.122.130.38
198.148.27.139
198.47.127.19
2.18.232.7
2.18.234.233
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
205.234.175.175
209.54.176.128
212.82.100.182
213.19.147.45
23.37.38.181
23.37.42.132
23.88.75.187
2600:1901:0:8eee::
2600:1f18:444a:4602:2c20:3113:5c28:1366
2600:1f18:6593:f607:11a7:cf56:2b1f:dc6
2600:1f18:730:b120:5b38:df27:617f:9396
2600:9000:2057:1400:9:dc53:cc00:93a1
2600:9000:2057:7800:8:8845:1500:93a1
2600:9000:2057:ce00:1b:5138:8a40:93a1
2600:9000:21b3:1c00:3:f9b0:4040:93a1
2600:9000:2260:f200:f:4f64:8940:93a1
2600:9000:2315:2200:e:ec66:e40:93a1
2600:9000:2315:d600:4:b37b:9440:93a1
2600:9000:2315:e000:6:44e3:f8c0:93a1
2602:803:c004:200::140
2602:803:c004:200::152
2606:4700:10::ac43:db6
2606:4700:20::681a:346
2606:4700:20::681a:68b
2606:4700:20::681a:8b
2606:4700:3039::6815:c076
2606:4700::6810:5714
2620:116:800d:21:fcb8:22d2:d390:5f1b
2620:1ec:46::45
2a00:1288:80:800::7000
2a00:1450:4001:803::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:813::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2006
2a00:1450:400c:c0c::9b
2a02:fa8:8806:20::2010
2a02:fa8:8806:20::2100
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:600::300
2a04:4e42::393
2a05:d018:24:b002:aede:f4e4:326c:edc4
2a05:d018:d29:3605:6948:8012:aae3:d8b9
2a0c:5c81:5139::2
3.120.83.159
3.125.210.171
3.125.70.222
3.126.16.11
3.133.252.109
3.210.209.200
3.217.216.1
3.95.140.237
34.107.148.139
34.120.133.55
34.194.30.250
34.196.251.150
34.243.100.214
34.248.122.81
34.254.143.3
34.98.64.218
34.98.67.61
35.157.38.3
35.158.0.26
35.167.45.107
35.171.60.144
35.186.193.173
35.186.253.211
35.201.71.192
35.201.81.244
35.227.238.208
35.227.248.159
35.241.45.217
35.244.174.68
35.71.131.137
37.157.2.236
37.157.2.239
37.157.2.247
37.157.6.246
46.105.202.126
46.249.52.248
47.252.78.131
5.178.65.246
5.178.65.253
51.158.29.12
51.178.20.139
51.75.146.160
51.89.9.253
52.16.162.42
52.16.214.41
52.17.105.123
52.214.119.250
52.215.102.174
52.28.92.225
52.30.140.199
52.31.13.93
52.49.5.47
52.5.181.6
52.86.121.102
52.94.222.140
54.174.249.39
54.210.154.62
54.236.81.149
54.36.109.46
54.76.172.32
54.87.192.123
62.149.0.72
62.209.227.211
63.250.56.23
63.250.60.65
63.33.178.28
64.202.112.63
65.9.61.117
65.9.61.80
65.9.62.183
66.155.71.149
66.155.71.25
67.202.105.23
69.169.86.38
69.173.144.165
70.42.32.191
72.251.241.204
72.251.244.140
72.251.249.13
72.251.249.14
72.251.249.9
75.2.13.80
76.223.111.18
79.137.68.187
8.39.36.141
85.114.159.93
87.98.228.78
89.163.159.108
89.187.169.47
92.122.254.129
96.46.183.20
99.86.3.116
99.86.3.74
99.86.3.83
99.86.3.91
00d1a0fdd85c93e4200880e286f39b23606bbbd933f1269943dfbc6ef68541e6
0281664dd2acfdc2e0a81413b2399b5c2118debc2d5c5cb78bbbc003f24f910d
02e0522791708d7ee78f6b51983bfaa8185d44401b513a6f8a4cef262673fad1
034cd31fad97b05dfdf2498f3e3cf0cfc9ff03294fcc90b740a1913ae9e4f1df
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
048675b5bae1d7dada511b7b02c60f3fb7a02e891a3931ab3afe3ab36033ca6f
04e8be4eda338e3130067f326b7d85d633d42da0ef11e4c80110fba169c63e92
04f1a422a3ef8cd2d3374810deb9c22c13bda8e127733ca0e0e4b1e6bee5b1a3
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
053f95942fe3a0a8de6b157941d29cbab8570f1fe21823d88e8b0e70ffc9e9af
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ef2a107f1ac93112d43685d67961d9cc311d0144d64c99caa67d7b58394d3b
082c0f76e5c8255c6792e5b7b88ed9805d6ff554c34fc67a71cbc8726d41c7fe
09dab65f1fb6da84d9fe34d4964bb097fb3e87e7a65af3509c140d0b324d90d5
0ae298f2509111b6eff0a258cb53fafcd63adbacfef38e453f46d7ff50edc24e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0be74972c956ec687acd1dcba5a1b4f641652ce66df21a0a6564328faf6bdf9b
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d33510e158e7f32fce17557bd233f60bb576e491f6a88825f5132315ac92deb
0d963562cad9b1ea21405fd711b619f393e3f3ed0acdf8bda1c6dc97029322d0
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e34387daeac6b996f830c4d294e898e8aa9e0655084ba1fde85c26a81342e0c
0ed257735e717fdac90039c93b9d58f260f53ed5157f7a749f4677634319ff63
102666ec0f0f9a85d101f1196a41fa003d6513dbc29e217dff7c19f3bec6b7c9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12569afdd652f18340e93e34bb43e3705c333777a1b8e5e4f2e47546fae6b7f6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
143c4855aed247302a3ae1b65fda486e67efa3b66418b6ccb2c0d2a85d2ab676
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
149d49fa9c559a6b0def7e9892dc9f07d79ab8ee0a41537b79db13cb74406997
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
14f221202508ef0807061e3ca6c2f8cb0236adfae835bd2ab6c57ce30b235588
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
159d55d9c621050b6cd35ad2924947c786d63012c77066660c7e1cedaa4239fc
16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b
171ec5455c29848892e628ff73f4ef99efc29200608fcc247a87e037129ef211
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
18e7a706767130203f76ae7ff26c20092c0d0ed6a294976825c2522499fb3a35
1b5612d4f3e7cbe78786d1a4ce15a5ac0c90fb5d3dd80dcd85653c8cc2a0ddab
1b618bee5daf4e8a14ef5aefa5c7e80ea96451fcd48884e8a615e4250a9d4ba8
1c0fa8a2e4f9839bafe1e9412603d6fb00c42bc47c9194a5fa7e034364084c6b
1c45d30453a6e1b912d06f041d3d4b4fcaf7c28681e05b2ef078fd0f9668b0c0
1ca76568cd03f07c2f49dc38a17c5ee1b9e76a6d80d9ab9f97b53e561bea8bff
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d360b6b8f3a149c37565fbda52006922bb7c85ce97d66b95707e9ac2c3245b5
1df02c22f8b34177c0d7e805fe3ee48bf1dc394d4e2f05172fc3aa6ac37d1d4b
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
216ebb79c108ef2e3b4e366b7f7f24d6526ae7e72b7230bfb236ca5a844a3c60
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2434f243928a504e6e2a063a52ad9384fea4404138ceb398be0d1ff6fce349e8
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
25d485776d392aa8419cac261fa252195ded130261772e5447397b895344a545
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
280cdbb75a8cb2f070c7963d77702661ac86ec4ecede64b471e678a10cb18591
2830ac99b8ad892b0a427e65db7776edcf563f89af516a3c9a9dd2d613fe4f79
28a2355a76003134cddf94bb30440581d1682e7cf2058be0fea367243d34b102
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2906aa7f44a495b69aba6be117f6118157923203a5983ed20b52a70cdb54730c
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2a30d597b887245f03e9b93c73beb736bb3ea5f96bd26b041540dfffa81246cb
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c6745f8e5d7428106d7eb70e0c4e852d2bf45bf7d5f661673ef701abbfd68e3
2d872ff0d2ad9d34546ccd9e2576ee43ebc6e11342e8f9933b83c4fc1caf7dfa
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f06f5bfcde21bbaf217a13b4f41ed17527fe580b4224570fe7066f4a79be425
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30223ef6d2d645bd208595a59b54d7baa71166a10fc9338aafa6d8562bbfe8b0
326275e8a960b49ff20fe376bc7851eed60751e4bc00979451c381d88ae14c4c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32f03ed1996b687eb43bc4525b472d9af0347c06607243a0ded13392157ed9e7
341de0257c0425486be22cd1b730c6cbf704b86ae4780d6b6d4061d0364fffd1
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3469c6b1ad6c0c97b537b71354bf0a330e40215407afde07db13793a7d1a7071
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36d86cf56116d71d7ffa922793f0dfaf527e1d20fe6bb678f9cd8503267a504e
3737cf9f8496a4f555141da7069ba2bfd5b4c8db95d2f24d724413eaba228a4f
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3a297ae54a59f218f51ff15b708470dd6a25f0ea065541ab6962c1ad1b173232
3b1ed2523bbc2f9a6104ebfa1bc52bb036b8c29c4eba0bfc773bbfd374a07204
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3d06577b0d7b88ab9683b3677d1436d31927658d0c75fa09844b01bf3585632b
3d510e16e6e569e573980fd67a55221795d539fd56688ecaca8d284255e86ee6
3d7b1d44ac767000edd3f6eacd4bef23b1e536d7d3f15a6d7c4969bf804d4e4f
3dcff22576afe55b8b9f2f2b9be42b5fe5b41e2c72b5f61c7441f84c64ed8815
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4027c861bf056eeeaebb88d79858e7b4ce06ad80751f70e8229df26b4c4b53fd
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
4299de902361fbe5021214a37e3478ca3a87d41429ba86dae64a0611be10bb0a
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
439d78d8716a93192ba439c5baa59f63f97ed7f48027dbc861156674dff36777
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45746e9938150a5df1ca2555baabde94a50a05e86f911903923ebbda06d0328d
47cca8baf879070d282bd67a06c822b14d7d844ddd2e0d772fc393fc593fa645
483255e54e25ace47093a662d0d256a5d320a1ab2c5a3f881a352e06832e8410
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbff38497f030fd220c1b338d18b0ff2893bbfb33242a53db30594c126bbc83
4cc8b9da37155252aebed17a23fe8e12ceda380ae1a652e13acef29d4719d290
4cd2687f922c75f61bdc7f25d1d3e38b8f6dbf34f54fe4021fbf2a31f4a8fa88
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
4ee1c48bb2cef23a1a1f47a7e72e28197790382d6301c4f9df95be9a7cd15982
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a0e3f796c26ee9bfafcbdab5de1c908b9d71c6e86faad36eaf2ad3b97b012c
5195609afbc1fca03f3200b50d97a90a8eb0e4652108db990a1aa9a1c9f7a0af
52ae89de9e85bbe5d5cdab996d82ebeb4d7c72260fe443f5c1a62401e7f4e4bd
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
545a7737afbc9bc7effa52aba3fc0e8b7ca4961b3fbe75db9b086aff8f734909
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5529076c7677c36a57b69e178fbc123f05d2df4c5190abf95e297835f2140224
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f2685630c35806582cd87305507f04fcd2875f8c3b1c3a259273a9e6f68c9c
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
58b09f121dec5d5455d3c2689b5941cbf96e2fd0e120457668d9904642295c67
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5960646341f6f6be7d2b19cae6a65b7f88d84645e43bb913cb029cdf3f2d623c
5aac7c411d0a6750ab5658ef82dab4977e2f802f615fa2265febc5df3929dd91
5b48009d1a7e2cd9f9ef91db264448702f403bea4881f09e78fd99a8b1e55247
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c96c1200380cebd1f06bab6766f28e58fa3c86ca2385b860945f7e0ef5c5db7
5daaaad01b359c56d12e335b48c219e6db2c29f3c20f4430545fa4df743920d2
5df945a902604ec4143b0149e5498328e26c8cd81993c8c6405a03ee629566d7
5fb143acb6c2530794155476810cebbd511a5b51399ae7ed92f77e6bf7d2cf55
612c7b01931bfac69a1f356162df1a71fa5140e516506e40483b5d1e6282eccc
615dd827b8cc758ad58f5ebb01905fecab155ce23da98f4754832830ff96e406
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fa877a2eb08848fc18f3934188a0d1d25dfd4fe1ce4465566a40d0a761c391
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
6333d39495e6e3b83223e6ed453ab41917b7350105f70c03e53d5e426a7104e7
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
64f9ef2d93334d89ffcde227c0d6028edb397752937f37f191f65141322f6a43
670c73de60001a48f76b9ac4be9cf44f8a43b22f2026a235a84126ef37d59c0f
670d69d07ddde86002ffaca162ff65caf9f30687ed7da76512cd4da8e489561c
6857c0a267718a1c41dd8fc036b1b68b043c6efea94aa121cddf8b0f4215e1e9
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6f9514a04947565ca6b84a1f07540cfc6263251aa97c1506f6dcbd1ec4e92d
6b707c80ceba8c694402994f9f55dc99ef7eea96dfbaa161b3039b6564ad3183
6c529e436f076bdd932736e1e7c90e229bff81b381de87eb8697f7222c0d841e
6c8f9e5018186e979457e0284b0a52c7a3840f8516c653946aa0c532a217ea8d
6ccff7868187cbeceeb917436f5253e4166cbc710309755f3ef9af48a6f7f0d9
6e7dddcfaf1e2f12641d9e92218c629fc538c69ffaeb67560294410b80f4d5d7
6f111f3099edaf5fe2a03405f547d407d6e9a0fc1fe55e94df90308679e15bab
6fba324acdc914e76c2fcf8de211bc315dca79754b83a66c14ddc7b8e56eb777
71113cae5401c6dd8ca0cd3f809fefe0817a92888884727194df6207ea4e192b
715c92bfb32c51bd83cae45ba58e4970fffcc4f719638859c9e51ff5be4597b3
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
72ac9f97e538634bed3e8dbabbeecdc6fda12e5a62b74b0887cc046a58c13db1
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7383a0e8f344704002797c756d99471f2f51cc4604e05605ed2778cac4ff6662
74f4633cec15bcab11bcff4d8d37bb1616e328468d7e6f51aaee3f36e1c55871
7691c90790c6550f595de4b7425e5f63fe9ac7ba27d35f0d9e81a3ef944e35a9
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
783e94e9ca1a677ce7676bd1f5fd232450198ed478fd8cf61cc5e22808268d5b
797febacd5d5fc92dc206cb25153ef066dbbd8e4c112ae1ab79f63704d3f354b
79c14dd0dce9b3bdf9d009aba5bce0d53b5ae24d2b557e03cc4c4cca811143dd
79f2f9f9d5a6f81f04c92d0eb625c832d0d70f3efc41db1bdc9906f717f340f3
7abc5baec38b9c571ddd5a8760e315c239b90bc2cf0c492f3c562113ea6d8213
7b89f9cb314d6d0cc04c579eb9d81d7d8c345754daa9f41df611b80edcad839a
7b8d5695e597a10a80e83b037006cc2e79b618f60e82b40ed52688b49d007ced
7debeded2ce4396d68b238ac794f72190b46da88f73bc09110809da5ce42113c
7e65aca503c430f8f52e7dca8e3f39f6d401f46bc0a0e1d7df748e1a7d7b63b7
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fb8cdcfbaad3f0e4a263753a3225f8d0f62f5c4bbc0a789606e99bd2ea74a68
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
805df0b51ae7dee7dd6651977d06de22943aae520cd34cedae993580a72e701e
82b52216a0aaa00f8d9b0724b4c6d9a63b503a80ec5c690e8ee3903efcf92a8f
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833b213d8617c9c05a79164da75798ae2a75dae69084072e5b0b3997a96c2625
83fbc6a42565281b05bdebfa658350be29d5a028f960f7fa7e3d93688391fd4a
844d16730113c50876b1ea84b4ba3a56a4c0f115d04b8a25da0d558f1d799b00
84a277c19f5476bf0e06a1e971d1ad535b0570e1a6875a8674c19ce2b626abcc
84bd70f6da705a72a7d500523919032c24c42fe231841f24c54934f4322a7774
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86b3c4b288e5bc08199fcae000013c8326b5f34bd3bd1e6ee1353d212669f7a8
86b832d6b9815ee590e24499d7a40bdef98b5cc4caef5c1bd6a11b61369be071
88bc349ec115285c3c89adb1b097518bc66c09abf2d0b0d05b67ec777644f94f
88e1c87aa59866b55eba6998e6c504a290c416d513789b4fe1ec41b0309759c4
89f70970ad370a059a455ab6629d9f5250651d904deb142e552439cfd9e87372
89f76ae03f66a1bedfc47192fabc3edd22478b0ba026e644efb91fd9f15e8ac4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a728b85fa0266dd77fa39b1d54e70ddbf8df97af43a9526cd642e728293a0bf
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579
8b18eec0228b4cd0118e2fd1b53b3d69b1aba4c5e11fcf5643d67ab9e263e049
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8bc6e3ec29730280143d82eb1a0c823f9e94fd551e630e6fa5570947f04aca5d
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8cf7a2f0cea0aa064b6f4a29423e0a4f25ff2da874f29b44bf381a0009e898a2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e32fc6573e7ec7f058e38f1c8361386af626d6bcb7c1da03012d6cb74ce10a2
8eba88c55c05856fec5e75324fd15924e60a72891048750dc0bec8336b8dfb9f
8f5a17aec821167327706343c62b3a2935f407f62494dcebcbbf9bcff0bdf884
9077945f299e3c85700a9cf2ca08c49af69875115a81be6486692c523dd96ace
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5
961bbe2091344e671fdc5ccfb9d23892141ec5efec6dbff56419a37f2c2fbb1b
96409880e108e121cd844d02e12cfbfc6efee61acaf8a00eff02e45dde269504
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9a27a91735c20cede858792e56fd102b737121e9bcf3f8828a474bd29b04a4b3
9a2b5e32eb839728aa4c27c928a655e96c0b7db4c0e5ad3c8ae308e05539b914
9a7f7771cfb350d8c0557875b7e45ec78cd0827afddabc82cacd3e4f8b1aca3e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c91aff2b4ea9b11d37f561e6a741512edbe7cfe1a9b537f9d9b9d803d7e80ac
9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376
9d6d254d04b4d7ed36b0cc3c11fbc46d4cf376428a1a110bb7e0617a3034ff64
9d8136095fa1dfbdb9c5465f58f704e70ef92f05a49177c027d4a66dfcc777ca
9ee7d9f8e5d3c6dfa344ba2cd352da17acf8f5c6a8065349b094caf6a2a0ccfe
9fc69b0df424d43d28b62ac6904967ed2b0d3e6c04ef66238bacbb562d251169
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c177e16bd4f72ed17c16b45eac82b8a338733375c4b3c2bdbb0c3486205da0
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1081f473105753a8d3a3d06f0606514c348607eefae06f2f55f9347b1763c23
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20ccaf6978bd71c43456b6bc78288abdc57c3b6fa987eecb2e9f59b69d384e1
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c81c90626a7f0f427002be5c3bbd9233dfeeb7441eb8674febaf21f2f69056
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a349c41ab949b2ec3028f59bf28f4ff0098d99546bfe2941fc28e2992a87c279
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6175d081940061cb96a2e8c9c90887b6f603361fe584bb053761581a36cb908
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77e0ff4eb45ac555c20ef0d56213e3417d3f0642f300c88839c3a7609064bc1
a7f280832ae37c5f6049dd75734e4e59a802fd225ffbec70ea5468ff6c741828
a86a432bad49d7b506b4887e3e636f3fa54f1c931bbba5934c12a0bb0eefd7e2
a97c949b91025f6f2c723bbfc1661341be9100bfac33add8864933d1f07b8720
aa92a134dce4454af641fa19c84e0a859bd16038b7d749ac7390917910dbb02a
ab281418008d9a4af09efecb9f6b5c2c2df84b6f5e587416340c8786fcf00631
ab303d1dab9b02c6272f6f1905ffa0053b0cc0b5b8fbf5a5c7e0bc604dadaf35
ab43e071181b69985be18d009ef96cbdd91ebf49700fa2bf6c3cfb88b9022b9d
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abc1f727b9aaf62bf0ee9a51212b74f860b4e543d05de50c9dd4ad9161b132c0
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ace5c7a57a33a8c21d81ff1ab27c6e2fb71d14c98f007bc9e990880063a32b42
af79908a73e251f3cb4f4d45f99cb192f0377d2c2a0f3383aab2900969758f9c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b277171297bfc840b62b9f160060bf8fc630389b0dee3aadcbb0e855ac7ecbc8
b3d9a4029aaf3a514d93a0850c6e5e3408e56500a604ffc2e1550771d25532cc
b47488c0a347cc3602f42d80d5b00fa6cde4f8d4873766007c6ef8214ebd7c90
b59a5b5f1e702264a5e0cda6f998b5e6d56793352561032b2b365a2f12448991
b618224a84acc4ff1b913b24cd085da2b06a436e109a8d813beaab67fb638490
b665ec282934ddbcdeac35ef0629e1da06b03da3c2e78f6eca226b9be6cc5e7a
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
b9459505240d1a718ed0d6e8596702099401ae62a9e8119b24931c4dea4a007a
b9c533818be16cb1f1365acc02a339e1b9ec299ac2607fd0a41ca543d9757612
bbfd30e5fd2bd475d319b5b55ab61469966d1517b703f9bd830a6f3207387c27
bd19376ba416f42cce055b7ceed17fbfc1455af1d172a3d67fea16f0ca83662d
bdb4c005117d952872d082607e8a6f71bd2109437742b113444dcf001137aa74
bdd3aa348169c918141603e6348678ba28f13cf198b9efb700a3ae12966ad4ea
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bfe7dd06e0bf0c3b6539f6a8b10aad78e47d578aa23cf5e501d36738251975da
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
c1e52df26e73aa91fd670f57a4f3d92f4cf3496121f6b124fd0378ff467e6db9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c39fc22b2eec8f6b29c93a6dc10dd654b4b692c3d60dd8b1c7a4791b978dc6c3
c4684b8f00fdd0715b78742569b257119ab7ee61e586a3614047f62dd3d022fe
c4d3bb7501412910640b50392cc9e51316f91509b99cd5fb124d1363546191d2
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c62ac5deea8eff7f42ba627a30a69fe7e1f8466dbb66863f8e8c44b47c0ee237
c88e2aa47b30bbfffe75bc24816cd4204dd816d57774c4d7b24c7e2766ba8d1c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb4d9efe6581c1eaa8e47ef3040565679cafa05bb4dcdc77c5f722534f13a54e
cba6a362646827ae42524a32bb5ec8ad26558f7f445bc3bf89f2dc633a6c3e22
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd2002cdf21b9a1c068b3b6f24ece6d21d00ecdf3b14de9b37372425e8045e90
cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275
ce31d5b4fc6d2c8f1279c4111065f5dbb52a4c665580b0fbaa1fe56cccbe8166
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb8a652505e0ea33c036c7dfcf7c16f1905f27b9f548efb5d3733d4b462c437
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af
d3e8e8d88c917fd57be612b6d862cb3b451ce13a2da4b5d9ef1b905952d4d0b6
d3f263b0cac5e90d6334c9976df1230f104be4af478a842642e2ae65b5b83af5
d577257aee17f276c14925a8ad6bc548c586bfb77941e04cec1b12d3f22179f4
d66c9dfae2d4713302d60bb7efa34585025a2d8ba49d8d0846e9845b90b98dc5
d73812c5e6468371142d84ccf448c411fb54c6d58e791b850596143f7ca08c8e
d8282b7bc93322de54a9c12fdd3ba6a6e4c6b42002cb0793d23da157727b5d45
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9a6cc51fa8f524e3aee0e966195f6e480d398c53279ad0d715980a4479e261f
da1ffe514f13fe03ed9b555555034726da5e7a6500ae9b6937f8dc1c918d5f12
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da5035453125b0f4503e87f5740cc86b2e303b5637b83a772538eae03b5d7d70
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
daedc1f714eb1ee23ef916c5fc881f1acbf1cd85b053bc6751aab55f5059334e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd63cda5f47c82a71fba7f87683696309fdb03e1ce9674903936196fbdf9f753
ddc8f8e58267836547aa862b247b73eb00209cf0835cfb7a1289de0632a182a6
dffc58677d08f09888a9c5369fec7cf723aa552eaf09ff929eff1ba518726114
e07f63e1e0f319988b42292430dc5183adf8e3d9ed17b2ec8a32b2d564d9ab31
e0ba30b19b1d4bdca5c216a69596700dae44b9674a447f6ffe788bea57db9405
e1023fc5b7b2cb762dd4ad14fcf4787fa945fca4a37518cd0d6b411c248dc201
e1344ea2156a6b0b09a4913347837e591318113b94c14b0651aa92a4cd97b62c
e1bd70b95d0e96f0203bfbc85842db3c5d296dfdf430756a7f32c5057750649c
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3a1f5100b5cbf4107962b2d555192b2758ba08ba2338a53c36ab8cc63b817bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f790071fb900cd1064b7f24e165f20a479b7482a502af24b6a9a884bce1f77
e421a015c184f4f39b937dad972c00ca2c6a2f245a99d2bfb82316030801b504
e43093c06c8f9c7b919924e29e95936ea776f462adf4c1a7bb8b8714f3907d21
e58bc10b3948106bc0f0d27a5d4951bc2c96aeab02674bbdb7a1c7a8637842d1
e60ee726a501447378452996ab2396605f8275aecdf2ea5a0b1c74aca18b6b25
e70bbd7295f985d05265a416b064f3e9a852b2d1662ec39f7c3d032ee0c86b6f
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e877b423181eec5220876224daff0a9a5b521976e91a2f6f2a783526e880011f
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
ea6883243d3b8bc4d5890f404e6aacd73e92f75ff9e5d1031ba35d355877dfa5
eadbfa820edd4f6c4325ebc1ce880bef10f1ecbb8a64c68eef9e0b03920c4e2d
ec05e1e672ef8972429bb6d6745a1ac3ce2ff8770839fd725b52c3a83e92663f
ecd1433351d9647552201958903338ac6217699d8e141bcb4d78d4366c7b3725
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
eea17bbcff3ed99bceb977dbcc12b974c92efb9d41638146418bd2a34c63dfed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1d75414c2e9af222ce08c2c760d1780d78874f0ed62ec3bd740831e542446c
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f01fab299ee1d80bc609045b12747430985784847d8346a86d2fb6f911e23ffa
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
f1cf4b797c01e51e3cbdc81cdc65bc53153eef575f765c5650a5459b9e93ffdc
f22422b96d98e94ac3d3243d25ce61ec7e238943f8a1981d6a25ef8f0e2a12a8
f35461db2c17aa2f5e97ded737d1a4003d0ce7445777967353401ae081953b33
f413d5ba96b3d7333f3066cbcdfbc93eb6d1977365f75a4b351e172fa6e0c6d2
f46cc92a45e5d2f9007c9aff6ea24d395c901a5878f441733bb5d08682f4765a
f4bb6021b6843cc2fd676a37fa9d7c25b5eb244dc1245d0f984cf4a24d02f4f7
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f7c8f2079299c76d7aef168d979ac8e915d3a462ee4869a8f7d03f9a9dc9a83b
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fbd7d5de5e7a55ea07ecf232b58b99732dee1f0900e59e4e8374ebab8ad52c43
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fe13729cf3ce297369e5e3c7a943a337dea29003339d9ce57d3bb814be550046
feacee48617c539fb99a9ba3a3676b683c015a2e102762caa970ce44a398e072
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4